Quantcast
Channel: Forum Microsoft Identity Manager
Viewing all 4767 articles
Browse latest View live

FIM 2010 R2 SP1 Software Requirements

0
0

Hi all,

i will deploy FIM 2010 R2 SP1 i want to know if i can install it on one server with the below.

1- Windows Server 2012 R2.

2- SQL 2012 SP1.

3- SharePoint Foundation 2013 with SP1.

also what is the hardware requirements for this setup.

Thanks


Teka


Fetch external data in portal

0
0

Hello

I have been searching for some information about how to fetch data direct in the FIM portal. I will give an example.

When i create a new user in the FIM portal, i would like to only enter a social security number and then click a link/button. this click fetches the entered SSN and connects to a db/webservice/something and fetches data and populates fields in FIM user creation dialog.

is this possible? 

/Tobias

Daily new user report

0
0
Hi, I have an interesting request from one of my customers and off the bat, I'm not quite sure how to address this one. My customer is an education institution and they load new students for various different schools and campuses on a daily basis. Instead of sending 1000 emails n day, they would like one daily report to go out to each school with the new students that were created that day. Any ideas welcome! thx

How to speed up Export-FIMConfig queries?

0
0

I'm trying to write some PoSh scripts to pull information from FIM, and, Holy Toledo Batman!, they are slow! 

In the time it takes to run get results from a command like:

Export-FIMConfig -uri $FIMURI -onlybaseresources -customconfig ("/Group[Owner='$FIMuserObjID']")

I could easily start the web portal, manually log in, and load and peruse through a dozen pages.  All I really want is the group names and the object identifiers.  Why is this so slow? 

In searching for a way to speed this up, I have tried splitting it into simultaneous background jobs adding:

/Group[(starts-with(DisplayName,'$($letter)'))]

to the config and cycling through the alphabet, but because PoSh jobs each have to load the FIMAutomation snapin, it doesn't speed things up much and uses a lot of resources. 

I'm trying to wrap my head around using runspaces to do the same thing, but I'm not really certain it's any better.  All the examples and scripts "out there" involve distributing the load across multiple computers, not multi-threading on the same computer.  I realize there are "concerns" related to garbage collection and locking, but I'm not interested in using it for changing anything.  I just want to have a reasonable query response time.  I have some code that runs without error, but I'm not getting any results (as far as I can tell). 

Can someone tell me if runspaces are likely to help here (or not) and, if you are really kind, offer some assistance in getting it working?

Thanks.

Users Not Appearing In FIM Portal

0
0

Hello,

Looking for ideas here.  I have a simple HR, Portal, AD setup.  The HR and AD synchronization rules are defined in the portal.

I have no trouble loading the HR data into the HR CS and subsequent sync in the metaverse.  I have no trouble exporting the accounts to AD. 

My issue surrounds getting the users into the portal.  Here's the scenario:

Full Sync indicates 190 Provisioning adds (190 users)

Subsequent Full Export Adds 190, each of them in an "Awaiting Export Conformation" status.

A subsequent full import (an attempt to confirm the export) indicates 190 deletes (the same ones I'm trying to add).

So, I'm missing something here.  The Domain, Object SId and Account Name attributes, among others are being flowed.

Any ideas?

Thanks in advance,

Greg

ADMA Not Being Recognized by FIM?

0
0

Hello,

I'm not sure of the best way to explain this, but here goes.  Simple HR, FIM Portal, AD system.  The HR and AD MA sync rules are defined in the portal.  The AD rules are MPR based.

I have data flow from HR, into the metaverse and back out to the portal.  All that looks good.  But, the ADMA doesn't even appear to be recognized by FIM.  The syncs generate no export flow for the ADMA.  The ADMA discovery import works, so it doesn't appear as if it's an authentication issue.  If I run an AD full sync or full export, the only objects that show up even identified are those associated the the OUs identified during the discovery import.

Now, I will say that I don't think Kerberos in properly configured on this environment.  I'm working on that.  But, I wouldn't think Kerberos would prevent object from flowing from the metaverse into the ADMA connector space.  I have a sneaking suspicion this is and MPR/Workflow/Set issue.  But, everything related to those looks fine.

Looking for ideas.

Thanks in advance,

Greg

FIM 2010 R2 supports "Enforce Password Policy" on 2012 AD domain controller

0
0

Hi,

Our client has migrated to AD 2012.Need to check if the "Enforce Password Policy" restriction is applicable on 2012 AD.

As per the kb article "https://support.microsoft.com/kb/2443871?wa=wsignin1.0" , the password policy is applicable on AD 2008 and 2008 R2.

Please provide any suggestions


shakti

FIM 2010 R2 & Active Directory Update from 2003 to 2012

0
0

Hello,

We are about to upgrade existing Active Directory infrastructure from 2003 to 2012. Considering Domain name will remain as it is but IP for DC and Hostname will be changed. FIM Version currently being implemented is FIM 2010 R2 4.1.3419.0.

Require help in finding the feasibility & possibility as per the up-gradation activity. URLs for help are also welcomed. Appreciating in advance in case anyone can help with the steps to be performed.


Regards,
Manuj Khurana


Create SQL delta for FIM 2010

0
0

I am currently running an environment which sync data between SQL and FIM 2010.

Till now i was running full import on SQL but now I need to import only changes from SQL.

Can you please guide me on how this can be achieved ? I tried some articles regarding snapshots etc but could not really implement those well.


AdiKumar

BHOLD:Error on Creating Campaigns and Changing Notification Emails

0
0

Hi,

While creating Campaigns and Changing the notification emails i am getting a popup box with message"error on saving settings".

I have tried every possibility but still getting the same error box.This error is not also being generated in Event Viewer.

Has anyone faced such error.If Yes Please let me know the reasons .Its urgent .


shakti

BHOLD core reinstallation failed

0
0

Hi ,

Due to some problems , i had to unistall the bhold core and attestation modules.

But reinstalling the BHOLD core is failing now.after careful consideration , i checked certain bhold registry entries are leftover and not removed.

I tried deleting and renaming them but failed in doing so as it is not allowing me to rename the registry entries.Have checked for all the permissions.MY user account is local admin on the server with Full control permissions on the bhold key.

Regards


shakti

Role management - Applications

0
0

I am not sure this forum is the best place to post this question. We are looking for a role management application. We have FIM 2010 R2 as our idm. Senior mgmt team is more leaning towards Grouper.

FIM, Bhold or Grouper - What's your opinion? Which is the best?

Is there any other role management application?

Thanks!

in FIM 2010 r2 already passowrd register users are getting error

0
0
<p></p><p></p><p></p><p>---------------------------<br />FIM Password Reset<br />---------------------------<br />You are not authorized to reset your password using self service password reset. You may need to register in order to complete self-service password reset. Please contact your system administrator.<br />---------------------------<br />OK&nbsp;&nbsp; <br />---------------------------</p>

-Thanks Rakesh Sawant

PCNS support for Windows Server 2012 R2

0
0

I'm configuring PCNS for a multiple connected AD's.

PCNS is working fine on all AD's, but one.
The failing AD has Windows 2012R2 DC's.

I cannot find an official Microsoft statement on the support for Windows 2012R2.
The PCNS release notes don't mention Windows 2012R2 as supported.

If tested the following:
- connection to DC's are ok
- Required ports are available
- DNS Service Records lookup is ok
- TargetAD permissions for FIM AD MA Service account are ok.

It keeps throwing Kerberos errors:

BAIL: MMS(3124): D:\bt\37281\private\source\MIIS\ma\shared\inc\MAUtils.h(114): 0x80070002 (The system cannot find the file specified.)

ERR_: MMS(3124): d:\bt\37281\private\source\miis\ma\ad\admaexport.cpp(4202): The Kerberos change operation failed: 0xc000005e

ERR_: MMS(3124): d:\bt\37281\private\source\miis\server\server\ma.cpp(8509): ExportPasswordSet failed with 0x80004005

Thanks in advance.


Any questions, just ask!

How to change the Fim portal application pool account?

0
0

Hi

I noticed that our fim portal application pool is being run with the network service account. Is it possible to change it to a domain account just by registering the spn and restarting the services or do I have to run the installation program again? If it has to be done what steps do I have to take to ensure that all my settings in the portal stay the same? Thank you for your answers.

Sakari


FIM - Forcing fields to update for empty fields

0
0

Hi All,

Please can someone help point me in the right direction and let me know if a custom field [in my case Printer code] is not filled in to force those users to update that field?

If it is possible, can someone paste a link, have tried a bing and TechNet but cant seem to find anything.

NFR FIM Download

0
0

Just wondering where consultants get FIM for use in demo environments? Is there a partner portal FIM download available, if so what are the requirements to get this?

My hope is to create a lab which I can use snapshots of in the long term for demoing and testing without the 180 day evaluation cap.

Cheers

Upload Profile picture in Self Service portal

0
0

We have forefront identity manager 2010 R2 and self service portal is configured. Users can update some basic information which needs approval.

We want to allow users to update their profile picture in AD using self service portal, Is it possible? How it can be done?


Regards, Muhammad Usman Azmat

Dynamic group membership detection

0
0
Does anybody know if it is possible to trigger a Workflow action if there is a change in a group’s membership list in case of a dynamic groups. What I need to achieve is to execute PS WF if a user is becoming a member of some groups based on the dynamic criteria of the given group.

Regards, Remi www.iamblogg.com

ambiguous import from multiple connectors

0
0

hello, 

i have the error ambiguous import from multiple connectors  "Import flow was rejected because the destination metaverse object had multiple connectors from the source management agent." when i run a delta synchronization for my active directory management agent 

but the weird thing is when i in the metaverse search and un run a full preview there is no error !!

is anyone can help to resolve this ? 

thanks 



Viewing all 4767 articles
Browse latest View live




Latest Images