Hi,
While running FIM CM MA, I am getting this error, event id 8041 followed by 6801 and 6803.
I am suspecting this because of recently upgraded FIM CA 2010 server to latest version 4.0.3684.2.
Please suggest. Thanks.
Hi,
While running FIM CM MA, I am getting this error, event id 8041 followed by 6801 and 6803.
I am suspecting this because of recently upgraded FIM CA 2010 server to latest version 4.0.3684.2.
Please suggest. Thanks.
Ok, so as the topic says...
not on R2 here..
Object type Organization from HR with sync. rule to MV, from MV with flow-rule to FIM, in FIM, organizations become set members and trigger provisioning as Groups in AD. So far so good. Now i need the groups to go back in to FIM for me to be able to manage members.
I've create a sync. rule with a scope like "dn ends-with OU=%where groups are provisioned,DC=domain,DC=com", the Sync. rule has' "Create in FIM" and the Sync rule is part of the WF that add's the organizations to the provisioning sync. Also tried creating a separate WF and put that in same MPR that link's the WF to the set. no luck :/
Why is my group importing sync. rule not applying to the newly create AD groups? Other AD group sync. rules work fine this way.
I guess a WA would be to add the member attribute to the Organization objects in FIM and then flow membership to AD when i provision the gorups.
/Frederik Leed
I want to install a trial version of FIM. The download trial link in the website takes me to Virtual Lab. I want to download the trial version and play around in my Sandbox.
Thanks
Gopi
I have deployed FIM 2010 R2 with Self service password reset feature. It is working currently users can register and reset their password. I have following questions
1- If a user has not registered for SSPR , can he still be able to reset the password using reset portal?
2- Is it mandatory to register for SSPR for resetting the password?
3- Can there be a mechanism wherein help desk users log in to the portal and reset the account for a user and send the password through email to users manager?
4- Basically we do not want users to call help desk and helpdesk reset the password in AD. Help desk must use fim portal.
for resetting the password
AdiKumar
I am working on a FIM implementation at a large Healthcare Organisation. As part of our implementation, we use the FIM Portal to manage Security Groups that in turn provide access to downstream systems.
In order that the SG Owners could search for users to add to the SG's, I had to create an MPR that allowed all Security Group Users to Read Resource, Add or Remove a value to a multivalued attribute, Modify a single-valued attribute and Grant Permissions to a Target Resource of All People.
As far as I can see, there are no obvious instructions to do this on TechNet, following the instructions linked (http://social.technet.microsoft.com/Forums/en-US/4efaeac9-af3c-4694-9a6e-e2644892a80d/allowing-a-user-to-see-security-groups-they-own) did not allow the SG users to see other users via the Portal. Scouring around the various FIM/IDM blogs similarly didn't give any steer as to creating this new MPR.
My question is - have I ended up using a sledgehammer to crack a nut - and is there a less 'all encompassing' option I could have utilised?
This controls the membership of my groups. With this xPath, the members are the Groups.
/Group[PARENT_ORGANISATIONS_ID = '750547d8-8147-4c74-85b1-c1ec2bded963']
I also need the membership of my group to contain users.
/Person[Description= 'Constant']
So what i need, is the entire xPath where both groups and users are contained.
This is not correct, but this is what i wan't to do.
[(/Group[PARENT_ORGANISATIONS_ID = '750547d8-8147-4c74-85b1-c1ec2bded963']) or (/Person[Description= 'Constant'])]
any pointers`?
/Frederik Leed
Hi There,
I am Veerappa here I working on FIM 2010 R2 Deployment (Migrating ILM 2007 MIIS to FIM 2010 R2),
In my scenario is we have SQL database that has User objects Table\view row with some attributes ex.peopleID,Pleoplekey, enterprise ID,etc.
I have created SQL Database, FIMMA and Active Directory Management agents in FIM Synchronization service to synchronize users to Active Directory.
Now my question how to export SQL database objects to FIM Metaverse - Active Directory from FIM Portal without using provision code, I need to get done with declarative provisioning.
How to create Inbound sync Rule, Outbound rule, set, MPR & workflows to provision SQL objects users to Active Directory.
And when to do Full import, Full sync, delta import & export in the Management agents.
If any one could help this I will glad to them.
Thanks & Regards
Veerappa
And also am getting lots of orphaned EREs whenever I delete the objects & Synchronization rules from FIM Portal so how to delete them permanently those should not come in future.
why they were created in the first place and how to avoid them in the future.
I am running fimmA export and it is throwing a huge bunch of this error in sql logs. Can someone help with this error log please? What is RavenMA?
mmsmafim: System.InvalidOperationException: The requested operation is not valid for the current state of the management agent, which is ready
at MIIS.ManagementAgent.State.Export.ExportState.AcknowledgeExport(Guid sessionIdentifier, String acknowledgedMessageIdentifier, SynchronizationRequestAcknowledgementType acknowledgement)
at MIIS.ManagementAgent.State.Export.ExportStateMachine.AcknowledgeExport(Guid sessionIdentifier, String acknowledgedMessageIdentifier, SynchronizationRequestAcknowledgementType acknowledgement)
at MIIS.ManagementAgent.RavenMA.AcknowledgeExport(Guid exportSessionIdentifier, String acknowledgedMessageIdentifier, SynchronizationRequestAcknowledgementType acknowledgement)
We plan to make backup restore design of FIM for galsync.
If we take SQLDB backup, and restore that, I think it need full import and full sync of all GALMA.
So, I wondered it might be faster to create Fimsynchronizationservice database which include no data ,and full import and full sync of all GALMA .
Is there any best practice ?
1
When start synching of one GALMA,
Initialize() function is called every time at first once ?
2
If #1 is yes, is it possible to define variable , save data to that varible from file by writing VB code, and keep that data until sync end ?
Hi.
Has anyone tried to migrate the DirSync Azure MA to a normal FIM 2010 R2 implementation?
/Søren
We have a potential client that wants us to host a SharePoint site at a co-location. They have AD at their home office. They want SSO for this SP site and to be able to manage password resets and other account stuff themselves. I'm just learning about both ADFS and FIM.
My initial idea was to setup a new domain and ADFS at the colo site, then a FIM server as well, and integrate FIM with ADFS. Is that possible?
OR can we put a domain controller up at the colo site and join it to -their- domain via VPN tunnel, then set up just a FIM server and they have SSO and account control that way?
Any help is greatly appreciated..
Hi,
I have sql MA which brings two object types from sql view 1. Org and 2. User. I had to combine them to keep them in same CS to generate references. User has a reference multivalued atrribute called "AdministratorForOrganization" which points to org objects if a particulare user administor them.
This out of the box sql MA is taking too long. We have good sql DBA team and two views defined in database is tuned to get better results.
When I run "Full Import" Sql MA is picking each record from parent view(definition: OrgIDEmailID,ObjectType,OrgName,FirstNme,LastName) ignoring object type and querying child view(definition: OrgIDEmailID,AttributeID and AttributeValue).
Here WHY FIM is querying child view for org object type. In my Sql MA configuration I did not have mapping for "AdministratorForOrganization" for organization object type. I have "AdministratorForOrganization" attribute mapping for user type so it make sense.
Any ideas? Has anybody encoutered same/similar issue? I have FIM2010. Is FIM2010 R2 has any improvement around this area( mean batch reading instead of one record at a time)?
Thanks in advance for looking at it.
Thanks,
Bhavesh
Hi,
How can I allow a manager to be able to edit / update only certain attributes in the FIM portal for people reporting to the manager? The manager should not be able to edit or update attributes for people not reporting to him or her.
All people in the portal have the manager attribute populated. I know that it should be done with a MPR. but the questions is How.
Thanks
Johan Marais
JkM6228
The results for June's TechNet Guru competition have been posted!
http://blogs.technet.com/b/wikininjas/archive/2013/07/10/technet-guru-awards-june-2013.aspx
Congratulations to all our new Gurus for June. We will be interviewing and highlighting their achievements, as the month unfolds.
If you think you have a useful fact, snippet, or detailed solution that is as good or better than the examples you see for June, please share it with us on TechNet Wiki.
Post your JULY contributions here:
Below is a copy of the June winners. The last column being a few of the comments from the judges.
BizTalk Technical Guru - June 2013 |
| Ron Phillips | BizTalk: Monitoring and Automatically Starting Host Instances Via A Scheduled Task | Mandi Ohlinger: "This is a very helpful script that users can implement now. " Peter Laker: "Excellent article, loads of detail and nice format." Ed Price: "Great introduction! I love how this incrementally takes you through the process." |
| Abhijit Mahato | Implementation of Routing slip pattern using ESB Toolkit 2.1 and BizTalk Server | Mandi Ohlinger: "Great example of use ESB! The screen shots are a nice addition." Ed Price: "Great formatting with the different sections! The images help visually explain everything." Peter Laker: "Nice tip with lots of detail" |
| Mohit Gupta | Complex FlatFile Conversion using Biztalk schema and Map | Peter Laker: "Details, code and images make this a great article" Ed Price: "The code blocks are very helpful!" Mandi Ohlinger: "Great FlatFile example. We need more of these." |
SharePoint 2010 Technical Guru - June 2013 |
| Matthew Yarlett | Uploading (and Resizing) Images to a SharePoint Picture Library via a Webpart | Margriet Bruggeman: "Handy to have this code!" Peter Laker: "Nice article. Who's the mugshot of?" Ed Price: "It's very clear! It's great how you take us through this, with the code and image for clarity." Tom Van Gaever: "Please do not set AllowUnsafeUpdate to true http://hristopavlov.wordpress.com/2008/05/16/what-you-need-to-know-about-allowunsafeupdates/" |
| Sunny Dasgupta | SEO Friendly SharePoint Sites/Pages | Margriet Bruggeman: "Good to know!" TVG: "SharePoint 2013 PG has invested a lot in making SharePoint a better WCM solution. I would create a series that lists all the improvements for public facing websites (image rendition, device channels,...)" Peter Laker: "Top tip" Ed Price: "Short and sweet! Good use of images!" |
| Sunny Dasgupta | New! SharePoint 2013: Branding Solutions as an App! Showcase your solutions now! | TVG: "I like the showcase idea" Ed Price: "This is an important business lesson! It would be great to follow this up with technical "how to" examples, with all the details." |
Small Basic Technical Guru - June 2013 |
| Nonki Takahashi | Small Basic: How to Make a Turtle Maze Game | RZ: "This is very cool. Nice layout, screenshots, and details instructions." Ed Price: "I love this article! It's fun, and it takes you through the whole process in a fun and clear way, complete with great formatting, images, and code. Great job!" |
| Jibba Jabba | a Development Map for Becoming a Good Programmer using Small Basic and MSDN | RZ "Very useful information. Content is nicely structured." Ed Price: "This is an incredibly valuable resource!" |
| Nonki Takahashi | Small Basic: Did You Know? | RZ: "Very useful information. Especially concerning known issues." Ed Price: "Chances are that you didn't know that... which makes this article very valuable!" |
SQL Server Analysis Services Technical Guru - June 2013 |
| Yogish Bhat | Aggregations in SSAS | Peter Laker: "Excellent subject. Excellent detail. Nice formatting." Ed Price: "Great explanations, clearly written, and good job breaking up the sections so that it's easy to read and to use the TOC." |
| Yogish Bhat | MOD Function in MDX | Peter Laker: "Useful tip. Thanks!" Ed Price: "Great solution!" |
SQL Server Reporting Services/Power View Technical Guru - June 2013 |
| Tim Pacl | Sorting Elements of a Concatenated String | Peter Laker: "An excellent article with some useful tips" Ed Price: "This is a great article! You have a lot of code samples and a clear overview." |
| Tim Pacl | Adding Links in SSRS Reports | Peter Laker: "Images really help to explain the procedure" Ed Price: "The images help make the steps very clear!" |
| Tim Pacl | Concatenating Data Column Values Into a Single String | Peter Laker: "Useful tip, common problem" Ed Price: "Good formatting on the code in this article." |
Transact-SQL Technical Guru - June 2013 |
| Naomi N | How SQL Server Determines Type of the Constant | Richard Mueller: "A good recommendation to explicitly CAST values, with an example of possible consequences if you don't." |
| Naomi N | SET ANSI_PADDING Setting and Its Importance | Samuel Lester: "Outstanding contribution! I love the process of walking us through the debugging you performed. People who read this article gain an understanding of not only the SET ANSI_PADDING setting, but also how
you arrived at discovering this as well as the technical resources available to ask in the MSDN forums. Very, very good!" Ed Price: "Very in depth article with great code formatting!" Richard Mueller: "This explains an issue I was not aware of. Well researched. Good to include a script to correct the situation." |
| Johnny Bell Jnr | SQL Server Result Set In An HTML Email | Richard Mueller: "Very instructive. I like this because similar techniques can be used for other applications." Samuel Lester: "Great article and very handy for sure. I'm a big fan of code generation through T-SQL as you're doing with the @HTML parameter. I use similar tricks often to generate code for other programming languages. Very good!" Ed Price: "The text does a great job setting up the code blocks!" |
Visual Basic Technical Guru - June 2013 |
| Reed Kimble | How to Communicate with a Microcontroller or Other Serial Device in VB.Net | Richard Mueller: "A well written article with great information and a detailed code example. The explanation should allow someone to adapt this for many applications." MR: "Well written and very descriptive." Anthony D. Green: "This article has the most interesting topic but I wish it had a more concrete example like making a robot dance or something. Serial port communication is a common forum question as the writer points out - I'd be great if the user had something in the sample to run against/debug. Another suggestion I'd make is that the author break up the very long code sample into discrete steps with the paragraph describing the code following the code immediately. Right now a reader is confronted with a wall of text and has to try to grok it all at once before proceeding to the prose or scan back and forth to get it." SB: "I like the article - I've seen many issues in the past with serial communication and its always a bit of a vague topic so any article is a positive in my opinion. It would be nice to link this to Micro-framework which added VB support and is another way of working with microcontrollers. Article is well written with good clean examples." Ed Price: "Incredibly in depth with beautifully formatted code!" |
| Paul Ishak | Bitmap.Lockbits De-Mystified .Net | Richard Mueller: "This was a difficult decision to rate these Wikis. This is a well researched article with good explanation of the steps required." Mark Rideout: "Great details, though formatting makes it hard to read." Anthony D. Green: "This was well written and well factored for reading. My only complaints are the lack of syntax colorization and the noisy line numbers. The topic is just obscure enough that it would have helped a lot to have a paragraph or two at the beginning to tell me what Lock bits is and why it's interesting rather than just jump into a deep dive. It links to another article which gives the motivation but it would have been great to have that inline." SB: "Rather than an article I felt this was more a series of code snippets. Although very useful I prefer a narrative explaining things. I think that the content is OK but it alludes to the fact of performance improvements but would like maybe a bit more info as to how much more performance improvements can be made using this. Presentation wise I'd like to code colorized correctly as well as it helps tremendously in reading." Ed Price: "I love how the article has its own banner image! Good code samples. Great job!" |
Visual C# Technical Guru - June 2013 |
| Dan Randolph | Named Pipes IO for Inter-process Communication | CW: "Well, rating this time around is pretty straightforward, what with there being one article. The only real dig I have against the article is that it brings up a GUI for this and I never see it. I know it isn't remarkable,
but when you mention a GUI, I sort of expect to see it. Otherwise, this article provides a simple sample of using named pipes in c# code between two components." Christian Lukito: "Good proof of concept showing how to use the API. But it will be more better if can provide real worlds example in what way this is more useful." Peter Laker: "Only entry! Win!" Ed Price: "Very clear and easy to read! Great code snippets with good formatting!" |
Windows Phone Technical Guru - June 2013 |
| Tiziano Cacioppolini | Maps and clusters | Peter Laker: "Excellent subject, nice detail!" Ed Price: "Great code and explanations! It could benefit from code blocks and headers/sections to break it up a little more. Great article!" |
| isenthil | How to Launch Windows Phone 8 Emulator without using Visual Studio 2012? | Peter Laker: "Thanks for the tip!" Ed Price: "Short and sweet. Great formatting with the TOC and sections." |
Windows Store Apps Technical Guru - June 2013 |
| Sachin S | Building an App using the DataviewModel from external XML | Peter Laker: "Nice introduction to the subject. Excellent example and explanation." Ed Price: "The image at the top catches your interest, and then the code blocks are great as well!" |
| Sachin S | Basic ColorPicker Control inside Settings Pane | Ed Price: "Great job breaking up the article with the different sections! The different sections, code headers, links back to the top, the image... it all helps make a better experience." Peter Laker: "Very useful code. Commonly needed." |
| Sachin S | Insert ComboBox item separator which is filled through Data Binding | Peter Laker: "Top tip. Will no doubt come in very handy." Ed Price: "Great formatting on the code snippets!" |
WPF Technical Guru - June 2013 |
| Gaurav Khanna | Set Brush for ScrollViewer Thumb | Peter Laker: "Good to know if you're not adept at Blend" Ed Price: "Great formatting on the code blocks!" |
| XAML guy | WPF: How to manage available/selected lists. Simple examples. MVVM and Code behind | Ed Price: "It's beautiful. A work of art! From the TOC, to the image at the top, the breakdown of sections, the code snippets, and all the way down. It's easy to read and easy to follow. Great job!" Peter Laker: "A common problem, and a tidy solution :)" |
| Magnus (MM8) | Event handling in an MVVM WPF application | Peter Laker: "Nice event/command primer, lots of detail" Ed Price: "Good formatting on the code, and the image helps you visualize it! Good article!" |
A great big thanks to EVERYONE who contributed an article to last month's competition.
Hopefully we will see you ALL again in this month's listings?
If you have not yet contributed an article for this month, and you think you can produce a more useful, clever and better produced wiki article than the winners above, here's your chance! :D
Best regards,
Pete Laker
More about the TechNet Guru Awards:
#PEJL Got a good solution? If you invest your time in coding an elegant/novel or large answer on these MSDN forums, why not copy it over to our belovedTechNet Wiki, for future generations to benefit from!
#PEJL Got a good solution? If you invest your time in coding an elegant/novel or large answer on these MSDN forums, why not copy it over to our belovedTechNet Wiki, for future generations to benefit from!
I'm just wondering if anyone has successfully managed to implement a solution to hide and unhide mailbox enabled users from the global address list in Exchange 2007 (or 2010/2013) using FIM 2010 (or R2) ?
I've seen a couple of posts related to the same question but the only suggestion was to set “msExchHideFromAddressLists” to “TRUE” to hide and remove / set to "FALSE" to unhide. However in my previous role I was an Exchange admin and I'm not sure this (a) works properly (see http://social.technet.microsoft.com/Forums/en-US/1bfc1f51-fcab-41c0-a44e-43f98565b1bf/hide-email-address-from-global-address-list-exchange-2007) (b) is supported from an Exchange perspective.
I've done some before / after testing of changing the "Hide from Exchange address lists" using either the Exchange management console or management shell, and in addition to changing the "msExchHideFromAddressLists" attribute, the "showInAddressBook" attribute is also updated at the same time. So, to hide :
"msExchHideFromAddressLists" is set to "True"
"showInAddressBook" is set to null / blanked out
Easy enough to do in a rules extension, but the problem arises when you want to unhide a mailbox from the GAL, in which case you have to set "msExchHideFromAddressLists" to False/Null, but how do you repopulate "showInAddressBook" ? when you use the EMC/EMS Exchange does some under the covers stuff to repopulate that attribute. It used to be a function of RUS in Exchange 2003 but since 2007 RUS no longer exists. You can set "msExchHideFromAddressLists" to null and then run "Update-Recipient" in powershell (similar to what FIM does following exchange provisioning) and this does populate "showInAddressBook" but then you've got to call powershell somehow.
All of the Exchange related posts I've read say basically use either the EMC or EMS, so I was just wondering if anyone had achieved this using FIM and if so how ? the only way I can think of doing this is having a MPR/Set/Workflow in the portal that kicks off a bit of powershell, but I was wondering if anyone had done this using the sync server/attribute flows/rules extensions, that kind of thing ?
Hi,
I just adjusted the schema of my Oracle EBS MA. Now whenever I import I get this error:
failed-connection column-list-reordering 0x80040e07
No other details are provided. The connection works fine when I refresh the schema or alter the MA. But when I import, this is what I get.
Any advice is appreciated. Thanks in advance.
We have a manually managed owner approval required group in FIM2010 R2. These groups flows to AD with membership.
Users can request to join the group from portal or outlook add in.
Now what i want is user should be removed from security group in FIM after 30 days. Prior to this an email needs to sent to user notifying his access to group is going to expire in 7 days . User can extend or do nothing.
If he extends then request must go to owner of group stating a user wants to extend his membership . Owner can approve or reject.
- user expiring in 7 days , there can be set and transition MPR with WF which will trigger email notifying user that his membership will expire in 7 days.
How to track when user was added to security in FIM ? and when group owner approves extension how to extend his membership in Group in FIM ?
Please guide me on this.
AdiKumar
I am having a problem registering on the Password Registration Portal. I can login and proceed to answer the security questions. When i click next after answering all the questions I get an error on browser
An error has occurred. Please try again, and if the problem persists, contact your help desk or system administrator. (Error 3008)
3 events are also logged in the Event Viewer on the Portal Server. (SEE BELOW)
I am able to connect to the fimservice2 from browser on Portal server using the URLs : http://fimservice2.idmad.lab:5725 and http://fimservice2.idmad.lab:5726. So I think its not network or firewall problem. I have included the relevant information below. Please let me know if you need any more information.
Environment :
Windows Server 2012 , FIM 2010 R2 SP1, Sharepoint 2013 Foundation.
FIM Portal, Password Registration and Reset portals are all on a separate server than FIM Service. FIM Portal is working fine.
SPNS:
CN=FIM PWService,OU=FimServiceAccounts,OU=FIMAdmin,OU=FimLab2,DC=idmad,DC=lab
HTTP/fimreset
HTTP/fimreset.idmad.lab
HTTP/fimreg.idmad.lab
HTTP/fimreg
-----------
CN=FIM Service,OU=FimServiceAccounts,OU=FIMAdmin,OU=FimLab2,DC=idmad,DC=lab
FIMService/fimservice2
FIMService/fimservice2.idmad.lab
-----------
CN=FIM SPPool,OU=FimServiceAccounts,OU=FIMAdmin,OU=FimLab2,DC=idmad,DC=lab
HTTP/fimportal2
HTTP/fimportal2.idmad.lab
Web.config for Password Registration Portal :
<resourceManagementClient resourceManagementServiceBaseAddress="http://fimservice2.idmad.lab:5725" timeoutInMilliseconds="60000" />
Microsoft.ResourceManagement.Service.exe.config file :
<service name="Microsoft.ResourceManagement.WebServices.ResourceManagementService">
<host>
<baseAddresses>
<add baseAddress="http://localhost:5725" />
</baseAddresses>
</host>
</service>
<service name="Microsoft.ResourceManagement.WebServices.SecurityTokenService">
<host>
<baseAddresses>
<add baseAddress="http://localhost:5726" />
</baseAddresses>
</host>
</service>
</services>
</system.serviceModel>
<resourceManagementClient resourceManagementServiceBaseAddress="fimservice2.idmad.lab" />
<resourceManagementService externalHostName="fimservice2.idmad.lab" />
3 events in Event log on the portal server:
EVENT 1
Failure to connect to FIM Service
The web portal failed to connect to the FIM Service.
Ensure that (1) the FIM Service is running, (2) the FIM Service server address is correct in the web.config file on the web portal, and (3) that network connectivity is available between the web portal and the FIM Service over the designated port.
Details:
System.ServiceModel.CommunicationException: An error occurred while receiving the HTTP response to http://fimservice2.idmad.lab:5726/ResourceManagementService/SecurityTokenService/Registration. This could be due to the service endpoint binding not using the
HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. ---> System.Net.WebException: The underlying connection was closed: An unexpected
error occurred on a receive. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed
by the remote host
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
--- End of inner exception stack trace ---
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.Connection.SyncRead(HttpWebRequest request, Boolean userRetrievedStream, Boolean probeRead)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.GetResponse()
at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
--- End of inner exception stack trace ---
Server stack trace:
at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ContextRequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.ResourceManagement.WebServices.WSTrust.ISecurityTokenService.RequestSecurityTokenResponse(Message request)
at Microsoft.ResourceManagement.WebServices.SecurityTokenServiceClient.RequestSecurityTokenResponse(Message request)
at Microsoft.ResourceManagement.WebServices.SecurityTokenServiceClient.RequestSecurityTokenResponse(RequestSecurityTokenResponseType request, ClientOptionsHelper clientOptionsHelper, MessageBuffer& messageBuffer)
at Microsoft.ResourceManagement.WebServices.Client.AuthenticationRequiredException.Authenticate(AuthenticationChallengeResponseType[] authenticationChallengeResponses, MessageBuffer& messageBuffer, ClientOptionsHelper clientOptionsHelper)
at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.RegistrationProxy.GetNextChallenge(String domain, String username, ChallengeContext gateChallengeResponse, FaultExceptionHandlerDelegate faultExceptionHandler)
Web Portal: FIM Password Registration Portal
Session Id: qoind5aknc1xmn55ho033qn0
IP Address: 10.0.44.44
EVENT 2
Microsoft.IdentityManagement.CredentialManagement.Portal: System.Web.HttpUnhandledException: ScriptManager_AsyncPostBackError ---> Microsoft.IdentityManagement.CredentialManagement.Portal.Exceptions.GenericCommunicationException: An error occurred while
receiving the HTTP response to http://fimservice2.idmad.lab:5726/ResourceManagementService/SecurityTokenService/Registration. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being
aborted by the server (possibly due to the service shutting down). See server logs for more details. ---> System.ServiceModel.CommunicationException: An error occurred while receiving the HTTP response to http://fimservice2.idmad.lab:5726/ResourceManagementService/SecurityTokenService/Registration.
This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. ---> System.Net.WebException:
The underlying connection was closed: An unexpected error occurred on a receive. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException:
An existing connection was forcibly closed by the remote host
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
--- End of inner exception stack trace ---
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.Connection.SyncRead(HttpWebRequest request, Boolean userRetrievedStream, Boolean probeRead)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.GetResponse()
at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
--- End of inner exception stack trace ---
Server stack trace:
at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ContextRequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.ResourceManagement.WebServices.WSTrust.ISecurityTokenService.RequestSecurityTokenResponse(Message request)
at Microsoft.ResourceManagement.WebServices.SecurityTokenServiceClient.RequestSecurityTokenResponse(Message request)
at Microsoft.ResourceManagement.WebServices.SecurityTokenServiceClient.RequestSecurityTokenResponse(RequestSecurityTokenResponseType request, ClientOptionsHelper clientOptionsHelper, MessageBuffer& messageBuffer)
at Microsoft.ResourceManagement.WebServices.Client.AuthenticationRequiredException.Authenticate(AuthenticationChallengeResponseType[] authenticationChallengeResponses, MessageBuffer& messageBuffer, ClientOptionsHelper clientOptionsHelper)
at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.RegistrationProxy.GetNextChallenge(String domain, String username, ChallengeContext gateChallengeResponse, FaultExceptionHandlerDelegate faultExceptionHandler)
--- End of inner exception stack trace ---
at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.RegistrationProxy.GetNextChallenge(String domain, String username, ChallengeContext gateChallengeResponse, FaultExceptionHandlerDelegate faultExceptionHandler)
at Microsoft.IdentityManagement.CredentialManagement.Portal.Components.DriverBase.GetNextGate(IGateControl currentGate)
at Microsoft.IdentityManagement.CredentialManagement.Portal.Registration.Next()
at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
--- End of inner exception stack trace ---
at Microsoft.IdentityManagement.CredentialManagement.Portal.Site.ScriptManager_AsyncPostBackError(Object sender, AsyncPostBackErrorEventArgs eventArgs)
at System.Web.UI.ScriptManager.OnAsyncPostBackError(AsyncPostBackErrorEventArgs e)
at System.Web.UI.PageRequestManager.OnPageError(Object sender, EventArgs e)
at System.Web.UI.TemplateControl.OnError(EventArgs e)
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at ASP.default_aspx.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
EVENT 3
The error page was displayed to the user.
Details:
Title: Communication Error
Message: An error has occurred. Please try again, and if the problem persists, contact your help desk or system administrator. (Error 3008)
Source:
Attributes:
Details: Microsoft.IdentityManagement.CredentialManagement.Portal.Exceptions.GenericCommunicationException: An error occurred while receiving the HTTP response to http://fimservice2.idmad.lab:5726/ResourceManagementService/SecurityTokenService/Registration.
This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. ---> System.ServiceModel.CommunicationException:
An error occurred while receiving the HTTP response to http://fimservice2.idmad.lab:5726/ResourceManagementService/SecurityTokenService/Registration. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an
HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a receive. ---> System.IO.IOException:
Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
--- End of inner exception stack trace ---
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.Connection.SyncRead(HttpWebRequest request, Boolean userRetrievedStream, Boolean probeRead)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.GetResponse()
at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
--- End of inner exception stack trace ---
Server stack trace:
at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ContextRequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.ResourceManagement.WebServices.WSTrust.ISecurityTokenService.RequestSecurityTokenResponse(Message request)
at Microsoft.ResourceManagement.WebServices.SecurityTokenServiceClient.RequestSecurityTokenResponse(Message request)
at Microsoft.ResourceManagement.WebServices.SecurityTokenServiceClient.RequestSecurityTokenResponse(RequestSecurityTokenResponseType request, ClientOptionsHelper clientOptionsHelper, MessageBuffer& messageBuffer)
at Microsoft.ResourceManagement.WebServices.Client.AuthenticationRequiredException.Authenticate(AuthenticationChallengeResponseType[] authenticationChallengeResponses, MessageBuffer& messageBuffer, ClientOptionsHelper clientOptionsHelper)
at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.RegistrationProxy.GetNextChallenge(String domain, String username, ChallengeContext gateChallengeResponse, FaultExceptionHandlerDelegate faultExceptionHandler)
--- End of inner exception stack trace ---
at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.RegistrationProxy.GetNextChallenge(String domain, String username, ChallengeContext gateChallengeResponse, FaultExceptionHandlerDelegate faultExceptionHandler)
at Microsoft.IdentityManagement.CredentialManagement.Portal.Components.DriverBase.GetNextGate(IGateControl currentGate)
at Microsoft.IdentityManagement.CredentialManagement.Portal.Registration.Next()
at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
CorrelationId:
RequestId:
ErrorCode: 3008
CaughtTime: 07/10/2013 10:12:55
Web Portal: FIM Password Registration Portal
Session Id: qoind5aknc1xmn55ho033qn0
IP Address: 10.0.44.44
Hi,
I vaguely remember seeing a whitepaper or maybe one of the walkthroughs for ILM where, within a rules extension, they were using a table in SQL server as a lookup table, e.g., for mapping attributes or something like that.
Does anyone here recall something like that?
The reason for I'm looking for that is that some of our "legacy" extensions are doing something like, where they map a pair of attributes (like location name and state) into postal codes.
The way that the current code does this is to instantiate a new connection to the SQL server each time the extension is invoked, but we've been asked if it'd be possible to not do that, but to do something like create the connection at the beginning of the profile run, and then just use the same connection for the lookups/queries, and I was hoping that walkthrough (or whatever it was) might have some suggestions about how to do that in ILM.
With ILM, is there some way to do something like that, like maybe at start of the profile run (or maybe even at ILM startup) to open a connection to an SQL server and then, within the rules extensions, re-use that already instantiated connection?
Thanks,
Jim