Articles on this Page
- 07/02/15--15:57: _User and Group Prov...
- 07/03/15--01:27: _Export-Fimconfig fa...
- 07/03/15--04:03: _sync-rule-validatio...
- 07/03/15--13:39: _Be Our July FIM Gur...
- 07/04/15--16:02: _FIM 2010 gal sync b...
- 07/05/15--21:39: _Page Verify Configu...
- 07/05/15--22:47: _Export & import con...
- 07/05/15--23:34: _FIM 2010 R2 - Exten...
- 07/06/15--01:20: _SAP MA Refresh Schema
- 07/06/15--01:52: _ECMA2 method WriteI...
- 07/06/15--03:13: _Forefront Identity ...
- 07/06/15--06:21: _Bi-directional Sync...
- 07/06/15--06:54: _Custom logging insi...
- 07/06/15--11:50: _Retrieving user att...
- 07/07/15--00:10: _FIM 2010 Deployment...
- 07/07/15--03:44: _Hide Advanced Searc...
- 07/07/15--07:10: _Add new user to an ...
- 07/07/15--13:52: _C# help with hiding...
- 07/08/15--06:58: _Owners of Security ...
- 07/08/15--07:27: _FIM connecting with...
- 07/02/15--15:57: User and Group Provisioning to Active Directory
- 07/03/15--01:27: Export-Fimconfig fails within PowerShell Activity in the portal.
- 07/03/15--04:03: sync-rule-validation-parsing-error AD management agent
- 07/03/15--13:39: Be Our July FIM Guru! Supply a Sizzling "Sunny Season" Scoop!
- 07/04/15--16:02: FIM 2010 gal sync between exchange 2010 and 2007
- 07/05/15--21:39: Page Verify Configuration Error (SCOM FIM MP)
- 07/05/15--22:47: Export & import config production to demo
- 07/06/15--01:20: SAP MA Refresh Schema
- 07/06/15--03:13: Forefront Identity Manager and Domino (Lotus Notes)
- 07/06/15--06:21: Bi-directional Sync Rules
- 07/06/15--06:54: Custom logging inside a Extention-rule
- 07/06/15--11:50: Retrieving user attributes from Active Directory
- 07/07/15--00:10: FIM 2010 Deployment across datacenters(different Network)
- 07/07/15--07:10: Add new user to an AD group
- 07/07/15--13:52: C# help with hiding terminated users
- 07/08/15--06:58: Owners of Security Groups to add/delete users
- 07/08/15--07:27: FIM connecting with Oracle Access Database
How can I provisioned user to particular OU in Active Directory using C# code.?
A script which is working fine fails within Powershell. Why?
This is the error.
export-fimconfig : The type initializer for 'Microsoft.ResourceManagement.WebSer
vices.Client.ResourceManagementClient' threw an exception.
At C:\temp\tncs.ps1:100 char:30
+ $CurObject = export-fimconfig <<<< -Credential $Credential `
+ CategoryInfo : NotSpecified: (:) [Export-FIMConfig], TypeInitiali
+ FullyQualifiedErrorId : System.TypeInitializationException,Microsoft.Resou
When I run a full synchronization on AD Management agent I have sync-rule-validation-parsing-error ?
Any idea please ?
Up here in the Northern Hemisphere, things are hotting up!
And in TechNet Guru land, hot is cool!
So once again, we ask you for your sizzling "Sunny Season" scoop.
Your blazing and boiling blurb, and your hot how-to's!
Step up Gurus and please provide us some engaging essays and exciting expositions!
Now is the season for your fascinating feature, your classic composition, or your tasty treatise!
Let the community warm to your write-up, industrial item, professional passage or specialized story.
We need high-tech high hitters!
It is your time in the sun my friends!
Enjoy it while it lasts! (the sun that is)
All you have to do is add an article to TechNet Wiki from your own specialist field. Something that fits into one of the categories listed on the submissions page. Copy in your own blog posts, a forum solution, a white paper, or just something you had to solve for your own day's work today.
Drop us some nifty knowledge, or superb snippets, and become MICROSOFT TECHNOLOGY GURU OF THE MONTH!
This is an official Microsoft TechNet recognition, where people such as yourselves can truly get noticed!
HOW TO WIN
1) Please copy over your Microsoft technical solutions and revelations toTechNet Wiki.
2) Add a link to it on THIS WIKI COMPETITION PAGE (so we know you've contributed)
3) Every month, we will highlight your contributions, and select a "Guru of the Month" in each technology.
If you win, we will sing your praises in blogs and forums, similar to the weekly contributor awards. Once "on our radar" and making your mark, you will probably be interviewed for your greatness, and maybe eventually even invited into other inner TechNet/MSDN circles!
Winning this award in your favoured technology will help us learn the active members in each community.
Got any nice code? If you invest time in coding an elegant, novel or impressive answer on MSDN forums, why not copy it over toTechNet Wiki, for future generations to benefit from! You'll never get archived again, and you could win weekly awards!
Have you got what it takes o become this month's TechNet Technical Guru? Join a long list of well known community big hitters, show your knowledge and prowess in your favoured technologies!
I'm running some experiments with gal sync, and it all works between 2010 exchange orgainizations.
But when I export (fim run profile) to the exchange 2007 organization, the contacts are created and shows under 'contacts' in EMC, but they cannot be found when search them in ie outlook?
It works from 2007 to 2010...
Exchange 2010 organization One:
EX1: Server 2012r2/EX2010SP3
FIM Server: 2012r2/FIM2010r2. There 3 MA's, one for each organization.
Exchange 2010 organization Two:
EX1: Server 2012r2/EX2010SP3
Exchange 2007 organization One:
EX1: Server 2008R2/EX2007SP3
Jesper Vindum, Denmark
Help the forum: Monitor(alert) your threads and vote helpful replies or mark them as answer, if it helps solving your problem.
After deploying the FIM SCOM MP, the following error was returned:
The page verify setting for database "FIMService" in SQL instance X on computer Y is not set according to best practice.
Can someone please confirm whether we can ignore this, or how we need to configure SQL to get rid of this SCOM error.
I need to setup a FIM demo environment. There already is a demo environment but that is not maintained.
Is there a way I can export the production environment (both portal & sync server) to the demo environment?
Existing config of the demo environment can be wiped.
I am trying to extend the reporing schema. I have two FIM attributes, integer and unindexed string. Now when I try to map those attributes, I get just this kind of error message when I run Confirm-FIMReportingBinding powershell:
WARNING: The object/attribute type 'Integer' does not match the class/property type 'int'. WARNING: The object/attribute type 'Text' does not match the class/property type 'string'.I use "int" and "string" types for those attributes, but thoses types seems to be wrong. What types should I use?
Data field length of few attributes in SAP is changed by our SAP administrator but SAP MA is not getting this change. Kindly let me know how I can refresh SAP schema in FIM MA. Currently refresh schema option is grayed.
I have set up an ECMA2 management agent which should do a full export, full import, delta / full synchronization.
The run profiles are set up on the one hand as separate profiles each with one single step. On the other hand as one run profile, containing three steps (e.g. Full Export, Full Import (stage only), Delta Synchronization).
For some reason, when calling the run profile with three steps defined, the WriteImportFile method of the IMAExtensible2FileImport interface seems not to be called. On the bottom line that run then fails with message "no-start-ma". However, when running the according run profile for Import (stage only), which does only contain this one single step, the method is called as expected and no errors occur.
Did someone already face that behavior and knows how to fix that?
Thanks in advance
I am new to FIM, I was wondering have someone here been able to setup FIM to work with Domino, so that the below processes are automated in Domino. It is hard to get an overview of what is possible.
Creating Notes users?
What if the there are 2 persons with the same name and identifier?
Re-creating users that have left and re-joined the company and are listed i terminations group / ID vault?
Change Notes users?
Delete Notes users in Domino?
I am an trying to create new distribution groups with owners and members from FIM portal and later manage the group in AD. I have two management agents FIMMA and ADMA. For the attributes like member, owner etc I have set equal precedence in the sync engine.
While I am trying to define rule extension in order to make both import and export work, for the attributes like member, I am getting error: "Defining a rule extension import attribute flow to a metaverse reference attribute is not allowed". Is there
any way to avoid this?
I'm trying to enable some custom logging inside my extention rules. After a ot of search I decided to ask you if it's possible or not.
For the time beeing I've tryed to approaches:
1. Add a reference to Logging.dll and then try to use the code:
using Microsoft.MetadirectoryServices.Logging; Log("message", true, 2);
2. Import a log4net dll into my project, add the configuration to the app.config file.None of then seams to work... The log4net.dll doesn't show me the log methods, and with the logging.dll I have the error
'Microsoft.MetadirectoryServices.Logging.Logging.Log(string, bool, int)' is a 'method' but is used like a 'type'
Is it possible to do some custom log with FIM 2010?
Thanks in advance for your help,
I am working on a project where all stuffs including retrieving user attributes from Active Directory ? How to retrieve user attributes like OU name, Department,Designation, Security groups using C# code ?
Is it possible to deploy FIM 2010 across datacenters for highavilability/loadbalancing purpose. These datacenters has different subnets. Understand that windows NLB wont support different subnet for member servers hence FIM 2010 Service/portal cant be deploy in NLB across multiple data centers. How to achive FIM 2010 deployment across mutiple data centers.
I want to hide the "Advanced Search" link for a particular search scope. Is this achievable?
I went through this link http://blog.msresource.net/2013/11/21/forefront-identity-manager-2010-r2-build-4-1-3496-0-released/ but this leads in hiding "Advanced Search" for all configurations. Tried customizing it only for a particular search scope but did not work.
I'm starting with FIM 2010, and I need to do a procedure that adds all new users (created in the current day) to an AD group (let's saynewUsersGroup).
In my environment, I have the following connectors: AD MA, AD Group MA (with the respective c# extentions) and a provisionning extention calledMVExtention.dll
My idea is to search each MV entry and if the attribute CreationDate (a better approach in my case would be read the Connector SpacecreateTimeStamp attribute) is the same as the current date, then add the user to mynewUsersGroup
I tought that a good idea is to use the MVExtention.dll to do it, but I'm not sure how to do the add the person in a group in this extention. When I'm in my AD Group MA extention, I normally do (where csentry is my group in the Connector Space):
Can someone please help me with this one?
Thanks in advance for your help,
I am trying to put in code to hide terminated users from the GAL using our AD MA
I have the following code:
if (mventry["employeeStatus"].IsPresent && mventry["employeeStatus"].Value.ToLower() == "terminated" || mventry["cccEmployeeStatus"].IsPresent&& mventry["cccEmployeeStatus"].Value.ToLower() == "terminated")
csentry["msExchHideFromAddressLists"].BooleanValue = true;
It keeps giving an error that the attribute is read only, or it does nothing at all..
Any assistance would be appreciated thanks
I am trying to figure out a way where I can have owners of a security group to add and delete users. I created a Management Policy Rule, I can do it this way right?
This might not be possible, but I am trying to connect a database on MS Access that is linked to an Oracle database, I want to know if there's possible way to connect those to FIM. The main attribute will be the User's ID, and couple other key attributes.