Quantcast
Channel: Forum Microsoft Identity Manager
Viewing all 4767 articles
Browse latest View live

Unable to install SharePoint 2013 as per MIM article

0
0

Hi,

Working through this MIM deployment article: https://technet.microsoft.com/en-us/library/mt219039.aspx

Step 6 is as follows:

Run the SharePoint Products Configuration Wizard to configure SharePoint.

  • On the Connect to a server farm tab, change to create a new server farm.

  • Specify this server as the database server for the configuration database, andcontoso\SharePoint as the database access account for SharePoint to use.

So when I try to run this, I get the following error:

Does this mean I need to install SQL Server on the MIM Portal server now? Does SharePoint 2013 no longer use SQL Express like SharePoint 2010 did?

Thanks,

Sk


MIM2016 - List of new features and requirements

0
0

I am looking for a straigth list about the new features of MIM2016 but have not found yet.

Is there anywhere a clear list where are new features, requirements and so on? I heard from somewhere that MIM contains for example multitasking for sync process, but now I can't find anything about it. Also any info about MIM performance would be nice, how much memory and processor speed it requires and so on.

Lync 2013 lcssync.dll for MIM 2016

0
0

Hello,

I have a functional lab environment with 2 x user forests and 1 x central forest on FIM 2010/R2 SP1. Porting that environment to 2016 causes lcssync.dll to fail owing to references to Microsoft.MetadirectoryServices.dll,  Microsoft.MetadirectoryServicesEx.dll and logging.dll assembly version differences. I note that GALSync source is included, but no source or new version of lcssync.dll.

Does anyone know if lcssync.dll is going to be provided? Has anyone else seen this behavior?

Error details:

Log Name:      Application
Source:        FIMSynchronizationService
Date:          8/17/2015 8:24:23 AM
Event ID:      6300
Task Category: Server
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      MIM2016.domain.com
Description:
The server encountered an unexpected error:
 
 "Could not load file or assembly 'Microsoft.MetadirectoryServices, Version=3.0.577.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)

   at System.Reflection.RuntimeAssembly.GetExportedTypes(RuntimeAssembly assembly, ObjectHandleOnStack retTypes)
   at System.Reflection.RuntimeAssembly.GetExportedTypes()
   at Microsoft.MetadirectoryServices.Impl.ScriptHost.InitializeWorker(InitializeArguments pArgs)


InnerException=>
none
"
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="FIMSynchronizationService" />
    <EventID Qualifiers="49152">6300</EventID>
    <Level>2</Level>
    <Task>3</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2015-08-17T15:24:23.000000000Z" />
    <EventRecordID>1080</EventRecordID>
    <Channel>Application</Channel>
    <Computer>MIM2016.paukkunen.net</Computer>
    <Security />
  </System>
  <EventData>
    <Data>Could not load file or assembly 'Microsoft.MetadirectoryServices, Version=3.0.577.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)

   at System.Reflection.RuntimeAssembly.GetExportedTypes(RuntimeAssembly assembly, ObjectHandleOnStack retTypes)
   at System.Reflection.RuntimeAssembly.GetExportedTypes()
   at Microsoft.MetadirectoryServices.Impl.ScriptHost.InitializeWorker(InitializeArguments pArgs)


InnerException=&gt;
none
</Data>
  </EventData>
</Event>

Thanks,

Jarmo

Avanade Lync team

Objects occasionally not being deleted

0
0

I sometimes experience a problem with objects not being deleted from the MV, and remaining in FIM after a successful delete operation.

MV deletion rule is configured to delete the object from the MV when the connector from FIM is disconnected:

MV deletion rule

Deprovisioning on non-FIM MAs is configured with "stage a delete on the object for the next export run":

MA deprovisioning config

Here is an example of the problem.
These are the requests:

requests

As you can see, there is a successful delete request for the object at some point, but the object is still present in the metaverse:

mv object properties

This does not happen all the time, but only occasionally.

Has someone experienced this problem?

Is there anything I should check?

Thanks,
Paolo

 

Paolo Tedesco - http://cern.ch/idm


SearchScope identity picker xpath

0
0

Hello, 

I want to permit the search with the contains expression in IdentityPicker, is that possible ? 

Regards

AD outbound provisioning - same user to 2 different OUs

0
0

The same user from FIM needs to be provisioned to 2 different OUs in AD. Is that possible using portal sync rules?

FIM User object properties:

AD exists (boolean), samAccountname, employeeID

Sync rule 1:

scope - AD exists is true

relationship - samaccountname = samaccountname

rule - dn: cn="samaccountname",OU1

Sync rule 2:

scope - employeeID is present ( AD exists could be true or false)

relationship - employeeID = employeeID

rule - dn: cn="employeeID",OU2

We have rule 1 already in place. When I tested with rule 2, it pushed only users that are not synced in OU1. How can I capture this via scope and relationship criteria.

Thanks!!

Metaverse Object Deletion

0
0
Say, I have 5 groups in FIM, Metaverse and AD. Now I want to delete one group from FIM and Metaverse, but want to keep the group in AD. Is that possible to achieve? With object deletion rule in the Sync Engine, when I delete a group from FIM, it is getting deleted from AD too.

MIM Language Pack - MIM Portal not change

0
0

Hi,

I have installed MIM 2016 (RTM) with SQL 2010 and SharePoint 2013 SP1.

I installed SharePoint 2013 SP Spanish Language Pack. I could configure SharePoint Central Administration Site in Spanish (Site Setting -> Language Settings) and it worked fine (I changed Internet Explorer language configuration and site language changed).

I could configure MIM Portal language setting too.

I installed MIM Service & Portal, MIM Laguage pack (Spanish) ...

But of I changed Internet Explorer Language configuration, MIM Portal DID NOT change language (but SharePoint did, I can see "Site Actions" in Spanish in right/up corner).

How can I install Language pack in MIM With SharePoint 2013 SP1

Thanks in Advanced

Best regards


JuanCC Technology Specialist


How to get response back from FIM when AD Connector space export data to actual AD Directory ?

0
0
I have one question regarding FIM Sync Service request processing. I have requirement like that It get updated information from SQL server and publish change to AD. I am only planning to use FIM sync service. SQL server to AD data went well. I have one question that How can I get information that particular user process successfully. My question is related to export to AD. When it successfully write to AD I want status.

FIM 2010 R2 and Azure Multi-Factor Authentication

0
0
Is it possible to use Azure Multi-Factor Authentication with FIM 2010 R2. I know that MIM2016 will support Azure Multi-Factor Authentication but does it work with FIM 2010 R2?

Extention rule debugging not working

0
0

Hi,

I'm writing because I'm trying to change an extension rule in one of my MA’s. To do some tests, I add some breaking points and some logging lines:

 

Logging.Log("*** LOG TEST ***");
 

In order to test my code, I went to the Debug menu and then to the Attach option. After selecting miiserver.exe, Visual Studio asks me to restart as an Admin user.

After the restart, I repeat the process above and the debug starts. I then go to FIM console and launch my MA, but nothing happens, I don’t see any log lines and any of my breakpoints are reached….

 

I check the process window and the debugger seems to be attached, so I don’t understand why my code or my breakpoints doesn’t have any effect.

 

Does anyone already have this kind of issue? How can I solve it?

 

Thanks in advance for all your help,

Marc


MIM 2016 The Microsoft Identity Manager server database could not be successfully populated.

0
0

I am receiving The Microsoft Identity Manager server database could not be successfully populated. when installing the Service and Portal.

In the event logs I get:

Product: Microsoft Identity Manager Service and Portal -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action DeployAndPopulateDatabase, location: C:\Windows\Installer\MSIABAE.tmp, command: installApp=FIM action=DeployAndPopulateDatabase databaseName=FIMService namespaceName="fim" datFilesInstallDir="C:\Program Files\Microsoft Forefront Identity Manager\2010\Service\Data\BL" sqlserverName=IDM01 FIMServiceAccountDomain=Domain FIMServiceAccountName=MIMService SyncServiceAccountDomain=Domain SyncServiceAccountName=MIMSync RunningUserDomain=Domain RunningUserName=DAuser RunningUserEmail= CreateDatabase=True 

Both the Service account and the Domain Admin account have mailboxes and email addresses on their AD objects.

I have modified the model DB size as seen in another post about this issue.

Are there any other logs that I can look at to see what is going on?

Thanks for any assistance.


SharePoint Foundation 2010 SQL Express migrate to SQL Server

0
0

Hi,

Like many of you, we have deployed FIM Portals' SharePoint Foundation 2010 on the local SQL Express version (as deployed by the SharePoint pre-requisite installer). FIM Portal & Service was then deployed on the same server.

We have now had a request to move this SharePoint Foundation 2010 SQL Express database to a full SQL Server (running on a remote server).

So we have a few questions:

1. Is this possible?

2. What are the caveats?

3. Will this break FIM Portal/Service?

4. Is this even recommended?


Thank you,

SK

FIM CM and Virtual Smart Card Problem

0
0

Hi

I’m using FIM CM 2010 R2 v4.1.3646.0 to manage a fleet of .NET (MS Base SC Crypto Provider)  smart cards.

I’m now looking to manage some virtual smart cards but get an error when testing enrolment using my existing profile template. Enrolment PC is Windows 8.1 x64 Ent running 32bit IE11 and 32bit FIM CM client.

I’ve provisioned a vsc with default admin password and FIM CM seems to be able to initialise it successfully during enrolment, however the certificate request isn’t attempted with the CA and the FIM console reports the following error…

Failed to enroll a certificate on the smartcard using template "My Smart Card Logon". The most likely cause is that there is a mismatch between the card type you have and the type of card supported by this template. Please try to enroll using a different template.

The only difference between the “My Smart Card Logon” certificate template and another template which works when making a manual certificate request via the mmc is the presence of the requirement for an enrolment agent signature as required by FIM.

Does anyone have any idea what might be causing the problem?

Thanks


Douks

FIM 2010 R2. User does not create in AD OU.

0
0

Hello!

I have 3 test OU in AD. I have 3 MA (FileMA (for csv file), FIM MA (for FIM Service, AD MA (for AD))). User import from FileMA -> FIM Portal -> AD.

I have 3 Sync Rules.

1) For create user in AD - Test OU

2) For add OU - Konstr OU

3) For add OU - Arch OU

User created in AD correct (In Test OU)

When I want change OU - for Konstr OU - OK

When I want change OU - Arch - I can't

Help!


Alex


Adding secondary relationship to Inbound SR

0
0

Hello,

When we original setup FIM 2010 R2 we only had one domain (AD1). Our original  inbound sync rule has a relationship criteria based on MetaverseObject:accountName = ConnectedSystemObject:sAMAccountName. 

After a few months we added a second domain (AD2), which has a inbound sync rule based on MetaverseObject:ObjectSID = ConnectedSystemObject:ObjectSID.

Each end user has an account in both domains and the same username is used. Our problem occures when a user is pulled into FIM from AD2 first then the same username is added from AD1. Since AD1's relationship is based on accountName, it tries to join with the AD2 object which has the same username.

I believe a solution would be to add a second relationship criteria to AD1 which would be :ObjectSID = ConnectedSystemObject:ObjectSID

Does this sound like a possible solution? what happens to all the exisitng objects if i add a second relationship to an existing inbound rule?

Any information is appreciated.

thanks,

Josh

Adamsync & Forefront Identity Manager

0
0
I am currently using adamsync.exe to create UserProxy objects in AD LDS to allow users to authenticate. Can i replace the command line adamsync tool with Forefront Identity Manager? As of now adamsync.exe looks at an OU in Active directory and creates an account for each user in AD LDS as userproxyfull objects and that works well to allow authentications. I would like to move away from the command line approach and use another tool to do it....Can Forefront Identity Manager handle this?

Jef

Modify Approval Request Display Name to be more indicative of request

0
0

Does anyone know how to Modify an Approval Requests Display Name to be more indicative of request? Currently, we have an account creation workflow implemented that sends a notification to a manager for approval. When the manager (non technical person) opens his Requests & Approvals all they see is Update to person : 'Smith, John' Request. Is there any way to make that Display Name say something like :Approve creation of  user account 'Smith, John' Request?

Thanks in advance...

Why there is no member of property for active directory management agent ?

0
0

Hi All, 

I am quite new to FIM. I recently look at some videos and blog and Later I search that when we have to add role to user we can not do it directly in user object. Instead we have to add user to group for active directory MA.

I tried to look at list of attribute in Active directory MA Configuration but there is no such property called memberOf. 

Can you please let me know what we have to do manage memberOf attribute in AD.

Thanks.

MIM Licensing

0
0

Hi All,

How much the licensing cost of per User (CAL) for MIM ?

 Regards,
Anirban Singha

Viewing all 4767 articles
Browse latest View live




Latest Images