Hi,

We have two Active directory Management Agents in two different FIM Synchronization servers with similar configuration.

Few AD records remain as placeholder in the connector space of the one of the Management Agents but not in the other(records are activated and contains the complete distinguished name)

Not able to find out the root cause of the issue.

Note:

1) Full Import/Full Synch is not an option as of now
2) AD Containers are verified in both the MA configurations and both have same containers selected.

Any help is appreciated. Please.Please advise.

Hi,
we use PCNS Exclusion groups to exclude some high privilege accounts from pwd forwarding.
I know that it is possible to add a group as member of the exclusion group. No issue at least when the nested group is part of the same domain.

But what about cross-domain group nesting?

My situation:

• We have a multi-domainforest. Lets say forest contoso.com, domains DomA, DomB, DomC. In all the domains we use PCNS.
• We have several small locations (= AD sites) around the world where only a domain controller of the user's domain is located, let's say domain DomB or DomC. There are WAN connections to the corporate net.
• Some or our users have two personal accounts, both in the same domain. One of them is used for administrative tasks. These "admin accounts" should be excluded from PCNS.
• In DomA there is a universal group 'AdminAccounts' which contains all of these admin accounts.

Now my idea would be to simply add the group  DomA\AdminAccounts  to each PCNS Exclusion group (scope domain-local) in the other domains.

What do you think, would this work?

Thanks

Walter

Hello!

Is it supported to restore FIM 2010 from VM snapshot?

We have been using the Microsoft Office 365 Tenant MA with FIM 2010 R2, but it looks like it is not loading after the MIM 2016 upgrade. 

It looks like it is looking for the old version of the Metadirectory Services DLL. and .Net.

Is there an updated version out there, source code or workaround to avoid completely redoing our Office 365 synchronization?

Thanks,

Al

Good afternoon,

I have been working on a simple script which will allow me to delete computer objects from the AD. The problem that I am running into though, is very annoying and I have tried some suggestions online, without success.

My script is listed below. Please provide some pointers as to how I can accomplish what I need:

$computers = get-content a:\desktop\deleteadcomputerobjects.txt
foreach ($computer in $computers)
{	Try {
		remove-adcomputer -identity $computer | remove-adobject -recursive -erroraction stop -whatif
		add-content a:\desktop\deletecomputers.log -value "$computer removed"
	}
	Catch {
		Add-content a:\desktop\deletecomputers_errors.log -value "$computer not found because $($error[0])"
	}
}

Hi,

I installed hotfix rollup package (build 4.3.2064.0) on the synchronization server (it went fine).

Right now I'm trying to install it over 2 Portal/service servers and it fails. Both servers are MIM (4.3.1935) upgraded some time ago from FIM 2010 R2 - if that has some meaning.

I've been looking thru the install log and there was something like that:

DEBUG: Error 2746:  Transform EVAL.1 invalid for package C:\Windows\Installer\bae8e246.msi. Expected product {AB9663A3-2B61-44C7-8A64-358EC72934E6}, found product {0782FB14-023A-430F-B0D5-4AE1D1CCFCAA}.

Anyone seen something like this?

EDIT: It appears that real reason of failing hotfix installation is non default FIMService database name (customer uses FIMServiceV2, but the old one FIMService still exist on the server and is set to offline). Hotfix seems to have database name hardcoded. Or maybe there is some switch to use non default name?

Borys Majewski, Identity Management Solutions Architect (Blog: IDArchitect.NET)

الرائدون فى مجال صيانة الاجهزة المنزلية , مصرتوفر شركة صيانة وستنجهاوس الصيانة والتجديد للاجهزة ارقام اتصال وستنجهاوس |0235682820|01096922100||01210999852|المحمول :|01060037840| غسالات وستنجهاوس ,غسالة وستنجهاوس  , ثلاجات وستنجهاوس  , ثلاجة وستنجهاوس  ,دراير وستنجهاوس ,مجفف وستنجهاوس  ,لاندرى وستنجهاوس  ,ايس ميكر وستنجهاوس  , westinghouseغسالة westinghouseثلاجات westinghouseديب فريزر westinghouseغسالات ملابس westinghouseغسالات اطباقمركز صيانة وستنجهاوس يغطى مناطق ( القاهرة الكبرى ) للاصلاح بالمنزلتعد واحدة من اكبر شركات الصيانة فى مصر ( صيانة وستنجهاوس الاولى فى مصر ) نحن نعتمد على تصليح وستنجهاوس الاجهزة المنزلية الاولة فى مصرمجموعة شركات وستنجهاوس احدى الشركات الرائدة فى مجال ( صيانة غسالات وستنجهاوس  &صيانة ثلاجات وستنجهاوس &صيانة ديب فريزر وستنجهاوس & صيانة مجفف وستنجهاوس & صيانة لاندرى وستنجهاوس &صيانة غسالات اطباق وستنجهاوس  & صيانة غسالات ملابس وستنجهاوس ، صيانة غسالات صحون وستنجهاوس  &صيانة ايس ميكر وستنجهاوس ) الصيانة تشمل الجهاز بالكامل (( الصيانة الشاملة)) westinghouse maintenance ,repair westinghouse

0235699066 || 01093055835 || 01129347771 || 0235710008

وكيل وستنجهاوس حدائق الهرم ,توكيل وستنجهاوس  الرماية , توكيل وستنجهاوس الجيزة الجديدة

اصلاح غسالات وستنجهاوس , مراكز صيانة وستنجهاوس  , اصلاح وصيانة وستنجهاوس  , توكيل صيانة وستنجهاوس ,الوكيل صيانة وستنجهاوس  , وكيل وستنجهاوس  ,خدمة وستنجهاوس  ,ارقام وستنجهاوس  , اقرب وستنجهاوس , اصلاح وستنجهاوس  ,افضل صيانة وستنجهاوس  ,اجود صيانة وستنجهاوس  ,الاول وستنجهاوس  , المتقدم وستنجهاوس ,ارشادات صيانة وستنجهاوس ,وكلاء صيانة وستنجهاوس  ,الوكلاء وستنجهاوس ,الوكالة وستنجهاوس  ,خدمة اصلاح غسالات وستنجهاوس ,الرئيسى وستنجهاوس  ,اعمال صيانة وستنجهاوس  ,تعد خدمة الدعم الفنى من احدث خدمات شركة وستنجهاوس westinghouseagent  وكيل وستنجهاوس اسرع تحقيق الصيانة الجيدة وستنجهاوس &افضل ارشادات صيانة وستنجهاوس &نقوم بتقديم خدمة الصيانة الفورية وستنجهاوس &الجودة هى العنصر الاساسى فى صيانة وستنجهاوس الجيزة & Westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse westinghouse تتعهد مجموعة شركات ( صيانة وستنجهاوس ) بتقديم اجود خدمة وتقديم اعلى مستوى من التدريب اعلى كفائة صيانة وستنجهاوس ( مركز صيانة وستنجهاوس  ) WESTINGHOUSEحيث اننا المركز الوحيد فى مصر { صيانة وستنجهاوس  }مع تحيات ادارة توكيل صيانة وستنجهاوس

صيانة وستنجهاوس الهرم , صيانة وستنجهاوس الجيزة , صيانة وستنجهاوس فيصل , صيانة وستنجهاوس الدقى , صيانة وستنجهاوس العجوزة , صيانة وستنجهاوس المنيل , صيانة وستنجهاوس المهندسين, صيانة وستنجهاوس الكيت كات ,صيانة وستنجهاوس العمرانية , صيانة وستنجهاوس حدائق الهرم , صيانة وستنجهاوس ام المصريين , صيانة وستنجهاوس العمرانية الشرقية , صيانة وستنجهاوس المنيب ,صيانة وستنجهاوس شبرا, صيانة وستنجهاوس شبرا مصر , صيانة وستنجهاوس الترعة البولاقية , صيانة وستنجهاوس احمد حلمى , صيانة وستنجهاوس شبرا البلد , صيانة وستنجهاوس رمسيس, صيانة وستنجهاوس العتبة , صيانة وستنجهاوس وسط البلد , صيانة وستنجهاوس التحرير صيانة وستنجهاوس القصر العينى , صيانة وستنجهاوس جاردن سيتى , صيانة وستنجهاوس المبتديان , صيانة وستنجهاوس مصر الجديدة , صيانة وستنجهاوس روكسى , صيانة وستنجهاوس عين شمس , صيانة وستنجهاوس مدينة نصر , صيانة وستنجهاوس الشيخ زايد , صيانة وستنجهاوس 6 اكتوبر , صيانة وستنجهاوس هضبة الهرم , صيانة وستنجهاوس القطامية , صيانة وستنجهاوس ارض الجولف , صيانة وستنجهاوس النزهه, صيانة وستنجهاوس الرحاب , صيانة وستنجهاوس الزمالك , صيانة وستنجهاوس القاهرة , صيانة وستنجهاوس حلوان , صيانة وستنجهاوس المعادى , صيانة وستنجهاوس الملك الصالح , صيانة وستنجهاوس بين السرايات , صيانة وستنجهاوس الزيتون  , صيانة وستنجهاوس حمامات القبة , صيانة وستنجهاوس القبة , صيانة وستنجهاوس الكوربة , صيانة وستنجهاوس المرغنى , صيانة وستنجهاوس حدائق القبة , صيانة وستنجهاوس الدمرداش , صيانة وستنجهاوس الاميرية , صيانة وستنجهاوس المطرية , صيانة وستنجهاوس حلمية الزيتون , صيانة وستنجهاوس الدرب الاحمر , صيانة وستنجهاوس المقطم , صيانة وستنجهاوس عابدين , صيانة وستنجهاوس باب اللوق, صيانة وستنجهاوس لاظوغلى , صيانة وستنجهاوس ارض شريف, صيانة وستنجهاوس باب الشعرية , صيانة وستنجهاوس الرحاب , صيانة وستنجهاوس العبور , صيانة وستنجهاوس الصحراوى , صيانة وستنجهاوس ابو رواش , صيانة وستنجهاوس دريم لاند, صيانة وستنجهاوس مول العرب , صيانة وستنجهاوس التجمع الخامس , صيانة وستنجهاوس التجمع , صيانة وستنجهاوس التجمع الثالث , صيانة وستنجهاوس 15 مايو , صيانة وستنجهاوس التجمع الاول , صيانة وستنجهاوس امبابة, صيانة وستنجهاوس ارض اللواء , صيانة وستنجهاوس المريوطية , صيانة وستنجهاوس المنصورية ,صيانة وستنجهاوس المرج , صيانة وستنجهاوس عزبة النخل , صيانة وستنجهاوس ماسبيرو , صيانة منشية ناصر , مصيانة وستنجهاوس مدينتى , صيانة وستنجهاوس الشروق , صيانة وستنجهاوس عمارات العبور

توكيل وستنجهاوس ,صيانة وستنجهاوس  ,مركز صيانة وستنجهاوس  ,صيانة ثلاجات وستنجهاوس  ,توكيل وستنجهاوس  فى مصر , توكيل وستنجهاوس الوكيل الرسمى ,ثلاجات وستنجهاوس  , صيانة غسالات وستنجهاوس  ,وستنجهاوس  مصر , غسالات وستنجهاوس  , ثلاجات وستنجهاوس , شركة وستنجهاوس  , غسالة وستنجهاوس  , فريزر وستنجهاوس ,لاندرى وستنجهاوس  ,مجففات وستنجهاوس  , اصلاح دراير وستنجهاوس  , اصلاح غسالات اطباق وستنجهاوس , الصيانة وستنجهاوس ,خدمة اصلاح وستنجهاوس  , جودة خدمة وستنجهاوس ,دليل اصلاح وستنجهاوس  ,خدمة وستنجهاوس  السريعة , اصلاح وستنجهاوس  القياسى,مركز اصلاح وستنجهاوس ,وستنجهاوس  صيانة موجهه,تصليح اجهزة وستنجهاوس ,صيانة منتجات وستنجهاوس  ,ضمان صيانة وستنجهاوس ,خلية صيانة وستنجهاوس  ,اعمال صيانة وستنجهاوس ,اصلاح وتشغيل وستنجهاوس  ,صيانة لوحة المتاح وستنجهاوس ,اصلاح اعطال وستنجهاوس  ,تعليمات صيانة وستنجهاوس ,ضمان صيانة وستنجهاوس  ,اصلاح اجهزة وستنجهاوس ,

0235699066||01112124913||0235710008 |||01060037840| || 01207619993

---------------------------------------------------------------------------------------------------------------------------------

I have a SQL table called transaction

This table would have entries employeeNo , field1, field2 , field3 ,...
I need to import the data from transaction and project unique Entries to FIM and AD
The data in transaction table would get an entry every time there is an update for any field for employee


Problem : 
When I import the data with unique Records as shown in the table for Batch 1 .. The record gets provisioned to AD and FIM with no issue

Asuming the next batch transaction were added Batch 2 as shown in the table 


I get an error for ambiguty ambiguous-import-flow-from-multiple-connector. I need a module in which i read the data from sql MA and delete the respective entry from table. 
For this structure I deleted the old records from batch1 and now I get error 

Microsoft.MetadirectoryServices.ObjectAlreadyExistsException: An object with DN "Emp1" already exists in management agent "MANAME".
   at Microsoft.MetadirectoryServices.Impl.ConnectorImpl.Commit()
The above error line number is provisioning code used to commit new connector for a MA when the number of connectors for the MA is 0.

I know why the above error already exist is comming, however i want it to join and not make a new connector. Join Rules are in place for EmployeeNo for this SQL MA and other MA.

I need to know if this kind of module can be implemented or not ? Where in I just read the transaction and next time update if already exist. 

Let me know if any questions.

Thanks in advance :)

Hi all

I'am having trouble deprovisioning users after they have been deleted/filtered from the source AD.

So this simple setup provisions users from Source AD into Destination AD, I only have 1 filter. Provisioning and updating works great, but when a user is deleted or the filtered attribute is removed from the Source AD the user is not deleted in the destination AD.

The user object is removed from the Destination ADs connector space and the metaverse, but not the destination ADs connector space and AD. The object remains at changes:ADD.

I have setup Object deletion Rule: Delete metaverse object when any of the following management agent is disconnected (Selected the Source AD)

and Destination AD MA Deprovisioning: Stage a delete on the next export to run.

Is there something I have missed?

Andre

Andre

After installing FIM 2010 R2 SP1 Reporting when I run a Start-FIMReportingInitialSync.ps1, I'm receiving a SQL connectivity error.  The topology is a dedicated FIM Service server and 4 server SCSM 2012 implementation:

1. FIM 2010 R2 SP1 Service (also has Service Manager Console installed)
2. SCSM Management Server
3. SCSM Management Server DB [remote]
4. SCSM DW Server
5. SCSM DW DB [remote]

The environment being installed into is very restrictive with both windows server firewalls and network firewalls between all servers. I'm trying to determine all the firewall port requirements.  Microsoft publishes this general reference for SCSM:https://technet.microsoft.com/en-us/library/hh495567.aspx.  However, in a less restrictive environment (that is working) I see TCP 1433 outbound traffic from FIM Service server to the remote SCSM DW DB server.  I understand the FIM Reporting sync process may be using the Service Manager API.  Does anyone have a reference to all the firewall ports needed for this process?

Dear All,

We've begun looking at MIM 2016, within an Exchange Server 2016 environment, but found the 'Exchange version detected' value comes up as Exchange 2010, is their a corrective process / update?

Thanks,

Hello,

I have an issue that I've been unable to find an answer for. 

In the event that someone is only using FIM 2010 Sync Service, How does one get language pack support? I get the sense that I need to install the full product just to get to end result which I am suspecting is French accent support for the Sync service. Is that true?

The issue that I am receiving is invalid-dn errors (Multiple values were specified for an attribute that can have only one value)for those with French accents such as é in their name and I am receiving dn-attributes-failure (The name reference is invalid) for those who's manager name contains the accent such as é.

For the users with the accent it also wants to place their English translated names in brackets. for example IF I had someone with the name Andrée.Smith the import in my Ad will look like Andrée.Smith(Andree.Smith). I really don't care about the accent, but it's in an AD I don't manage and would like to find away to correct this translation.

Any advice out there? I can provide more details if required.

Thank you in advance!

John

I'm building a MIM 2016 Solution for a customer.

When I enabled Exchange Mailbox provisioning I got no-start-ma on Mbox creation that was solved by updating to .NET 4.6 on the MIM Sync server.

I'm now doing Criteria based groups into AD and no-start-ma is back on Export when trying to update group membership. 

Anyone else encountered this and have a fix ? 

Hi

I am just wondering is it possible to define values of a drop down list in another xml file? So for example a customer can modife the values without modifying the RCDC itself.

I know that there is an option to use XmlDataSource in the beginning of RCDC, but that just allows to create a list values in the same xml file, not different.

I just wanted to let you know that my PowerShell MA has now moved to CodePlex. Get more information here - http://blog.goverco.com/2015/12/powershell-ma-now-on-codeplex.html

Thank you ... and Merry Christmas

P.S. If you are able, please support my Christmas cause this year - http://blog.goverco.com/2015/10/lets-help-children-this-christmas.html

Regards, Soren Granfeldt
blog is at http://blog.goverco.com | facebook https://www.facebook.com/TheIdentityManagementExplorer | twitter at https://twitter.com/#!/MrGranfeldt

Hi All,

I am using FIM2010 to do GAL Sync between two forest. One running Exchange 2010 and the other running Exchange 2013.

Lets name Forest A - Exchange 2010 and Forest B - Exchange 2013

When I migrate a user from Forest A to Forest B, The user account is still Active in Forest A.

When I do FIM Synchronization, The contact of the user in Forest A (Which is still available in this forest) gets created in Forest B even if the User Object is available in Forest B (The user was migrated).

My Question is : Is there a way for FIM to check if the user is available in the specified forest before creating its contact?

I am quite new to FIM and if someone has a resolution for this I would be immensely grateful.

Kind Regards,

Mathieu

hi,

My customer has challenging requirement. I would like to seek your valuable advice. Let me explain the situation first.

Their environment is using FIM2010 server to synchronize between Lotus Notes and Active Directory. Their domain is, let's called DomainA.

• They have one way forest trust to government forest.
• All users in DomainA are using workstations which are joined to DomainB.
• All of the application Servers are located in DomainA.
• So that everytime new user joins, government create user account, domainB\user1 in AD and they create one user account, user1 in Lotut Note.Then FIM will provision new user in AD (DomainA).
• When they want to grant permission for Application Server access, they add "DomainA\user1" to particular group in Lotus Notes group. FIM will sync updated group members to AD.
• But the tricky part is since user are using DomainB\user1 account, they still not able to access applications which is only granted to domainA\user1.
• So i am exploring the possibilities that can leverage on FIM for membership synchronization for domainB users. What I mean is if there is a group membership update in Lotus Notes, during synchronization to AD, I want to add not only DomainA\user1 but also DomainB\user1 (btw their user name is same). Is there a way I can control group membership synchronization for this activities by using extension code? (Government doesn't allow FIM to connect their AD directly)
  
• Another option what i can think of is export connector space data to xml and look for membership updates. Then use powershell to read it and update in AD. But I believe this is a tedious job. I really appreciate your advice.

Plagiarism checkers are wonderful tools to hit upon plagiarism in files. However, you need to remember the fact that they can not access password protected areas or some thing that isn't always in their databases.

Try this to get allhttp://www.plagiarism-checker.me/