Are you the publisher? Claim or contact us about this channel


Embed this content in your HTML

Search

Report adult content:

click to rate:

Account: (login)

More Channels


Showcase


Channel Catalog


Channel Description:

This forum is for IT Professionals who have questions/issues or other feedback about Forefront Identity Manager (FIM) 2010 suite

older | 1 | .... | 155 | 156 | (Page 157) | 158 | 159 | .... | 204 | newer

    0 0

    Hello All,

    I am trying to start User Profile Synchronization service but having no luck. It stucks at 'starting' status.

    I am running the UPS service as Farm Account.

    Farm Account is a member of local Administrator group.

    I have tried several approaches but none seems to be working. Provide suggestions.


    0 0

    Hi,

    Please I need help, because I cannot see information about my users in MIM 2016 Portal, however when I query the FIMSynchronizationService database, I can see that the information in the Attributes are inserted.

    MIM Portal:

    FIMSynchronizationService DB:

    Could you help me please to know, why I can't see the users in the MIM Portal?

    Thank you Guys.


    0 0

    Hello all,

    I figured out that my Forefront Identity Manager service is not running.

    

    Is it the reason because of which I am unable to interact with the FIM portal through code.


    0 0

    I'm having an issue with MIM AD Group  members get dropped off from MIM sync , when particular user not in same AD containers that MIM is connected . seems to me MIM is not ware of this users not in other OUs!!

    Is there any workaround to manage AD Groups members  that not a MIM user?

    Thanks in advance .


    CJ




    0 0

    Hi

    I want to sync user account password between two diffrent forest without trust.

    after I searched In internet ,I found some DOC In technet with MIM 2016 Guide in order to run this senario ,I tryed but It dose not work,

    I really stuck and dont know how to solve it,

    you will be kind enought if you help me.

    thanks


    0 0

    Hi everyone,

    i have a very basic but fundamental question regarding the MIM sync engine. We have successfully launched MIM company-wide and are very happy with the results. However, we recently did a code review for all our Rules Extensions (Import and Export) and found that there is some kind of inconsistency:

    Sometimes we use Export-Flow to do a specific task in one MA and then an Import-Flow for the same task in another MA. Thats something we want to fix asap.

    I give you an example:

    If we want to disable an Active Directory Account based on the employement-state which is coming from our HR-MA, we have two options:

    Option 1: Set "userAccountControl" (CS-Attribute) on the Export-Flow of the AD-MA
    In this szenario, we are checking the mventry["employementState"] during export-run and set the csentry["userAccountControl"]-Attribute. Next time the Import from AD-MA would then write the "userAccountControl"-Attribute into the"userAccountControlADMA1"-Attribute in the Metaverse.

    Option 2: Set "userAccountControlADMA1" (Metaverse-Attribute) on the Import-Flow of the HR-MA
    This time, we set the Metaverse-Attribute "userAccountControlADMA1" based on the csentry["employementState"] inside the import-run of our HR-MA. This would simply export the new "userAccountControl"-Value to the AD-MA on the next export-run.

    From what i understand, both are options that should work fine. However, what is the best practice option here?Check the Metaverse on Export to AD-MA or set the Metaverse-Attribute on Import from HR-MA?

    Many of you should have done this in either one of those ways. What are your experiences and suggestions? 
    Or am i not getting something fundamental here? :)

    Regards,

    Timo


    0 0

    I have created policies that managers can add users to groups. The problem is that this is working only when the group's join restriction is owner. If the join restriction is set to None, then the manager gets access denied error and can't add user to a specific group.

    What could be the problem?


    0 0

    I am try to import  galsync  Management  agent in my lab machine unable to do it  getting this error 

    "Object Reference Not Set To An Instance Of An Object"


    0 0

    http://www.microsoft.com/en-us/download/details.aspx?id=41164

    We are sorry, the page you requested cannot be found.
    The URL may be misspelled or the page you're looking for is no longer available.

    0 0
  • 04/27/16--09:57: Custom DLL - fails to load
  • Hello,

     I've taken the default GALSync source code from the FIM server and copied it to my PC as described in the blog below. I've renamed the project and assembly to ContosoGAlsync.

    http://social.technet.microsoft.com/wiki/contents/articles/4418.how-to-customize-targetaddress-on-export-attribute-flow-in-galsync.aspx

    I've then open the project solution using Visual Studio 2012 and added references for: 

    Microsoft.MetadirectoryServicesEx.dll
    Microsoft.MetadirectoryServices.dll
    Logging.dll

    I've then compiled my project on my local PC and then copied ContosoGalSync.dll to my FIM server. I've then added the rules extension to the GALSyncMA for ContosoGalSync.dll and within the Synchronization service options.When I run my GALSync MA, I'm now hitting an error:

    The required rules extension ContosoGalSync.dll could not be loaded. Verify that the rules extension is located in the extensions directory. User Action  Verify that the rules extension is located in the Extensions directory. If the extension is present, confirm that the version of the .NET framework  that can run the extension is installed on the server and that a supportedRuntimes  entry in the configuration files specifies that version. The synchronization  engine will not be able to load an extension that is built with a newer version  of the .NET framework than the version of the .NET runtime it is hosting.

    Should I be able to take the default GALSync code, recompile it using VS 2012 and then re-run the GALSync MA without any issues?

    Thanks


    0 0
  • 04/27/16--11:38: MIM 2016
  • Im trying to deploy MIM 2016 Add-ins and extensions via sccm 2012. The command I am trying is

    msiexec /i "Add-ins and extensions.msi" /quiet ACCEPT_EULA=1 ADDLOCAL=PasswordClient RMS_LOCATION=coavmim02.xxxxxx.intranet REGISTRATION_PORTAL_URL=http://passwordregistration.xxxxxx.intranet

    Can someone tell me whats wrong with my command?  Trying to install without MIM Add-in for Outlook.


    0 0

    Is there any best practises or something how to Hot Fix FIM? What backups should I take, what account should I use and so on?


    0 0

    Hi,

    I'm trying to get a grasp of using MPRs, Workflows, Sets to manage users from the FIM portal, instead my current method of using rules extensions.  When trying to define a workflow, using a sync rule action, the drop down to select the sync rule only shows the inbound sync rules.  Why not the outbound ones.  That's the one I need to select.

    I didn't see any settings in the portal that looked to control this.  Is there a configuration value somewhere that needs to be changed?

    Thanks,

    Greg


    0 0

    Hi,

    Have just deployed MIM Sync and MIM Service/Portal. Definitely did not deploy MIM Reporting.

    Why does the MIM installer deploy these jobs if they are not required?

    - FIM_CheckAndUpdateReportingJobStatusJob    
    - FIM_TerminateStuckRequestsJob
    - FIM_ScheduleReportingIncrementalSynchronizationJob    
    - FIM_TruncateExportLogJob

    Thanks.


    0 0

    I have setup MIM on SharePoint 2013 with a domain account eg dom\AccntA. After installation when I try to open the portal, I get an error "service not available". I changed web.config to show me a bit more of a meaningfull error:

    --------------------------------------------------

    Object reference not set to an instance of an object.
    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.NullReferenceException: Object reference not set to an instance of an object.

    Source Error:

    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

    Stack Trace:


    [NullReferenceException: Object reference not set to an instance of an object.]
       Microsoft.IdentityManagement.WebUI.Controls.UICacheUtils.GetCacheKey(CacheKey key) +266
       Microsoft.IdentityManagement.WebUI.Controls.UICacheUtils.RetrieveFromCache(UserNonSharedKey key) +25
       Microsoft.IdentityManagement.WebUI.Controls.NavigationBarConfigurationModel.RetrieveSiteNodeFromCache() +96
       Microsoft.IdentityManagement.WebUI.Controls.NavigationBarProvider.BuildSiteMap() +87
       Microsoft.SharePoint.WebControls.AspMenu.GetEditableSiteMapProvider(SiteMapDataSource dataSource) +43
       Microsoft.SharePoint.WebControls.AspMenu.AdjustForProviderMaximumDepth() +59
       Microsoft.SharePoint.WebControls.AspMenu.OnPreRender(EventArgs e) +46
       System.Web.UI.Control.PreRenderRecursiveInternal() +175
       System.Web.UI.Control.PreRenderRecursiveInternal() +272
       System.Web.UI.Control.PreRenderRecursiveInternal() +272
       System.Web.UI.Control.PreRenderRecursiveInternal() +272
       System.Web.UI.Control.PreRenderRecursiveInternal() +272
       System.Web.UI.Control.PreRenderRecursiveInternal() +272
       System.Web.UI.Control.PreRenderRecursiveInternal() +272
       System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6785

    Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.6.1069.1

    --------------------------------------------------

    but it still doesn't mean a thing to me.

    Eventviewer shows an ASP.NET error:

    Event code: 3005
    Event message: An unhandled exception has occurred.
    Event time: 4/29/2016 2:27:24 PM
    Event time (UTC): 4/29/2016 4:57:24 AM
    Event ID: ffba74342d674de691794a14a92f76cf
    Event sequence: 8
    Event occurrence: 2
    Event detail code: 0
     
    Application information:
        Application domain: /LM/W3SVC/39381490/ROOT-1-131063786362477129
        Trust level: Full
        Application Virtual Path: /
        Application Path: C:\inetpub\wwwroot\wss\VirtualDirectories\82cdc9554c-50b9-4a20-bede-f2cd6a8ae01c\
        Machine name: <PORTAL SERVERNAME>
     
    Process information:
        Process ID: 1848
        Process name: w3wp.exe
        Account name: domain\SVC_SharePoint
     
    Exception information:
        Exception type: NullReferenceException
        Exception message: Object reference not set to an instance of an object.
     

    Could it have something to do with the domain\SVC_SharePoint referenced or the fact that it is Microsoft .NET Framework Version:4.0.30319 and ASP.NET Version:4.6.1069.1?

    Thanks

     


    0 0

    I need to do a dropdown menu which should contain at least 100 (company names) values. What is best way to do that? It should be quite easily upgradeble and should also give a good user experience.

    Or should I think a whole new resource for that?


    0 0

    Hi All,

    I have deployed a MIM 2016 Sync-Service server with SQL 2014 on a seperate server. I am trying to make a test Management Agent, following the link below, but 

    mmsmafim: MIIS.ManagementAgent.ManagedMACredentialFailureException: Failed to connect to the specified database with the given credentials.
       at MIIS.ManagementAgent.RavenMA.InitializeConnection(XmlNode connectionInformationNode, XmlNode encryptedAttributeNode, Boolean runInitialization)
       at MIIS.ManagementAgent.RavenMA.UIInitialize(String pszInitString, Int32& pfValid, String& ppszResult)

    However, the credentials I use (the account running the FIM windows service) is correct, it has dbowner rights on the created database in SQL. Can login to either the MIM or the SQL Server with the account, etc. What am I missing? No time skew on the servers.

    https://technet.microsoft.com/en-us/library/mt219040.aspx (Configure MIM Sync to Synchronize from Active Directory to MIM Service)


    0 0

    Hi,

    Looking at this article: https://www.linkedin.com/pulse/microsoft-announces-retiring-identity-access-richard-blackham

    A number of my clients have decided to stop their current FIM/MIM projects and re-evaluate other IDM vendors and products.

    So based on this, I assume there will be no subsequent MIM product release?

    Any new IT people should not bother learning MIM?

    Any existing FIM/MIM IT people should start looking at other specialisations/vendors as their job is on the line?

    This is rather sad...

    what are your thoughts on this announcement?


    0 0

    Hi,

    I have 2 Exchange 2010 forests, let's say contoso and widgets. I'm using the Out of the box GALSync MAs with some code adjustments. I have a requirement to set the AD mail attribute in each forest to something other than the primary SMTP and I have written some code to manipulate the mail attribute upon import into the MV as below.

    The code checks whether a user is in scope for processing and then returns an appropriate @contoso.com address from the proxyAddresses before setting the mail target. This works fine for importing addresses into the MV, I can see the correct address is modified in the MV and the logs show the mail attribute as being of type @contoso.com.

    Case "ChangeMailTarget"
                        searchedaddress = SearchForContosoAddresses(csentry("proxyAddresses").Values.ToStringArray, "@contoso.com")
                        Select Case csentry.ObjectType
                            Case USER
                                'Check user is in scope for processing
                                If (Len(searchedaddress) > 1 And CheckUserScope(csentry("sAMAccountName").Value)) Then
                                    'set the mail attribute
                                    Log("Setting AD mail atrribute for user " & csentry("sAMAccountName").Value.ToString & " as " & searchedaddress)
                                    'set the AD mail attribute
                                    mventry(MAIL).Value = searchedaddress
                                Else 
    'Use default values
                                    mventry(MAIL).Value = csentry(MAIL).Value
                                End If


    Upon export, there are no errors, but I hit an error on import whereby the change is not imported. In the target AD the mail attribute is not set correctly.

    Please advise how I can get the mail attribute to set correctly. I can't use the suggestion below as I don't want to set the primary SMTP.

    http://social.technet.microsoft.com/wiki/contents/articles/16506.troubleshooting-galsync-exchange-2010-provisioning-updating-mail-attribute-error-exported-change-not-reimported.aspx

    Thanks in advance



    IT Support/Everything


    0 0
  • 05/03/16--02:56: Issues with attribute flow
  • Hello,

    We are having synchronization issues of an attribute value for few records in our FIM 2010 R2 environment.

    Scenario
    X in Connector space(CS) is mapped to Y of Metaverse(MV) via rules extension.
    The record which has issue is already joined to MV without the value Y as X is not present in CS.
    Now we have new value for X coming from source.The new value comes to CS on FI as an update.
    After Delta Synch X doesn't flow to Y in MV and CS record does not have any add/modify but "none" indicating that the update is Synchronized.
    No issue in the rule as on Preview -Full Synch the value flows from X to Y.

    Full Import and Delta Synch are run in two steps

    Why is X not flowing to Y on Delta Synch?



older | 1 | .... | 155 | 156 | (Page 157) | 158 | 159 | .... | 204 | newer