Are you the publisher? Claim or contact us about this channel


Embed this content in your HTML

Search

Report adult content:

click to rate:

Account: (login)

More Channels


Showcase


Channel Catalog


Channel Description:

This forum is for IT Professionals who have questions/issues or other feedback about Forefront Identity Manager (FIM) 2010 suite

older | 1 | .... | 179 | 180 | (Page 181) | 182 | 183 | .... | 204 | newer

    0 0

    Hi,

    i need to implement a workflow of notification, to be sent when an attribute change the value. i need to display the old value and the new value. i did these steps:

    1. create a new mail Template

    2. create a workflow of notification as below: use the mail Template to be sent to a specific adress

    3. create an MPR as below:

    - Requestors : all objects

    -Operation : modify a single valued attribute

    -target resources: all people

    - resource attribute:  select specific attribute

    then, select the created workflow.

    When the attribute selected is changed, i receive the notification, but it shows only the new value ? how can i do to have the old value too?

    Regards.


    0 0
  • 11/07/16--12:31: Custom Set in FIM
  • Hi,

    i need to configure a set in which i put all user with specific Distingushed name.. in FIM i don't have the operator "contain"

    how i can have the needed result ?

    Regards.


    0 0

    MIM2016 SP1 (version 4.4.1237.0) PCNS services terminated after installed on W2012R2 domain controllers with below ERROR in event log.

    Log Name:      Application
    Source:        PCNS Filter
    Date:          11/8/2016 1:58:35 PM
    Event ID:      6004
    Task Category: Error
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      SGDC1INFMSWP03.apll.com
    Description:
    The Password Change Notification service executable "C:\Program Files\Microsoft Password Change Notification\pcnssvc.exe" failed while verifying the file signature. The service will not be started and password notifications will not be sent. pcnsfltapi.cpp (525): A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

    pcnssvc.exe pcnsfltapi.cpp failed while verifying the file signature

    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="PCNS Filter" />
        <EventID Qualifiers="49152">6004</EventID>
        <Level>2</Level>
        <Task>4</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2016-11-08T05:58:35.000000000Z" />
        <EventRecordID>5888</EventRecordID>
        <Channel>Application</Channel>
        <Computer>SGDC1INFMSWP03.apll.com</Computer>
        <Security />
      </System>
      <EventData>
        <Data>pcnsfltapi.cpp (525): </Data>
        <Data>A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
    </Data>
        <Data>C:\Program Files\Microsoft Password Change Notification\pcnssvc.exe</Data>
        <Binary>09010B80</Binary>
      </EventData>
    </Event>


    0 0

    In the documentation describing "FIM 2010 R2 Portal Customization" https://technet.microsoft.com/en-us/library/jj134312(v=ws.10).aspx I cannot see if it is possible to set one of the Portal Strings to be empty.

    We would like to set the following:

       FinalizeRegistrationSubHeading1 - To contain custom text
       FinalizeRegistrationSubHeading2 - To be blank
       FinalizeRegistrationSubHeading3 - To be blank

    I have tried the following but the empty <value></value> errors and therefore none of the custmisations are applied.  Same result with just a space.

      <data name="FinalizeRegistrationSubHeading1" xml:space="preserve">
        <value>Click on the 'Problems Logging In?' link from your Windows login screen</value>
      </data>

      <data name="FinalizeRegistrationSubHeading2" xml:space="preserve">
        <value></value>
      </data>

      <data name="FinalizeRegistrationSubHeading3" xml:space="preserve">
        <value></value>
      </data>
     
    Thank you,
    Alastair.


    0 0
  • 11/09/16--04:27: MIM Installation error
  • Hello All,

    I was doing a fresh insatllation of MIM 2016, but facing issues with the group creation. 

    Please see the screen shot below and help!!

    Regards,

    SUman


    0 0

    I have several MA's that need to call the same password exstention code. In the exstention code I want to determine which MA is calling. When I try to access csentry.MA.Name I get "system.invalidoperationexception: MA property not supported"

    Is it possible to determine the MA name that is calling the code.



    0 0

    Hi,

    Just installed a new MIM Reporting instance and noticed that, although the reports for FIM are there, the data warehouse jobs are missing (Extract_DW_FIMReporting and Extract_FIMReporting).

    Anyone else seen this? Do I need to re-run the install to get them in place or is there another option?

    Many thanks in advance for any guidance!


    0 0

    Hope this is the right alias...

    I'm trying to figure out the DN of where an object originates from within my extension and can't seem to find public access. Looking at the object in QuickWatch, I can see it in:

    ((Microsoft.MetadirectoryServices.Impl.ReadOnlyConnectorServices)((Microsoft.MetadirectoryServices.Impl.BaseMVServices)((Microsoft.MetadirectoryServices.Impl.MVEntryImpl)mventry).m_ProvisionerServices).m_rgConnectorServices[0]).m_pstrOriginalDN

    Example value: OU=Domain Controllers,DC=ContosoRead,DC=com

    However, because it is "Non-public" I am not access it.

    Anyone have any idea?

    Thank you,

    David


    David Downing


    0 0

    Hello, I have a Gemalto smart card, that according to the MIM CM portal, is disabled and the certificate revoked (see screen print).  However, we are still able to logon to numerous network attached Windows 7 workstations with the card.  This is obviously not the expected behavior since the card is disabled and the certificate revoked. 

    Is there some type of pause between when MIM disables the card vs. when the CA (AD CS) sees that the cert is revoked.  If there is a pause, how can we reduce this time to make it immediate?  The bottom line is that we want to disable the card and immediately prevent the user from being able to logon with it.  



    0 0

    When my extension is being called, is it possible to determine if the object represents a built in object?

    "Domain Admins" for example

    Thank you,

    David


    David Downing



    0 0

    I'm trying to update a user/person where the initials have changed however the changes never sync. In addition, my initial sync doesn't persist all the user/person attributes. I found a reference to "CreateOnlineUpdateContentChangeRequest", however I can't seem to find the CLMUtils.dll for a reference.

    Can someone shed some light on how updates are implemented?

    Thank you,

    David


    David Downing


    0 0

    I'm working with MIM 2016 SP1, testing out the Exchange Online support for the MIM Service account.  I'm trying to install the MIM Add-ins and Extensions on a Windows 10 Enterprise (Anniversary) client that has Office 2016 Pro Plus installed on it.

    During the installation, I get the error "Microsoft Forms/Smart Tags .Net Programmability Support or RegAsm.exe" when running the installer.  With the MSI version of Office, I could have added that support to Outlook through the Change installation option in Programs and Features, but with Office Pro Plus, that is not an option.

    Any suggestions on how to get this working?

    Thanks,

    Marc


    Marc Mac Donell, VP Identity and Access Solutions, Avaleris Inc.
    http://www.avaleris.com


    0 0

    Hi,

    I'm upgrading a FIM environment on Server 2008 to a new MIM environment on 2012.

    I've installed MIM SP1 on the new 2012 server and copied the FIM database up to the new SQL server. It was my hope that I could re-run the MIM installation in either "change" or "repair" mode to update the database but the installation returns an error that the database version isn't the one that it was expecting.

    The only workarounds I found were:

    1. Uninstall MIM and re-install completely against the FIM database.

    2. Update the database version in the fim.Version table to allow the "change" installation to proceed. (This is probably unsupported and I'm not sure if it would do all of the DB updates that MIM needs, but the portal and sync seem to be fine.)

    3. Haven't tried this yet, but I could upgrade the FIM environment to MIM and then move the databases over. (Though the client is a little cagey about this approach.)

    Is there a better approach that I am overlooking?

    Thank you for any ideas.


    0 0

    When I get some time i'll try and validate this. But my concern is that in the MIM Portal Schema -> creating an attribute, using it, then deleting the attribute, and creating one with the same name (different data type) breaks the MIM Reporting on SCSM.

    You might ask, "why the hell would you do this?" My answer is, when trying to use said attribute "AccountExtension" in DEV as a String data type, doesn't bode well with RCDC that use integer like values in their UoCDropDownList options E.g. :

      <my:Control my:Name="AccountExtension" my:TypeName="UocDropDownList" my:Caption="{Binding Source=schema, Path=AccountExtension.DisplayName}" my:Description="{Binding Source=schema, Path=AccountExtension.Description}"  my:RightsLevel="{Binding Source=rights, Path=AccountExtension}">
            <my:Options>
              <my:Option my:Value="7" my:Caption="1 week" my:Hint="7 days"/>
              <my:Option my:Value="14" my:Caption="2 weeks" my:Hint="14 days"/>
              <my:Option my:Value="21" my:Caption="3 weeks" my:Hint="21 days"/>
              <my:Option my:Value="30" my:Caption="1 month" my:Hint="30 days"/>
              <my:Option my:Value="60" my:Caption="2 months" my:Hint="60 days"/>
              <my:Option my:Value="90" my:Caption="3 months" my:Hint="90 days"/>
            </my:Options>
            <my:Properties>
              <my:Property my:Name="Required" my:Value="{Binding Source=schema, Path=AccountExtension.Required}"/>
              <my:Property my:Name="ValuePath" my:Value="Value"/>
              <my:Property my:Name="CaptionPath" my:Value="Caption"/>
              <my:Property my:Name="HintPath" my:Value="Hint"/>
              <my:Property my:Name="ItemSource" my:Value="Custom"/>
              <my:Property my:Name="SelectedValue" my:Value="{Binding Source=object, Path=AccountExtension, Mode=TwoWay}"/>
            </my:Properties>
          </my:Control>

    When having this defined for a string data type for AccountExtension, it breaks the UocDropDownList behavior and gives unexpected results (like summary table showing a deletion when it's actually being set, and values not being translated to their corresponding captions)

    Therefore I deleted the attribute and turned it into an integer data type with the same name. Now my RCDC works, but Reporting broke.


    0 0
  • 11/19/16--13:59: Import filter
  • Hi,

    We are using FIM 2010 to sync several sources into a single AD. One of these sources is a Oracle DSEE (ie IPlanet Server).

    We want to only import and sync selected entries in a important tree. Importing all of the DSEE directory is using a lot of time and CPU/Memoy/Disk. So we want to only import entries which could be selected with a simple filter.

    On 15000 entries, only 500 are usable.

    We trying to use the connector filter in the MA configuration but it seems to only filter entries on the sync step.

    How could we IMPORT only the good entries ?

    BR,


    Emmanuel IT


    0 0
  • 11/19/16--15:15: Self Service Apps
  • Is Microsoft creating its own self service app (for reset and unlock AD accounts),  for mobile devices? or maybe it already exists?    I found many companies providing self services, but I wonder if there is any official app from Microsoft.     I found specifically a tool called call2unlock  (www.call2unlock.com)   that makes everything using a IVR, phones and SMS.  But you have to have a PBX in your company  (I know most companies have PBX), but in my particular case we don't.

    Thanks

    Seth Bochini

    Systems Administrator


    0 0
  • 11/20/16--06:42: FIM upgrade to MIM
  • Hello All,

    I have a requirement where i need to upgrade existing FIM envirornment to MIM.

    Actually i have a doubt regarding the synchronization encryption key. I want to know if we use the existing configuration (FIM) encryption key while installing MIM will that restore all the MPRs,Sets,SYnc rule and workflows that are ther in the existing portal? Please confrim.

    Regards,

    Suman


    0 0
  • 11/20/16--13:14: Delta import with DSEE
  • Hi,


    When trying to use the delta import feature with a DSEE (IPlanet/Sun Directory Server), we always get the error "no-start-full-import-required".

    "ChangeLog enabled" is set to true, which should indicate that that changelog diff detection should work.

    What could be wrong ?

    BR,


    Emmanuel IT


    0 0

    Hi,

    We know there is a way to customise the branding and titles in the SSPR registration and reset IIS portals.

    But is there a way to customise the branding and titles in the actual MIM SSPR add-ins and extension client?

    Thanks,

    SK


    0 0

    Hi,

    We are deploying the MIM add-ins and extension SSPR client and our URLs are running on HTTPS.

    So do we only need to ensure that TCP:443 is open between the client workstations and the SSPR Registration and Reset Portals?

    Thank you,

    SK


older | 1 | .... | 179 | 180 | (Page 181) | 182 | 183 | .... | 204 | newer