Quantcast
Channel: Forum Microsoft Identity Manager
Viewing all 4767 articles
Browse latest View live

Why is not the connector existing

0
0

Hello!

I only use the Synchronization Service and no Portal.
I have three agents HR, AD and Phone. The two HR and AD are just simple database and no real AD and HR

Five object in HR are the same as five in AD.

I run these profiles
Full Import for agent HR so the CS contains the Data
Full Sync HR which call the provision which create Phone object that links to MV object

Full Import AD so the CS contains the AD data
Full Sync AD which call the provision for Phone and when I check the debugger I can see that targetAgent(se code below) is 0 but I mean that this should be 1 because when run full sync on HR I created a connector between the created Phone object and the MV. If I do search Connector space for Phone I can see that the Connector is True for all 10 objects.

//Here is the code that provision Phone
void ProvisionPhone(MVEntry mventry)
        {
            CSEntry csentryKatalog;
            ReferenceValue dn;
            int connectorsSourceSystem = mventry.ConnectedMAs["Projekt - Personal"].Connectors.Count;
            if (connectorsSourceSystem == 0)
            {
                connectorsSourceSystem = mventry.ConnectedMAs["Projekt - AD"].Connectors.Count;
            }
            ConnectedMA targetAgent = mventry.ConnectedMAs["Projekt - Phone"];
            
            if (connectorsSourceSystem >= 1 && targetAgent.Connectors.Count == 0)
            {
                dn = targetAgent.CreateDN(mventry["personnummer"].Value);
                csentryKatalog = targetAgent.Connectors.StartNewConnector("Katalog");
                csentryKatalog.DN = dn;
                csentryKatalog["MAID"].Value = mventry["personnummer"].Value;
                csentryKatalog.CommitNewConnector();
            }

//Tony


Run two full sync after each other

0
0

Hello!

I only use the Synchronization Service and no Portal.
In this example I have two agents HR and Phone. The two HR and Phone are just simple databases

I run these profiles
Full Import for agent HR so the CS contains the Data
Full Sync HR which call the provision which create Phone object that links to MV object

Now when I run Full Sync HR a second time I can see that the provision is create the Phone connector again which
I find strange. So my question is why is not this variable targetAgent.Connectors.Count equal to 1 telling me that you already have a connector

//Here is the code that provision Phone
void ProvisionPhone(MVEntry mventry)
        {
            CSEntry csentryKatalog;
            ReferenceValue dn;
            int connectorsSourceSystem = mventry.ConnectedMAs["Projekt - Personal"].Connectors.Count;
            if (connectorsSourceSystem == 0)
            {
                connectorsSourceSystem = mventry.ConnectedMAs["Projekt - AD"].Connectors.Count;
            }
            ConnectedMA targetAgent = mventry.ConnectedMAs["Projekt - Phone"];
            
            if (connectorsSourceSystem >= 1 && targetAgent.Connectors.Count == 0)
            {
                dn = targetAgent.CreateDN(mventry["personnummer"].Value);
                csentryKatalog = targetAgent.Connectors.StartNewConnector("Katalog");
                csentryKatalog.DN = dn;
                csentryKatalog["MAID"].Value = mventry["personnummer"].Value;
                csentryKatalog.CommitNewConnector();
            }

//Tony

Migrating MIM between environments

0
0

Hi,

We have a MIM Sync & Portal deployed and working in Production.

We are deploying a new DEV & TEST environment, and would like to backup and restore the Production MIM into these new environments.

Is this sufficient?

  • Backup FIMService and FIMSyncService databases in Prod
  • Deploy MIM base in DEV & TEST environments (same version of MIM as Prod)
  • Restore FIMService and FIMSyncService databases in DEV & TEST environments
  • Copy any custom PowerShell add-ins/modules, scripts
  • Copy contents of C:\Program Files\Microsoft Forefront Identity Manager\2010\Synchronization Service\Extensions across to DEV & TEST

Anything else?

Thank you.


FIM/MIM in the SaaS world - syncing attributes to SaaS apps

0
0

We've got a lot of data (employee licenses / charge out rates / first aid certifications / etc) that we would like to synchronize between multiple systems.  I was looking at the REST capabilities of MIM, but MIM seems to be emphasized as a on-premise solution, and Azure AD as the cloud solution.

My concern is that a lot of the data I'd like to replicate isn't appropriate to put into Azure AD, and Azure AD doesn't really need to know about it.  With FIM, I can synchronize attributes only to the data sources that need them (so our HR System <-> Payroll system for example, without going to the AD data source).

Does Azure AD have a metaverse-style repository for this purpose? I'm not sure if I've articulated this very well...

chinese folder creation

0
0

Hi,

There is this concern about a folder has been created in my users directory with Chinese name. This happened after I installed MIM 2016 in my server.

Does anyone have any idea about it.

Thanks

Use extensionAttributes for filtering users in MIM 2016

0
0

Hi, 

i set up a new installation of MIM 2016 for User Profile Sync with SharePoint 2016.
The customer wants to filter out active directory users which have a value in "extensionAttribute10".

I tried to create a new connector filter, but i don't find these extensionAttributes to filter:

Maybe because it's an Exchange Attribute? Is there another possibility?

Best regards,


MIM 2016 PAM MFA and SharePoint 2016 Server

0
0

Hello Experts,

I am working on PAM deployment and would appreciate if you could assist me in solving some of my queries:

1) MIM/PAM SharePoint 2016 High Availability

We are planning to use SharePoint 2016 servers for MIM 2016 deployment for PAM to allow users to request access through GUI. With SharePoint 2013 foundation (free), it was simple to just install SharePoint component on each server. SharePoint 2013 mainstream support is ended this year so management does not want to go with SharePoint 2013. 

Could anyone of you please advise if we should go with SharePoint Farm deployment with 2 FE and 1 clustered SQL Instance as the backend for MIM Portal or should be installed SharePoint 2016 standalone on each MIM portal server? 

2) PAM MFA (Bastion Forest)

We Install PAM in bastion forest and it is recommended to integrate MFA with PAM to provide an extra layer of security. Do we need to sync bastion forest users with the Azure portal using AD Sync to assign them the Premium license for PAM MFA Authentication or would it work without Syncing their bastion forest accounts with Azure?

Thanks!

Support of Intergration with 2016 Domain Controller

0
0

Hello,

I can't seem to find a definitive response as to whether FIM 2010 R2 SP1 Supports integration with a 2016 Domain Controller?

Can anyone answer this?

Thanks


Mandatory attributes and Drop down menu

0
0

HI ALl,

Need some help.

I have customer who wants to mark few attributes as mandatory while creating users in MIM portal. Also, customer wants us to convert few field like Regions as drop down menu and not direct string value.

Thanks in advance

Show all users per default

0
0

Hi,

i noticed that on some pages, MIM already does an "empty" search, showing all results when visiting a page.

I would also like to enable this for the Users page. I want to list all users that a person can see when he/she selects "Users" in the navigation bar, just like if an empty search was made

Thanks in advance

Regards

Exporting multi-valued attributes from FIM to a csv file with ; seperated

0
0

Hi All,

How to export the multi valued attributes from FIM into a csv file with values separated  by ;.

Like if we want to export a single valued attribute, we can acheive the same with the below command

 $Attribute_Name = (($i.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "AttributeName "}).Value)

how can we perform the same for multi values attributes like secondary owners of a group where we have multiple values and we need to export into a single column of a csv file with each owner seperated by ;

Thank you

-Rajesh


Rajesh

Is It possible to access/read mim portal metaverse (person,group ) from ecma 2.2 MA.

0
0
Hi Scholars,I am new to MIM 2016.I wanted to know if there is any way to access the portal metaverse by using ECMA 2.2 MA.My requirement is end user will create new user using portal and this newly created user will be created to some other third party db using rest post request.I can consume the api in ECMA 2.2 MA but not sure how i can pass the metaverse person object to my MA and read it to form the post request.

Download link to FIM 2010 KB 2926490

0
0

any one know where I can get KB2926490 for FIM 2010?  it's no longer available from Microsoft

Thanks

Who will be announced as the next FIM Guru? Read more about November 2018 competition!!

0
0

What is TechNet Guru Competition?

Each month the TechNet Wiki council organizes a contest of the best articles posted that month. This is your chance to be announced as MICROSOFT TECHNOLOGY GURU OF THE MONTH!

One winner in each category will be selected each month for glory and adoration by the MSDN/TechNet Ninjas and community as a whole. Winners will be announced in dedicated blog post that will be published in Microsoft Wiki Ninjas blog, a tweet from the Wiki Ninjas Twitter account, links will be published at Microsoft TNWiki group on Facebook, and other acknowledgement from the community will follow.

Some of our biggest community voices and many MVPs have passed through these halls on their way to fame and fortune.

If you have already made a contribution in the forums or gallery or you published a nice blog, then you can simply convert it into a shared wiki article, reference the original post, and register the article for the TechNet Guru Competition. The articles must be written in November 2018 and must be in English. However, the original blog or forum content can be from beforeNovember 2018.

Come and see who is making waves in all your favorite technologies. Maybe it will be you!


Who can join the Competition?

Anyone who has basic knowledge and the desire to share the knowledge is welcome. Articles can appeal to beginners or discusse advanced topics. All you have to do is to add your article to TechNet Wiki from your own specialty category.


How can you win?

  1. Please copy/Write over your Microsoft technical solutions and revelations to TechNetWiki.
  2. Add a link to your new article on THIS WIKI COMPETITION PAGE (so we know you've contributed)
  3. (Optional but recommended) Add a link to your article at the TechNetWiki group on Facebook. The group is very active and people love to help, you can get feedback and even direct improvements in the article before the contest starts.

Do you have any question or want more information?

Feel free to ask any questions below, or Join us at the official MicrosoftTechNet Wiki groups on facebook. Read More about TechNet Guru Awards.

If you win, people will sing your praises online and your name will be raised as Guru of the Month.


PS: Above top banner came from Syed Shanu.




Thanks,
Kamlesh Kumar

If my reply is helpful please mark as Answeror vote as Helpful.

My blog | Twitter | LinkedIn

MIM Powershell Management Agent Error in "End Import" Script

0
0

I migrate my Powershell Management Agent from an older Version and get an error in the "End Import" script part.
The script run successfully in Version:
FIM Powershell Management Agent Version 4.3.1082.0

Now I tried these versions:
MIM Powershell Management Agent Version 1.1.830.0 and Version 1.1.8610

The script is quit simple
[CmdletBinding()]           
param(               
    [Microsoft.MetadirectoryServices.ConfigParameterKeyedCollection]    
    $ConfigParameters,
   
    #[ValidateNotNull()]           
    [Microsoft.MetadirectoryServices.OpenImportConnectionRunStep] $OpenImportConnectionRunStep, 

    #[ValidateNotNull()]           
    [Microsoft.MetadirectoryServices.CloseImportConnectionRunStep] $CloseImportConnectionRunStep,         
               
    [PSCredential] $PSCredential,           
           
    [string]
    $scriptDir = [Microsoft.MetadirectoryServices.MAUtils]::MAFolder            
)

$result = (New-Object Microsoft.MetadirectoryServices.CloseImportConnectionResults)
$result.CustomData = "My custom data"
Write-Output $result

The Error is:
The extensible extension returned an unsupported error.
The stack trace is:

 "Microsoft.MetadirectoryServices.ExtensionException: The following exception occurred while executing the PowerShell commands: System.NullReferenceException: Object reference not set to an instance of an object.
   at Microsoft.IdentityManagement.Connector.PowerShell.Engine.PowerShellRuntime.InvokePowerShell(PSCommand command)
   at Microsoft.IdentityManagement.Connector.PowerShell.Engine.PowerShellRuntime.InvokePowerShell(PSCommand command)
   at Microsoft.IdentityManagement.Connector.PowerShell.Engine.PowerShellContext.ExecuteScript(List`1 commandParameters, String scriptFilePath, Boolean enableSetLocation)
   at Microsoft.IdentityManagement.Connector.PowerShell.Bridge.ImportBridge.GetCloseImportConnectionResult(String scriptFileConfigKey, CloseImportConnectionRunStep closeImportRunStep)
Forefront Identity Manager 4.5.202.0"


If I do not use a script in "End Import" at all the sync runs without error. But I need this step to set additional information in the CustomData field.

Any help is appreciated
Henry.



Discovery Errors-Duplicate Objects Workaround

0
0

Hi All,

I have written an ECMA MA Connected to a SQL data source. It works quite well but the MA encounters discovery errors-duplicate objects during Import Run Cycle. The Source of this issue is due to duplicate records in the connected database table.

I just need some ideas on how to by pass importing duplicate records into MIM. I have tried using SQL SELECT DISTINCT query to fetch unique data from the data source, within my ECMA C# Cod,e but duplicate Records are still imported into the MIM CS during import.

Any clue on what I can do better ?


Akinzo

Skype Management Agent

0
0

Hi,

There are MAs for Skype On Premise (latest version) and Skype Online?

Thank you,

MIMWAL generate unique ID

0
0

Hello,

We already installed MIMWAL in our environment and we are configure the generate unique ID workflow to avoid the mailnicknames conflict in our active directory.

By the end of the below link we are following they are asking to create a MPR to trigger the workflow:

https://blogs.msdn.microsoft.com/connector_space/2016/02/19/wal-workflow-example-generate-unique-value/

Can you please advise about the following:

How to configure the MPR, currently I am configuring a MPR with transition set in Type and the set created includes all active people with a criteria created one day ago.

I can see the my new user projected from SQL database into the metaverse and is showing in the set created but the mailnickname is not created.

Any advise if am doing anything wrong.

Before MIMWAL i was importing the mailnickname from the SQL database into the metaverse using the normal declarative method the inbound synchronization rule.

Now shall the workflow will take care of that, is there any additional configuration shall I do?

Thanks

NAjwan.

MIM Portal and ObjectSID

0
0

Hi,

In the MIM MA, I am able to map and export a user's ObjectSID...the MIM Service schema, in the MA, shows that there is an ObjectSID attribute for the Person object class.

However, when I open a user in the MIM Portal, I am unable to find the 'ObjectSID' attribute - should one be able to see it in the MIM Portal UI?

Thanks,

SK


MIM 2016 PAM Justification resaon

0
0

Hi

i looking for where i can read out the Justification resaons for a PAM requests to external SIEM soulution.

Regards 

Anders Berg

Viewing all 4767 articles
Browse latest View live




Latest Images