Are you the publisher? Claim or contact us about this channel

Embed this content in your HTML


Report adult content:

click to rate:

Account: (login)

More Channels


Channel Catalog

Channel Description:

This forum is for IT Professionals who have questions/issues or other feedback about Forefront Identity Manager (FIM) 2010 suite

older | 1 | .... | 199 | 200 | (Page 201) | 202 | 203 | 204 | newer

    0 0
  • 11/26/18--10:15: MIM Hybrid Reporting
  • Hi guys,

    Having followed and satisfied the prerequisites from, I have downloaded, installed and configured the MIM Hybrid Reporting Agent on the MIM Servers, which can reach the internet. But it so happens that SSPR Registration, Reset and SSGM activities are not reporting in Azure. Please, is there something I just might be missing out?


    0 0
  • 11/30/18--02:47: MIM2016 Requirements
  • Hi,

    Currently MIM2016 SP1 only supports Windows Server 2016 and SQL Server 2016.

    See link:

    Does anyone know when Windows Server 2019 and SQL Server 2017 will be supported?




    Did my post help? Please use "Vote As Helpful", "Mark as answer" or "Propose as answer". Thank you!

    0 0

    Hey everyone.  I was wondering if there was a was to set an account in MIM WF to never expire.  In our environment when a contract work converts to full time the employeeEndDate stays on the account and expires the account.  Currently we are manually going into portal and clearing the date which then allows us to set account to never expire in ADUC  We would like to automate this when they fall into the set to clear the employeeEndDate any help on this would be greatly appreciated.

    0 0

    What is TechNet Guru Competition?

    Each month the TechNet Wiki council organizes a contest of the best articles posted that month. This is your chance to be announced as MICROSOFT TECHNOLOGY GURU OF THE MONTH!

    One winner in each category will be selected each month for glory and adoration by the MSDN/TechNet Ninjas and community as a whole. Winners will be announced in dedicated blog post that will be published in Microsoft Wiki Ninjas blog, a tweet from the Wiki Ninjas Twitter account, links will be published at Microsoft TNWiki group on Facebook, and other acknowledgement from the community will follow.

    Some of our biggest community voices and many MVPs have passed through these halls on their way to fame and fortune.

    If you have already made a contribution in the forums or gallery or you published a nice blog, then you can simply convert it into a shared wiki article, reference the original post, and register the article for the TechNet Guru Competition. The articles must be written in December 2018 and must be in English. However, the original blog or forum content can be from before December 2018.

    Come and see who is making waves in all your favorite technologies. Maybe it will be you!

    Who can join the Competition?

    Anyone who has basic knowledge and the desire to share the knowledge is welcome. Articles can appeal to beginners or discusse advanced topics. All you have to do is to add your article to TechNet Wiki from your own specialty category.

    How can you win?

    1. Please copy/Write over your Microsoft technical solutions and revelations to TechNetWiki.
    2. Add a link to your new article on THIS WIKI COMPETITION PAGE (so we know you've contributed)
    3. (Optional but recommended) Add a link to your article at the TechNetWiki group on Facebook. The group is very active and people love to help, you can get feedback and even direct improvements in the article before the contest starts.

    Do you have any question or want more information?

    Feel free to ask any questions below, or Join us at the official MicrosoftTechNet Wiki groups on facebook. Read More about TechNet Guru Awards.

    If you win, people will sing your praises online and your name will be raised as Guru of the Month.

    PS: Above top banner came from Vimal Kalathil.

    Kamlesh Kumar

    If my reply is helpful please mark as Answeror vote as Helpful.

    My blog | Twitter | LinkedIn

    0 0


    We'd like to move the MIM service account mailbox to Exchange Online for notifications & approvals - and we understand that its just a matter of re-running the MIM 2016 SP1 Portal/Service installation and selecting the EOL settings in the dialog box.

    However, after running this, do we also need to re-run all the post SP1 hotfixes (that are currently applied to MIM)?

    thank you.

    0 0

    Is it possible you could add "Reason:" field to every form in Outlook add-in in future add-in versions ? At the moment this "Reason:" field is only available when Declining requests but we have a demand for that field also when people using Join/Add Members request forms so the owners of the groups would know why requestors want to join the groups.

    0 0
  • 12/03/18--04:46: MIM PAM check user role
  • we are using Microsoft Identity Manager, as there is no option in the GUI to check what PAM role does a user how, is there a powershell cmd to check what PAM roles does a user have?

    0 0

    Hello Experts,

    <g class="gr_ gr_14 gr-alert gr_tiny gr_spell gr_inline_cards gr_run_anim ContextualSpelling multiReplace" data-gr-id="14" id="14">i</g> want in place upgrade FIM 2010 R2 to MIM 2016 SP1. in our environment FIM is integrated with HRMS portal . and lots of Sync rules and flow is <g class="gr_ gr_13 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling multiReplace" data-gr-id="13" id="13">customised</g>.

    if I  upgrade from FIM 2010 R2 to MIM 2016, is my all flow and setting on FIM will be intact?

    Balwan Singh

    0 0

    Hello, I have been able to successfully upgrade my MIM system to 4.4.17949.0 without issue.  The system is running fine under 4.4.17949.0.  I recently attempted to apply hotfix and I am receiving the following fatal error during the upgrade of MIM Portal and Service.  If anyone has seen this before and knows a solution I would appreciate any insights.

    Calling custom action Microsoft.IdentityManagement.PasswordResetCAs!Microsoft.IdentityManagement.ManagedCustomActions.PasswordResetCustomActions.GetIISVersion

    Exception thrown by custom action:

    System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.MissingMethodException: Method not found: 'System.String System.String.Format(System.IFormatProvider, System.String, System.Object, System.Object)'.

      at Microsoft.IdentityManagement.ManagedCustomActions.PasswordResetCustomActions.GetIISVersion(Session session)

      --- End of inner exception stack trace ---

      at System.RuntimeMethodHandle.InvokeMethod(Object target, Object arguments, Signature sig, Boolean constructor)

      at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object parameters, Object arguments)

      at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object parameters, CultureInfo culture)

      at Microsoft.Deployment.WindowsInstaller.CustomActionProxy.InvokeCustomAction(Int32 sessionHandle, String entryPoint, IntPtr remotingDelegatePtr)

    CustomAction GetIISVersionFromRegistry returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)

    Action ended 15:11:27: GetIISVersionFromRegistry. Return value 3.

    0 0

    Hi all,

    I performed all the steps which included in documentation of microsoft for self service password reset. I read all question and answar on technet but i did't find the right solution. 

    For user account name, domain and resource sid is coming in the portal and i am able to login in the fim portal with a non admin user and user have the account in A.D. 

    I check all required MPRs are enabled and user is coming in the password reset user set.

    My fim portal and A.D. are installed on different server.

    but when i click in the fim portal for register for password reset it shown an exception--

    Password registration portal URL is not configured. please contact your helpdesk or system administrator.

    Can anyone help  me to resolve this issue. I will be very thankful for the same.



    0 0

    Hi greetings to all,

    I need to know the complete steps for validating any attribute in MIM portal. For example 'Company' 
          must be
                 'Abc' (default value) or
                 'Bcd' or
                 'CIA' or
                 'apple' or
                 'microsoft' or
                 'Glassdoor' or  


    Also, another query is that how to validate the attribute is required (must be filled). If the attribute upon user creation say last name is empty or not filled then it should show some error message.



    0 0

    I could troubleshoot the issue so that i cna confirm that the password notification service on the domain controller of our production active directory environment is working.

    The FIM stuff is used to synchronize the password of the AD user with the password of a NetIQ eDirectory user.

    The change is transmitted with the LDAP protocol.

    The stuff worked for years but now since weeks - after several reboots of the server for different reasons we noticed that it doesn't work anymore.

    The first thing to do is to see if the passowd change notification of the domain controller has been received from the FIM server but i have no clue which event it should be.

    I will try to go through all events in the timeframe of some minutes after PCNS event is recorded on the DC.

    Any further hints are welcome.

    0 0

    I have four MA's.

    ADMA, SPMA, HRMA, MIMMA all have "Configure Deprovisioning" set to "Make them disconnectors" Object Deletion Rule is set too "Delete metaverse object when connector from any of the following management agents is disconnected" All four are selected.

    Desired effect. When and object is deleted from any one of these (MIMMA, SPMA, ADMA or HRMA) external sources the Metavers object will be disconnected followed by any remain CS objects that were linked to it.

    What I'm seeing.  I delete a user object from MIM console.  Perform a full import using the MIMMA. It show 1 delete and the object is removed from MIMMA connector space, but when I trigger a fullsync, Expecting the disconnect to remove the MV object, instead the MV Object is re-ADDED to the MIMMA CS and upon the next export recreated in the MIMMA console. What am I doing wrong?

    0 0


    We have an Exchange Hybrid environment, and MIM is issuing the 'enable-remotemailbox' cmdlet against the on-prem Exchange server. AADConnect then creates the online mailbox, when it runs every 30 minutes.

    We would like for MIM to send the user a 'Welcome Message'...however, we can only do that once AADConnect has run and created the mailbox (otherwise the mail will NDR).

    What are some of the ways that MIM can use to confirm that the remote mailbox has been created by AADConnect?

    - Does AADConnect write something back to on-prem AD that we can check? Maybe check for the existence of the "msDS-ExternalDirectoryObjectID" attribute in on-prem AD? Or if "msDS-ExternalDirectoryObjectID" starts with "User_"?

    - Or does MIM have to issue a Exchange Online Powershell query to find out if the mailbox has been created...if yes, what should we look for?

    Thank you,


    0 0

    Hello Team,

    Am aware that Microsoft offers IDM solution through PAM, does it also offers IAM(Identity access management).?

    Is there any difference b/w these two.?

    What all other features provided by MIM

    0 0


    On the user creation page of FIM portal, I wanted to have country field must be filled and should not be empty. So I checked the Required field from schema management>binding>country.

    But as soon as I submit to apply the change it gives me error access is denied. So what is causing this error


    0 0

    Hi everyone.

    We have an ECMA2.0 management agent used to import employee/student data that is provided to us by a middle ware system that populates several SQL tables.  I should mention that this MA has been working for several years without issue and the issue we're seeing only started recently.

    A delta import of the MA completes with discovery errors.  In the error list below there are three errors titled "entry 108", "entry 209", and "entry 125".  Each error type is 'invalid-attribute-value'.  So this suggests that someone upstream has given us some fields that don't conform to our data types/lengths.  If I click an error I get no useful information, just the error and entry number.  Distinguished name is "<unavailable>", and the 'Error details' button is greyed out.

    My assumption was that "entry 108" refers to the 108th add/update/delete/whatever it tried to process.  I enabled logging for that MA, then counted through the records it gave me and checked the data for 108, 109 and 125 but the data looked fine, in fact those accounts are already in the metaverse and the values in the log for those records already exist in the metaverse.

    Does anyone have any suggestions on how I can troubleshoot this further?

    Thanks in advance!

    0 0
  • 12/06/18--04:26: MIM 2016
  • Hi all

    Please someone say me what s MIM reporting?

    and how to deploy the MIM reporting Portal And prerequisites 

    thank you all.

    0 0


    I'm currently running across a problem when a user is attempting to reset their password via either the client or the portal. They are able to authenticate against the phone gate we have in place, but when resetting their password they are presented with the following error page:

    An error has occurred. Please try again, and if the problem persists, contact your help desk or system administrator. (Error 3000)
    Go to Self-Service Password Reset home page

    On the server running the MIM Service, the event log error is showing:

    System.Management: System.Management.ManagementException: Invalid namespace 
       at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
       at System.Management.ManagementScope.InitializeGuts(Object o)
       at System.Management.ManagementScope.Initialize()
       at System.Management.ManagementObjectSearcher.Initialize()
       at System.Management.ManagementObjectSearcher.Get()
       at Microsoft.ResourceManagement.PasswordReset.ResetPassword.ResetPasswordHelper(String domainName, String userName, String newPasswordText)

    I've worked through the configuration outlined in the document i've pasted a link to at the bottom (as i apparently can't post links yet). So as far as i am aware shouldn't be any issues with permissions. The event log error seems to indicate an issue communicating to the WMI on the server running the Sync Service, but i'm struggling to see why.

    Has anyone else come across this before?


    0 0

    Hi All,

       We have a requirement where we want MIM portal to be used by external user's residing in a separate AD different from the AD(employees or internal users) with which MIM is configured. Can this be possible if we can get the user's to MIM portal with a Separate MA configured with the external user AD. I am not sure if the authentication will ever happen without any trust to that domain or is there any way we can authenticate with that domain like ADFS or any windows authentication menchanism. Any hints regarding this will be appreciated.

older | 1 | .... | 199 | 200 | (Page 201) | 202 | 203 | 204 | newer