Hi All,
I am trying to add a new role to one of my BHOLD installations, and when I do that I do not have a "default supervisor role" listed in the drop down. A supervisor role is required to be able to create a role. I am performing the operation as a B1 admin with the default supervisor role.
In another installation I can do it just fine. I have found no delta between the two as far as permissions are concerned. Anyone have an idea? Thanks.
Hello everyone,
The following script is awesome and worked perfect however I need to know to register one or two users only for One Time Password Registration. Would you please glad to see your response.
Regards
Sarwar
Sarwar
Hi
I have a weird requirement.ILM 2007 has few MAs configured and running fine.The problem here is I dont have the source code.Now I have to develop new interface to provision records to a new AD system from csv files.
Two solutions that I have are
1)Decrypt the existing dll and write fresh code completely.
2)write vbscript to create/update records in AD by not touching ILM at all.
Will I able to configure two provisioning DLLs?Any other solutions would be highly appreciated .
Thanks in advance
Srinivas
Hi everybody...
I would like to know if there´s a way to customize a Handler to use in RCDC to act like "Email Enabled" (my:Handler="OnChangeEmailEnabling") in SG create page to show or hide atributes when a checkbox is clicked or not???
[]´s
***** Paulo H. Campos - São Paulo/Brasil ***** http://identitypedia.blogspot.com (in PT-BR)
Hi everybody...
I would like to know if there´s a way to customize a Handler to use in RCDC to act like "Email Enabled" (my:Handler="OnChangeEmailEnabling") in SG create page to show or hide atributes when a checkbox is clicked or not???
[]´s
***** Paulo H. Campos - São Paulo/Brasil ***** http://identitypedia.blogspot.com (in PT-BR)
Hi,
I have a scenario where I need to import users from AD, ensure they're in the FIM portal, allow users to edit some attributes of their own and also perform regular data imports from a CSV file to modify some end user AD attributes.
I'm not sure on the best way to do my sync rules - I'm thinking 3 MAs (AD, FIM & File MA), but what I'm not too sure about is whether I should configure my sync rules in the FIM portal?
I could create an An AD inbound\outbound sync rule in the portal, with a file based in bound in the portal and then rely on these, however I suspect I don't actually need them. My attribute flow will be direct mappings between source and target.
I'm just not sure on which way to proceed.
Advice appreciated.
Thanks
IT Support/Everything
Hi,
I get "unable to process your request" when trying to edit the FIM portal site settings. I'm using my domain admin account I installed FIM under, which is also a SharePoint administrator. I'm trying to edit some basic UI details.
I've installed FIM 2010 R2 SP1 on SharePoint Foundation 2010 with SQL 2008 R2. I tried logging into the FIM portal with the fim service account, but this still gives the same error when editing site settings. I'm using separate servers for the fim portal, fim service DB and fim sync server (all have their firewalls turned off).
Advice on how to resolve this is much appreciated.
Thanks
Bob Lin, MCSE & CNE Networking, Internet, Routing, VPN Troubleshooting on <p><a href="http://www.chicagotech.net"><span style="color:#0033cc">http://www.ChicagoTech.net<br/> </span></a></p> How to Setup Windows, Network, VPN & Remote Access on <p><a href="http://www.howtonetworking.com"><span style="color:#0033cc">http://www.howtonetworking.com<br/> </span></a></p>
TechNet loves you!
We love your contributions at TechNet Wiki sooo much that we give you more than just love in return...
We give you NOTORIETY, GLORY... and VIRTUAL MEDALS!
That's not all, this love we have, together, it flows both ways my friend.
You give us stuff, we give you stuff, like interviews, recognition points, Ninja Belt rankings, and of coursefront page love!
If the love is strong enough, who knows where it could end! We may even invite you into secret clubs and other initiatives.
So why not spread the love a little further this Valentines, with more than just a cheap card from the highstreet...
Express your love for your favourite technology in a TechNetWiki article!
Pour your heart out to us, capture our hearts and woo us with your prowess!
All you have to do is add an article to TechNet Wiki from your own specialist field. Something that fits into one of the categories listed on the submissions page. Copy in your own blog posts, a forum solution, a white paper, or just something you had to solve for your own day's work today.
Drop us some nifty knowledge, or superb snippets, and become MICROSOFT TECHNOLOGY GURU OF THE MONTH!
This is an official Microsoft TechNet recognition, where people such as yourselves can truly get noticed!
HOW TO WIN
1) Please copy over your Microsoft technical solutions and revelations toTechNet Wiki.
2) Add a link to it on THIS WIKI COMPETITION PAGE (so we know you've contributed)
3) Every month, we will highlight your contributions, and select a "Guru of the Month" in each technology.
If you win, we will sing your praises in blogs and forums, similar to the weekly contributor awards. Once "on our radar" and making your mark, you will probably be interviewed for your greatness, and maybe eventually even invited into other inner TechNet/MSDN circles!
Winning this award in your favoured technology will help us learn the active members in each community.
Feel free to ask any questions below.
More about TechNet Guru Awards
Thanks in advance!
Pete Laker 
#PEJL
Got any nice code? If you invest time in coding an elegant, novel or impressive answer on MSDN forums, why not copy it over to the one and onlyTechNet Wiki, for future generations to benefit from! You'll never get archived again!
If you are a member of any user groups, please make sure you list them in the
Microsoft User Groups Portal. Microsoft are trying to help promote your groups, and collating them here is the first step.
<p>The sample profiles listed here are being used against me</p>
<p>http://msdn.microsoft.com/en-us/library/windows/desktop/aa369853(v=vs.85).aspx</p>
<p>He is creating profiles or interfaces to rob me of my home network and ability to work</p>
<p>Will someone please tell me how to work against this?</p>
Here is an example where he is trying to crack the code of my new id to get in (or he may already be in basedon this morning's security logs (which he has now shut me out of)
<?xml version="1.0"?>
-<WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1">
<name>GolfLinks</name>
-<SSIDConfig>-<SSID><hex>476F6C664C696E6B73</hex><name>GolfLinks</name></SSID
><nonBroadcast>false</nonBroadcast></SSIDConfig><connectionType>ESS</connectionType>
<connectionMode>auto</connectionMode><autoSwitch>false</autoSwitch>
-<MSM>-<security>-<authEncryption><authentication>WPA2PSK</authentication><encryption>AES</encryption>
<useOneX>false</useOneX></authEncryption>-<sharedKey><keyType>passPhrase</keyType>
<protected>true</protected><keyMaterial>01000000D08C9DDF0115D1118C7A00C04FC297EB01000000EB2B4622B56EE54BB200C8E09E04AA360000000002000000000010660000000100002000000010866E4D4941BC247E19DCE3AFF5E4A7E418B71446B74F51155BA9FEC0B7424C000000000E8000000002000020000000408DF255B332984B2F1648CAD021995557B7CAF9504076E22998AA8F98DFD11940000000E538E8E3DF530300225D419A374BF92D2AEEDAE5CF82D43FD112520FBD1305B7F1C682651DEAE0E84177AD36BB0A5A06053F31D70B08EC73E3EE8C94D5B904DB40000000F8D14CDBE256C2437E0EE8EB3C977761B764F7BB754D4ADCCB3C3753303E81BB99077F4087A43FF4F4A13EDDE2CB6B495D9B0AB0047D05A25AFA7201F8663CCA</keyMaterial></sharedKey></security></MSM></WLANProfile>
Any ideas?
WHile creating a group we have Email Alias attribute, i want to hide it.
When i deleted that attribute's code in XML error came-
<my:Control my:Name="Alias" my:TypeName="UocTextBox" my:Caption="{Binding Source=schema, Path=MailNickname.DisplayName}" my:RightsLevel="{Binding Source=rights, Path=MailNickname}"><my:Properties><my:Property my:Name="Required" my:Value="true"/><my:Property my:Name="HintPath" my:Value="Hint"/><my:Property my:Name="Text" my:Value="{Binding Source=object, Path=MailNickname, Mode=TwoWay}"/><my:Property my:Name="MaxLength" my:Value="128"/><my:Property my:Name="RegularExpression" my:Value="{Binding Source=schema, Path=MailNickname.StringRegex}"/></my:Properties></my:Control> Error was....
HOW TO FIX IT
I am working on configuring GALSYNC between two AD Forests of the same company but different geographic locations. Both Forests share the same external mail-domain namespaces (forest A has @abc.com while forest B have @abc.com and @abc.org). In forest B
all of the users who've @abc.org as mailbox have a corresponding forwarder contact in domain A whose mail attribute value is user@abc.com and the targetAddress attribute value as user@abc.org.
Right now we have not included forwarder contacts provisioning through FIM and is doing it manually and only provisioning normal contacts in the target forest . I know the default behavior of Gal-sync is to create corresponding contacts in the target domain
with the same domain namespace so user account with mailbox user@abc.org will also be provisioned as normal contact in the target forest but I've the following requirement and let me know if this is possible:-
- User Accounts in Domain B with @abc.com mailbox be provisioned/joined as corresponding contact in Domain A as @abc.com
- User Accounts in Domain B with @abc.org mailbox be provisioned/joined as forwarder contact in Domain A with @abc.com doing email forwarding to @abc.org
Jimmy George
Hi,
First question: is FIM 2012 R2 SP1 Reporting supported on System Centre 2012 R2 or only System Centre 2012? I have followed the MS FIM Reporting deployment guide, and everything seems to work, except the ETL process (2nd question below)
Second question: if it is supported, than how do we get the ETL process defined here (http://technet.microsoft.com/en-us/library/jj133844%28v=ws.10%29.aspx) to work with these versions? The powershell script provided doesn't work on SC 2012 R2.
Third question: how do we force the whole process so we can view data in the FIM Reports? as at present there is no data in any of the reports even after I manually ran these SCDW jobs: Extract_dw_SCSMServer, transform.common, load.common
Thank you,
DW
Hi,
Is there a way to setup a workflow in the portal so that a user can enter data in a one off scenario?
We have several thousand AD users and several thousand users in our HR system, however there isn't a unique key to link them. One method we're thinking of is importing users from our HR database into the MV, then import users from AD and perform a join on givenName, sname and mail. Once we have the join we'd then like to push an employee ID number from the HR DB to AD and use that as a unique match.
We want to allow users the ability to enter their employee no. in the FIM portal as a one off exercise, is it possible to allow a user to enter data for a particular attribute only once?
Thanks
I'm using a Sync Rule to provision to AD and using an attribute constructed in a custom workflow (ADdn) to set the DN. This works perfectly well when doing the initial flow and provision, but if the user moves department and the custom workflow rebuilds the ADdn attribute then the AD MA only sees this as attribute flow, not a provisioning rename. If I cocatenate an empty string on the end of the attribute flow rule definition in the sync rule, the MA recognizes the change as a provisioning rename.
This feels like a bug and although we have a workaround I'm curious to know if anyone else has seen this or can reproduce to confirm before I submit. We have reproduced on two different installations here.
Cheers,
Dave
Hi Gurus
i have a question. I want to add an AD Security group in FIM for the users of the group to be the FIM portal administrator. I believe to do that I need to sync the group using a management agent, and then add that group to the Sharepoint administrator group. Is this correct? If it's not then where can I find a procedure to make the members of the security group which is in an OU to be the administrators of the FIM portal? I don't want to sync the whole OU but only one group within the OU as there are other groups within the OU which I do not want to have admin rights to the portal.
Is there a way I can achieve what I am trying to do? I haven't found any documentation to do it. As I am very new to this I apologize if the question sounds silly.
Any help will be greatly appreciated. Thanks in advance.
Regards,
Hi,
Does anyone know what the impact is going to be on users who have registered for SSPR and certain of the security questions are changed or removed?
Regards
Johan Marais
JkM6228
Our company web application UI invokes creation of an excel file by pressing a button on modal dialog. It creates an excel file and tries to open it by Microsoft Excel. The problem is, IE10 brings "Do you want to open..." yellow popup at the bottom of the screen, and this popup is unavailable, because of modal dialog the excel file creation was launched from. Only when this modal dialog is closed yellow popup became available.
Being not sure if this problem has a resolution without of application redesign, I was thinking about to disable the yellow popup at all. Is it possible? Any ideas?
Hi,
I'm looking for a way to configure FIM SSPR to work with Check Point pre-boot authentication. In our environment users laptops have Check Point full disk encryption installed and this prompts for (stored AD) credentials at pre-boot stage.
If the users have forgotten their password, they are unable reach to the Windows lock screen to use FIM SSPR (forgotten password) link, since Check Point pre-boot authentication doesn't let go beyond this stage.
Please suggest any options to use FIM SSPR along with Check Point in this scenario.
Hello...
I would like to know if there is a way to put to controls in same line in RCDC, like UocPictureBox and UocTextBox
Best Regards,
***** Paulo H. Campos - São Paulo/Brasil ***** http://identitypedia.blogspot.com (in PT-BR)
