Quantcast
Channel: Forum Microsoft Identity Manager
Viewing all 4767 articles
Browse latest View live

FIM reporting -- Run FIMPostInstallScirptsForDatawarehouse.ps1 script

0
0

 We have 3 servers and

1. Server 1 -- FIM Service

2. Server 2 -- Service Manager server + Sql Server 2008 r2 with (ServiceManager DB on instance 1 +DWStagingAndConfig, DWRepository, and DWDataMart DB on instance 2)

3. Server 3 -- Data warehouse server

We have installed FIM reporting and MPSyncJob is successfully over. Next step is to run FIMPostInstallScirptsForDatawarehouse.ps1 on Data warehouse server but The FIM Reporting post installation scripts required to execute.\FIMPostInstallScriptsForDataWarehouse.ps1scripts in the Data Warehouse server. However, this script requires access to the "SQLCmd" tools and the "SMCmdletSnapIn" snapins. These two components are both present when the SQL server resides in the Data Warehouse server. In this scenario that condition is not true. In this procedure, we will run the FIM post installation powershell script in the SQL server. We will create a PSSessionConfiguration in the Data Warehouse server that will get called from the remote SQL server to execute the "SMCmdletSnapIn".

To run the script i was following the steps on this link social.technet.microsoft.com/wiki/contents/articles/17916.troubleshooting-fim-install-fim-data-warehouse-support-scripts-on-a-remote-sql-server.aspx

But in creating PSSession i am getting Access Denied error .

So is it possible, if i will install SQL server management studio on Data Warehouse server as i will get SQLCmdlets of powershell in Data Warehouse server so i can run  the script directly on Data warehouse server without creating PSSession .

Will it work ??


Exchange sync rule

0
0
Currently AD sync rule handles exchange. Can I have a sync rule just for exchange and remove the exchange sync rule flows from AD? In that case, should the exchange sync rule be set as dependency on AD sync rule?

login to FIM Portal without AD account

0
0

Experts,

Does normal user needs to have an AD account before logging into FIM Portal?

Thanks,

Mann

FIM 2010 R2 High Availability Installation

0
0

Hi Team,

I was trying to learn few new things and looking for Technet document which describes Step-By-Step configuration for Any HA mode. Does anyone has any link or Document for the same?


Thanks~ Giriraj Singh Bhamu

FIM Portal in High Availability Installation

0
0

Hi Team,

I am working on something and trying to perform HA in FIM. Below is my current system:

1) server A and B for SQL DB.

2) Server C and D for FIM Portal.

3) Server E for FIM Service.

4) Server F For FIMSync Service.

Steps I have performed:

Installed SQL on server A & B for Every Required DB and done Clustering.

1) Installed FIMSync service on server F.

2) Installed FIM Service on Server E.

3) Installed SharePoint 2010 Foundation server Farm Installation on Server C.

4) Installed FIM Portal on Server C.

5) Installed SharePoint 2010 Foundation with same Farm on Server D and FIM Portal as well.

But when I try to access FIM Portal with Server D's Host name then it is showing error "Service Unavailable".

Please help !!!!!


Thanks~ Giriraj Singh Bhamu

FIM2010R2 PowerShell Connector - Create new MA gives error E_MMS_SCHEMA_CLASS_NOT_FOUND

0
0

When i try to create a new Powershell MA (Microsoft) i manage to get the schema from my Powershell script and can select an anchor to use sucessfully, but at the end i Always gets this error and i have tried to use the scripts from following linkhttp://technet.microsoft.com/en-us/library/dn640417(v=ws.10).aspx but Always the same error, and i also enabled logging but this gave no more info.

Log Name:      Application
Source:        FIMSynchronizationService
Date:          2014-03-19 11:12:13
Event ID:      6306
Task Category: Server
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      {Fim Server}
Description:
The server encountered an unexpected error while performing an operation for the client.
 
 "BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\maxml\cdext.cpp(416): 0x80070057 (The parameter is incorrect.)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\xmlpe\xstack.cpp(405): 0x80070057 (The parameter is incorrect.)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\xmlpe\xparse.cpp(436): 0x80070057 (The parameter is incorrect.)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\server\schema\schema.cpp(1619): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\maxml\compmap.cpp(155): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\maxml\compmap.cpp(453): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\xmlpe\xsimple.cpp(842): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\xmlpe\xstack.cpp(540): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\xmlpe\xparse.cpp(544): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\xmlpe\xsimple.cpp(334): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\maxml\compmap.cpp(344): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\server\mastate\mastate.cpp(10645): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
ERR_: MMS(4436): d:\bt\25920\private\source\miis\server\mastate\mastate.cpp(13144): Error creating MA component mappings object: 0x80230914
BAIL: MMS(4436): d:\bt\25920\private\source\miis\server\mastate\mastate.cpp(13164): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\server\mastate\mastate.cpp(1724): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\server\server\server.cpp(1090): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
Forefront Identity Manager 4.1.3508.0"
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="FIMSynchronizationService" />
    <EventID Qualifiers="49152">6306</EventID>
    <Level>2</Level>
    <Task>3</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-03-19T10:12:13.000000000Z" />
    <EventRecordID>110463</EventRecordID>
    <Channel>Application</Channel>
    <Computer>{FIM Server}</Computer>
    <Security />
  </System>
  <EventData>
    <Data>BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\maxml\cdext.cpp(416): 0x80070057 (The parameter is incorrect.)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\xmlpe\xstack.cpp(405): 0x80070057 (The parameter is incorrect.)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\xmlpe\xparse.cpp(436): 0x80070057 (The parameter is incorrect.)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\server\schema\schema.cpp(1619): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\maxml\compmap.cpp(155): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\maxml\compmap.cpp(453): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\xmlpe\xsimple.cpp(842): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\xmlpe\xstack.cpp(540): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\xmlpe\xparse.cpp(544): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\xmlpe\xsimple.cpp(334): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\shared\maxml\compmap.cpp(344): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\server\mastate\mastate.cpp(10645): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
ERR_: MMS(4436): d:\bt\25920\private\source\miis\server\mastate\mastate.cpp(13144): Error creating MA component mappings object: 0x80230914
BAIL: MMS(4436): d:\bt\25920\private\source\miis\server\mastate\mastate.cpp(13164): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\server\mastate\mastate.cpp(1724): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
BAIL: MMS(4436): d:\bt\25920\private\source\miis\server\server\server.cpp(1090): 0x80230914 (E_MMS_SCHEMA_CLASS_NOT_FOUND)
Forefront Identity Manager 4.1.3508.0</Data>
  </EventData>
</Event>


Ulf Lindström

Email Notification using SMTP from FIM to O365

0
0

how to perform that activity.


ADFS on Azure for office 365 certificate related Q

0
0

I have ADFS and ADFS proxy on azure for office 365 SSO

now public cert is fs.mydomain.com

the NLB is done on Azure endpoint, so I should point on my dns fs.mydomain.com to the MS proxy nlb name, the question when a user is redirected to that, this name is not included in the cert

so what do you think?


Custom Workflow contains a ServiceReference and app.config

0
0
I am developing a custom workflow that will generate tickets in our ticketing system. Our ticketing system vendor has given us a wsdl to use to connect into their application and genereate tickets. I have the workflow passing all the change parameters, but when it comes to generating the ticket it cannot find the information in the app.config. Is there any way I can compile this dll and still reference the config file?

How to Use PowerShell to Delete FIM Users That Have a Null

Installing HA Fim Service

0
0

Hi All 

im following this guide to install FIM portal and Service with load balancing

http://www.harbar.net/articles/fimportal.aspx 

All went well, after modifying some of the scripts, but now the question is when i install the FIMservice on the second node do i create a new DB or i reuse the existing one ?

Also when installing the password reg and res portals, inorder to make them externally accessible all i need to do is just specify the external names only ?

Thanks in advance


Hany George | Consultant | IDC S.p.A | MCITP: Lync Server | MCITP: Exchange 2010 | MCTS: OCS | Blog: http://dusk1911.wordpress.com/ | If this post has been useful please click the green arrow to the left or click Propose as answer

ETW Tracing/Logging for latest ECMA 2 MAs (LDAP in particular)

0
0

Hey all

http://social.technet.microsoft.com/wiki/contents/articles/21086.how-to-enable-etw-tracing-for-fim-2010-r2-connectors.aspx provides an example of enabling tracing for FIM R2 connectors, citing the SharePoint Connector as its example. It mentions that the source name that you use to configure which connector to trace is hardcoded in the Connector itself. I have been trying to set up a trace looking at the Generic LDAP connector, and have tried the source names "LDAPConnector.etw", "GenericLDAP.etw" and "GenericLDAPConnector.etw" with no luck.

Is there a list of these source names for this connector, and/or the other R2 connectors, available somewhere?

MV Group Rename vs. New Group / Disconnected Old Group

0
0

Hello,

I need to know how to configure FIM to rename a group, instead of creating a new one with the new name and disconnecting the old one.  I don't see any options for configuring that in the import process.  The group names are unique and I consider them anchor attributes.

The group names are controlled via a system that bases them on JobCode and locations.  If one of these attributes change, the group name also changes.  Right now, when that change happens, the import/sync process creates a new group and leaves the old one in the MV, but disconnected.  I need to actually rename the MV group.

Greg Wilkerson

FIM with High Availability

0
0

Hi Everyone,

I am going to test the HA with FIM Portal. But before starting this I need few clarifications:

Scenario, I want to test:

Server-1: FIM Portal, SharePoint Sites and SSPR Portals (PortalNode-1 and PortalNode-2)

Server-2: FIM Sync (SyncNode-1 and SyncNode-2)

Server-3: SQL DB for All FIM related Applications ( SQLNode-1 and SQLNode-2)

Server-4 FIM Service (FIMSrNode-1 and FIMSrNode-2)

Following are the Step which I am going to perform. Please do correct me if I am wrong at anywhere.

1)  Install SQL server on both SQLNode-1 and SQLNode-2. 

2)  Enable SQL failover clustering in between these two nodes.

3)  Perform Windows clustering for both SQLNode-1 and SQLNode-2 and created common host name "Server-3".

4)  Install FIM Sync on both SyncNode-1 and SyncNode-2 and used "Server-3" name to database creation. I know We can not use both Nodes at a time. Used windows clustering and created "Server-2" common host name.

5) Installed FIM Service on both FIMSrNode-1 and FIMSrNode-2 and used "Server-3" name to DB creation.

6) Performed Windows Clustering in between FIMSrNode-1 and FIMSrNode-2 and created "Server-4" common host name.

6) Install SharePoint Farm at PortalNode-1 and used same on PortalNode-2 as well.

7) Install FIM Portal and SSPR Portals at PortalNode-1 and PortalNode-2 and used "Server-4" name for service connectivity.

8) Performed Windows Clustering in between these two nodes and created "Server-1" common host name.

Please let me know if I am doing something wrong or everything I am doing is wrong or Is there any alternative step to achieve this test case.

Please help.


Thanks~ Giriraj Singh Bhamu

Portal on a Mac?

0
0
Anyone use a mac to access the web portal?  is there a browser for a mac that allows for the content on the portal to be displayed correctly?

Opper....


View Schema Validations

Using the FIM PowerShell Module to Remove a Manager

combining attributes from two object types

0
0

Experts,

I have two files coming from FIM. Employee and department data. Employee file is expected to synch data for 'person' object and department file to synch data for 'organization' object.
Common attribute in these two files is department_id.

I want information in department file like department_name and department_city to also get populated in 'person' object attribute.

How to combine data for two different objects and source.

Hope i made sense. Kindly suggest.

Thanks,
Mann

 

FIM Galsync Contact provisioning of Linked-mail box

0
0
We have Galsync connectors between multiple AD Exchange Forests which is working fine. There is a new connector in the pipeline that we are going to add to our FIM Sync server but they have a unique situation where their users are on one Forest and the linked-mailboxes are on another forest (linked-mailbox requires disabled user accounts). Please advise how do we proceed in this situation? Should we create AD GAL connector management agent connecting to the user forest where user accounts are hosted or do we create create AD GAL connector MA connecting to the exchange forest? Remember the Exchange forest where linked-mailboxes are hosted have disabled users.

Jimmy George

How to configure sync rules involving a CSV file and portal self service

0
0

Hello,

 I need to configure some FIM sync rules for the following scenario:

 User account details are entered from a HR CSV file and exported to AD  Users have the ability to modify their own AD attributes in the FIM portal (there is not a requirement for them to view their  HR CSV data in the portal). The FIM portal modifications will be exported to AD as expected.  

My setup is as follows:

CSV file - name, last name, employee ID, address.
CSV MA - has direct attribute flows configured in the MA between the data source and MV Portal self service attributes –      users can edit mobile, display name and photo

I've also set the CSV MA as precedent for the attributes

FIM MA – attribute flows defined for MV to Data Source as usual (i.e. firstname to firstname, accountname to accountname, etc).

AD MA – no attribute flows defined as inbound and outbound sync rules have been configured in the portal using the Set\MPR\Triple.

I’m thinking of using the following run profiles:

  1.       CSV MA – full import and delta sync (imports HR data)
  2.       FIM MA –  export and delta import (imports portal changes)
  3.       FIM MA – delta sync (syncs any portal changes)
  4.       AD MA – export and delta import

If my understanding is correct this should sync HR data from CSV to AD, as well as user attribute self service updates from the portal to AD.

If I wanted to just do a HR CSV sync could I get away with just steps 1 & 4 ? (presumably not as my rules are in the FIM portal?)

If I wanted to do just a portal sync, could I get away steps 2-4?

Any advice on how to improve my setup is much appreciated - cheers



IT Support/Everything


Viewing all 4767 articles
Browse latest View live




Latest Images