Is FIM 2010 R2 SP1 supported for Windows Server 2012 R2?? If not when?
Thanks
Tiesto
Is FIM 2010 R2 SP1 supported for Windows Server 2012 R2
↧
↧
ForeFront Identity manger 2010 R2 Queries
In cuurent scenario: FIM 2010 in:stalled on a single box
Below are my queries are below:
place upgrade to Forefront 2010 R2 Supported?
High availability for FIM200R2
can configure service portal for creation and deletion of distribution group in predefined time.
mailbox ,lync accountwebex and sharepoint provisioing through FIM
Extend provision to the client facing datacenter placed in DMZ.
Enable password reset for roamin users (onnected via internet)
FIM interration with other directory server(windows Ative directory) for indentity integration.
↧
how to increase Portal Strings sice for PasswordResetOperationPolicyViolationErrorMessage in FIM 2010 R2 SSPR
Hi,
how to increase Portal Strings size for PasswordResetOperationPolicyViolationErrorMessage in FIM 2010 R2 SSPR.
Regards
Anil Kumar
↧
How to get Reports for specific User that how many password has been reset using FIM SSPR in FIM 2010 R2 SSPR
Hi,
How to get Reports for specific User that how many password has been reset using FIM SSPR in FIM 2010 R2 SSPR
Regards
Anil Kumar
↧
Creating an approval with escalation workflow in FIM 2010 R2
I am trying to create an approval workflow in FIM 2010 R2, where user requests are to be escalated from one approver to another before a request is finally approved. However, it is failing as the request ends up in a post processing error or caught up in an unending post processing status. I get the following errors about invalid or null email address yet the emails are ok:
1.
System.ArgumentException: Invalid or NULL email address at Microsoft.ResourceManagement.Mail.Utilities.ValidateMailMessage(GenericMessage message, IMailServer mailServer) at MicrosoftResourceManagement.Mail.NotificationMessage.Send(Int32timeoutInMilliseconds) at Microsoft.ResourceManagement.Workflow.Hosting.SendMailWorkItemProcessor.SendMailMessage(MessageContent messageContent, Int32 timeoutInMilliseconds) at Microsoft.ResourceManagement.Workflow.Hosting.SendMailWorkItemProcessor.ProcessWorkItem(WorkItem workItem)
2.
EmailNotificationDataExchange caught an exception while trying to send an email. The email was not sent. See the trace immediately following for exception contents
3.
The mail sender could not send an outbound email. This failure indicates a misconfiguration either with the mail server or with the specific mail. Frequent, repeating instances of this event indicate a failure with the mail server. If this event occurs alongside event 12, then this event indicates a failure with Exchange. Infrequent instances of this event indicate misconfiguration of individual emails.
How can I resolve this?
Thanks in advance,
Josephine.
↧
↧
SSPR not propogating
I have configured SSPR successfully. and so far the bulk of my users can register and change their passwords using SSPR via portal as well as rich client. However, users located on one dc are complaining that password resets are not taking effect immediately.
The obvious cause is due to delayed propagation/replication of password changes. However with all servers in my domain using 2008 , i has assumed that failed authentication on a DC, would result in the 'failing-up' to the PDCe. How can I verify if this is the cause of the problem, or something else?
Has anyone else experieince this issue? additionally - a co-worker is indicating that SSPR should be aware of the users primary DC..and that this would solve the problem. Is this a function/feature that is even available?
↧
Need help with provisioning in AD
Hi,
I'm new to FIM and need help/advice with provisioning users into AD.
We have a scenario where person objects are synchronized to FIM Portal from SQL database. Those person objects now needs to be provisioned into AD, but the request is that we must first check the existence of the destination OU for person in AD. (DN is calculated for every person based on several attributes). If that OU doesn't exist, we must update persons status (custom attribute) and send notification (mail) to our ServiceDesk. If OU exists, person needs to be provisioned into AD and placed in two security groups.
What would be the best approach?
Thanks
↧
Unable to provision from FIM Portal
Hello All,
I recently just ran into an issue where I can no longer provision from FIM portal to any connected Management Agents. I get an extension-dll-exception.
Whenever I create a new user in the portal and do a sync I get the following error message.
When I do a stack trace I receive the following error
I have been able to provision users to both AD and Novell Groupwise in the past with no issues. I currently have an open support case with Microsoft to resolve an issue where I was unable to join any objects in the metaverse. Microsoft suggested that I clear my Groupwise connector space and since doing that I have been unable to provision any new users. The Microsoft technician that I'm working with says this is a different issue then what was originally reported so they are unable to help with it, however this issue did not start until I cleared my connector space.
Any advice is greatly appreciated.
↧
FIM WMI Query
I am trying to query the MIIS_CSObject class for a specific user. When I use the domain and account name combination I get no results but when using the MaGuid and DN combination I do get the user. Using WMI Explorer I see that the user has no entries in domain or account. I would like to use domain and account name combination since my current solution is build around this query. How would I populate these fields?
↧
↧
Upgrading FIM pre-R2 version to R2
Hi all,
I'm trying to upgrade a FIM pre-R2 (4.0.3594.2) installation to R2, but I cannot find which patch I should apply first.
Is there a patch available, or should I get the whole FIM R2 package?
Thanks,
Paolo
Paolo Tedesco - http://cern.ch/idm
↧
How to automate FIM CM configuration steps using PowerShell?
Hi,
We are trying to automate the steps that the FIM CM Configuration wizard is doing using PowerShell. Any pointers on how to do it? Has anyone done it before?
Thank you.
↧
Criteria Based Sets and Groups - Not all Attributes Showing
We've got FIM up and configured to import user data from Oracle and export users AD in a test environment. We are now looking at security groups and successfully imported manually created security groups from AD and exported manually created FIM security groups to AD. Our hope is to assign users to security groups based on criteria using custom attributes we created for Oracle data. We see these custom attributes in the Metaverse and FIM Schema, but they are not available for selection as criteria for use with Sets and Groups. Any idea what I need to do to get these attributes to be avaialble for use with criteria base Sets and Groups?
↧
ProperCase and Word functions don't play well together
I have what appears to be a bug. The scenario is as follows.
I am importing users from a SQL DB the table has the following fields, "First_Name", "Last_Name" and “Known_As”. Unfortunately not all identities have the "Known_As" value captured. Additionally the oorganisation captures user first and second name in the First_Name attribute and all values are captured in uppercase (e.g. John Michael Smith is captured as follows
First_Name = JOHN MICHAEL
Last_Name = SMITH
Known_As =
When I inbound the identity into the FIM portal I use the following custom expression
IIF(IsPresent(Known_As),ProperCase(Known_As),ProperCase(Word(First_Name,1," ")))
Unfortunately this returns a null value
However, if I use the following custom expression
IIF(IsPresent(Known_As),Known_As, Word(First_Name,1," "))
I get the value for firstname in the portal as JOHN
It would appear to me that the functions propercase and word do not play well together.
↧
↧
Issue w/ Case Differences Using the IBM Directory Server MA
We have the following issue using the IBM Directory Server MA using FIM 2010 R2 (Version 4.1.3479.0).
- We provision a new object, e.g., uid=jdoe,ou=users,o=contoso, into an instance of IBM Directory Server
- The object is created in IBM Directory Server as uid=jdoe,ou=users,o=contoso
- A Full Import on the IBM Directory Server MA runs and confirms the export
- Subsequent imports, sync, and exports run successfully
- <Time passes>
- A Full Import on the IBM Directory Server MA runs, and this object shows up as a staging-error (uid=jdoe,ou=Users,o=contoso)
- Subsequent imports and syncs report errors on this object (staging-error)
Note that we do not manipulate the anchor (DN) of this object once it is created in IBM Directory Server. Other attributes are synchronized, but the object is never renamed/moved. This case change does not happen with all of the objects brought in during the Full Import, but the number of instances do increase periodically. At this point, it does look like the import is changing from a lowercase "u" to an uppercase "U" but not vice versa.
I found a related TechNet article containing the following remark:
"IBM Directory Server does not guarantee that the case of a DN component will match in all instances. On a synchronization or import from IBM Directory Server, this can manifest itself as an unexpected update. For example, if you createO=TEST, and then create the user cn=MikeDan,O=TEST, this might be imported from IBM Directory Server ascn=MikeDan,O=test. Because of the case difference, FIM treats this as an update on subsequent full imports."
Unfortunately, the article does not propose a resolution.
Has anyone encountered this issue? More importantly has anyone resolved this or found an acceptable workaround?
Note that deleting the connector space is not an acceptable workaround. :)
↧
The time has come! Step up FIM Gurus! Your community needs heroes like you!
TechNet Gurus... we salute you!
You're awesome, and we know it!
Your knowledge uploads and nifty info nuggets are our life blood at TechNet Wiki.
Every awesome article that gets an award is just the start. We are building up the most sensational collection of gifts of knowledge from eminent community heavy weights and young guns alike. And we plan to promote you and your work wherever we can.
Reputations are being forged.
History is being made.
Generations will know your name.
Your children, grandchildren and great-grandchildren will marvel at your technical prowess.
And now, my mighty code warriors, cool consultants and platform specialists, now your chance is here again.
A new month of possibilities. Another chance to prove YOU are the ONE!
The mighty TechNet Guru medal winner for June!
Take up your mouse and keyboard!
Unleash your mighty words of wisdom and bask in the glory that we bestow upon you!
GO GO Gurus! Give, give, give!
All you have to do is add an article to TechNet Wiki from your own specialist field. Something that fits into one of the categories listed on the submissions page. Copy in your own blog posts, a forum solution, a white paper, or just something you had to solve for your own day's work today.
Drop us some nifty knowledge, or superb snippets, and become MICROSOFT TECHNOLOGY GURU OF THE MONTH!
This is an official Microsoft TechNet recognition, where people such as yourselves can truly get noticed!
HOW TO WIN
1) Please copy over your Microsoft technical solutions and revelations toTechNet Wiki.
2) Add a link to it on THIS WIKI COMPETITION PAGE (so we know you've contributed)
3) Every month, we will highlight your contributions, and select a "Guru of the Month" in each technology.
If you win, we will sing your praises in blogs and forums, similar to the weekly contributor awards. Once "on our radar" and making your mark, you will probably be interviewed for your greatness, and maybe eventually even invited into other inner TechNet/MSDN circles!
Winning this award in your favoured technology will help us learn the active members in each community.
Feel free to ask any questions below.
More about TechNet Guru Awards
Submit now : http://social.technet.microsoft.com/wiki/contents/articles/24692.technet-guru-contributions-for-june-2014.aspx
#PEJL
Got any nice code? If you invest time in coding an elegant, novel or impressive answer on MSDN forums, why not copy it over to the one and onlyTechNet Wiki, for future generations to benefit from! You'll never get archived again!
If you are a member of any user groups, please make sure you list them in the
Microsoft User Groups Portal. Microsoft are trying to help promote your groups, and collating them here is the first step.
↧
Configuration for FIM Portal NLB
Experts,
I installed FIM Portal on two servers. I access FIM with two URLs and it is working fine.
It was required to load balance the two. I gave both URLs two network team. They reverted with a virtual IP and a virtual Name(NLB).I have registered SPN for new virtual name and tried accessing the FIM portal with new NLB name. Error is 'page can not be displayed'.
Then added AAM in sharepoint and did binding in IIS. It still giving me the same error.
Kindly suggest.
↧
Combining multiple conditions in FIM
Experts,
Is it possible to combine multiple condition for creation of set.
My requirement is to create a set of group with following condition
EmployeeType='Regular'
AND
(Employee status = active OR employee status = retired)
I am not able to do it in FIM Portal. I only see all/any option in defining set criteria.
Please suggest.
Thanks,
Mann
↧
↧
FIM Reporting ETL Script
Hi,
Is there a way to monitor the status of FIM Reporting ETL Script using a workflow.
What is the best way of monitoring this ETL Script, can somebody advise on what will be needed to get this in place?
Rgds,
SATAN.
↧
Moving accounts in an eDirectory Connected System
I am trying to move an account in Edirectory (8.7.3) based on a change to a custom attribute(CustomAttr1) in AD.
The process I am using is
Change the attribute in AD
Do a delta Import for the AD MA- which results in an update the custom attribute.
Do a delta sync for the AD MA - which results in a provisioning rename (outbound synchronisation) for the eDir MA - at this point the old dn and the new dn look correct.
Do an export on the eDir MA - which generates an cd-missing-object error. The object has actually moved in the eDirectory system, but the object in the eDirectory connector space still has the dn set to the old value.
The outbound synchronisation rule has two outbound attribute flows for 'dn', one of which is marked as 'Initial Flow Only'
This is using FIM 2010R2 with hotfix 2934816 applied, running on windows 2012R2
Regards
Tom
↧
Sending Email Notifation from Account other than "fim_service"
Hi,
I am stuck with a situation, in which I have to send Email Notifications in FIM 2010 but the requirement of the client is that we can't showfim_service@abc.com which is default for sending mails.
Precisely, I want to send mail notifications to some set of users, but from other account other than the service account of FIM. Is it possible, if yes then how?
Thanks,
Manuj Khurana
If my reply is helpful to you, don't forget to mark it as "Helpful Post" and if it is exactly the answer then "Mark it as Answer".
↧
More Pages to Explore .....
