Articles on this Page
- 08/06/14--05:47: _FIM 2010 server lic...
- 08/06/14--21:19: _Achieving self serv...
- 08/06/14--21:32: _Locking users from ...
- 08/07/14--00:53: _FIM Password Reset ...
- 08/07/14--01:48: _HOW TO REMOVE MSEXC...
- 08/07/14--02:21: _Assigning Computers...
- 08/07/14--03:07: _Custom approval wor...
- 08/07/14--04:14: _FIM SSPR ADMA Enfor...
- 08/07/14--08:19: _MS PowerShell Conne...
- 08/07/14--08:52: _Metaverse Extension...
- 08/07/14--23:06: _Does FIM 2010 R2 Su...
- 08/08/14--07:12: _FIM Rerporting mana...
- 08/08/14--10:02: _FIM 2010 R2 Passwor...
- 08/08/14--20:07: _MS Powershell Conne...
- 08/10/14--06:29: _Email is not gettin...
- 08/11/14--04:21: _Is there any Out of...
- 08/11/14--11:59: _Problems with neste...
- 08/11/14--18:26: _FIM Logging Question
- 08/11/14--20:25: _Can people select t...
- 08/11/14--21:12: _Authenticate to FIM...
- 08/06/14--05:47: FIM 2010 server license reusing
- User sends request for password reset using a custom form resource
- The helpdesk resets the user's password and the new password sent to the user by mail
- The manager gets notified that the user's password was reset
- How can I lock users from changing their details on the FIM portal, so that it is the HR Admin only who can alter user details on the portal?
- How can users be locked from resetting their passwords as well and only have the helpdesk perform this task for them? Also, is there a way that FIM 2010 can generate these passwords so that they are sent by mail to the user with a notification of the password reset sent to the user's manager?
- 08/07/14--00:53: FIM Password Reset Portal OTP Options
- 08/07/14--01:48: HOW TO REMOVE MSEXCHSAFESENDERSHASH FROM METAVERSE ATTRIBUTE
- 08/07/14--02:21: Assigning Computers to groups dynamically
- 08/07/14--03:07: Custom approval workflow when adding members to a group
- 08/07/14--04:14: FIM SSPR ADMA Enforce Password Policy AD Server 2012
- 08/07/14--08:19: MS PowerShell Connector encrypted parameters
- 08/07/14--23:06: Does FIM 2010 R2 Support Outlook 2013
- 08/08/14--07:12: FIM Rerporting management pack multivalue references
- 08/08/14--10:02: FIM 2010 R2 Password Registration portal via WAP
- 08/08/14--20:07: MS Powershell Connector paged imports and global variables
- 08/11/14--04:21: Is there any Out of Box Connector for Office 365 using FIM 2010 R2?
- 08/11/14--11:59: Problems with nested IIF statements in FIM Service
- 08/11/14--18:26: FIM Logging Question
- 08/11/14--20:25: Can people select their approver?
- 08/11/14--21:12: Authenticate to FIM Portal using Smart Cards?
I can't find answer for this simple question.
My customer have FIM Single LicSAPk OLP NL AcademicEdition license. Can I using it in testing environment and run FIM with this license in production after all? Or using trial version will be better way for testing purpose?
I want to achieve the following:
Please share your success stories on something similar or the same. How do you achieve the above on the FIM portal? Does FIM generate passwords that could also simplify the helpdesk's work of generating these passwords for user? If yes, how can it also be incorporated?
The normal SSPR works perfectly fine but it is a requirement that users do not get to set passwords for themselves but through the helpdesk. I'll appreciate your help on this.
I appreciate your assistance on this.
My customer is looking for a way to allow users for a chance to select either SMS or Email OTP option during their password reset. Anyone can share knowledge whether it is achievable or not through minimum customization.
I want to remove MSEXCHSAFESENDERSHASH from metraverse attribute and import flow, could you tell me how to do that ? because, i got some error cant delete it because already used in one import flow.
I have a setup with a custom computer object that is being imported.
I want to add computers to specific AD security groups based on Operating System (imported) as the search field.
I see that when I create a new criteria based group , I only have user, role, and related objects but not computers in the apply to section.
Does anyone have a general steer on to how to achieve this ?
I already know there are problems with mixed users and computers in groups, but at the moment, I need to create a new group populated with computer objects.
It must be obvious , but I am missing something.
I have a customer requirement, where they want the ability for anyone using the portal to be able to add any other member to any available security group. The catch here is that the approval should come from the manager of the member being added
For example, if we have 3 users in the FIM portal, User1, User2 and User3. Now, say User1 adds User2 and User3 to some group, then an approval should be fired to the managers of User2 and User3 before they are added to the group. I'm guessing the group owner will also need to give his approval, but thats simple enough.
I tried creating an Authorisation activity, seeking approval from the "Delta" workflow parameter, but it only lets me do //Delta/ExplicitMember/Added (or removed), whereas I want to say something like "Seek approval from" [//Delta/ExplicitMember/Added/Manager] - alas, this doesn't work.
I'm guessing I will need some custom WF to do this, and I'm comfortable creating action workflows (using the PowerShell WF activity). However, I'm not sure on how to proceed with this.
This post has the same question http://social.technet.microsoft.com/Forums/en-US/2bb5cea4-146c-4745-aa5d-6668ea9f9ef0/simple-question-on-deltaexplicitmemberadded-lookup-values?forum=ilm2
However, I'm trying to do this using the PowerShell activity worfklow and I'm not sure how EnumerateResources and the like translate into that
Thanks in advance
Does FIM 2010 R2 SP1 Enforce Password Policy work on PDC running server 2012?
I have a need for a password in the PS import script in the MS PowerShell Connector. (O365 SharePoint CSOM can't use a PSCredential object. It requires username/password).
I have been unable to find the syntax for extracting an encrypted parameter.
Based on the MSDN documentation I expected this to work:
$pwd = $ConfigurationParameters["pwd_Global"].SecureValue
Does anyone know the correct method?
I need to sync users from AD1 to AD2 using FIM Synchronisation Service.
I'm trying to write rules extension (MA or MV Rules Extensions) in order to check if USER1 is deleted from AD1, FIM should provision USER1 to AD2 with (Disabled Status and the date of deletion from AD1).
I will be grateful if you could help me finding more information about the way to proceed.
Thanks a lot in advance.
I am presently working on FIM 2010 R2 and i am working on DL management through Outlook 2013.Can u please tell me does it support outlook 2013 and if not then what we need to do.
Please help your response is highly appreciated.
We have set up a FIM reporting extension on existing FIM and SCSM solution for our client with some of the custom management packs containing multivalue references (saved as a reference type). Some (but not all) object in FIM were many months old and requests that set the multivalue attributes were long gone.
The problem we seem to be facing now is that although the new data is visible in reports, the old multivalue attribute data is not transferred to SCSM database neither to any of the data warehouse databases. I am pretty sure we got the bindings and schema correct (as I said, new data is transferred without any problems), but the old data is just not there.
is there a way of having a user authenticate via the New Web Application Proxy in server 2012 R2 as a reverse proxy to the password registration portal ?
I ask as TMG is a goner !
With the MS Powershell Connector how can you define global variables or some other means to persist objects acquired in the Begin Import script so they are available to the Import script?
The same shared information is also needed in subsequent calls to the Import script to handle paged data sources.
Does anyone have an example of how they've accomplished paging with the Powershell Connector?
I am presently doing DL management with owner approval to join any group membership using Outlook through FIM.I have a FIM 2010 R2 setup in one system and a different machine in which i have installed the client for Outllook.
I have configured evrything and also i can see the groups in the GAL and users too but when i am trying to send any email to join the group ,the owner of that group should get the email that a person wants to join the group but he is not getting the mail though it has been send successfully.
Can u please provide me the bottle neck of the issue.
Is there any Out of Box Connector for Office 365 using FIM 2010 R2? and also want to know how to do users provisioning in Office 365 and why we use dirSync in FIM 2010 R2.
I've been beating my head against this for some time, following examples I've found in web searches, but I cannot seem to make this IIF statement work after the first IIF function (inbound sync rule for Oracle database MA):
I've replaced most of the indicators with IND_1, but all were constructed something like "EMP_STATUS". In every variation I've tried, the first IIF evaluation correctly evaluates the status true or false. Anytime I add a nested IIF
function in the "action if false" section, I get an error on that attribute when running the Oracle MA Sync if the first statement evaluates false:
Error sync-rule-mapping - expression
Can FIM do nested IIF statements like this?
The FIM Portal has the "Search Requests" link, and from what I recall, this is some of the information that can be stored in the FIM Reports (System Center). "Search Requests" contains info such as User changes, Group modifications, etc.
Does this information also get written to the Event Viewer on the FIM Portal server, as I can't seem to locate it?
If not, can this event data be extracted from SQL and presented to other logging solutions?
Can a requester select which approver they wish the request to go to in the FIM Portal?
e.g. I would like my FIM Portal AD group membership request to go to one of the people in the drop-down-list or based on a people picker option.
Since the FIM Portal is hosted on IIS/Sharepoint Foundation, I assume that FIM Portal authentication/access can be via Smart Card only for FIM Admin users?
For normal user (non-admin) FIM Portal Self Service User Profile management, can they also use the Smart Card for logon?
What would the implication be, however, for SSPR if Smart Card logons are enabled on the FIM Portal site?