Dynamic attribute in FIM

November 18, 2014, 1:54 pm

≫ Next: SSPR password Reset issue

≪ Previous: System.UnauthorizedAccessException: Access to the path..\2010\Synchronization Service\Extensions is denied

$

0

0

We have an Identity picker control in User form in FIM which needs to be displayed dynamically based on the role.

<my:Control my:Name="Control1" my:TypeName="UocListView" my:ExpandArea="true" my:Caption="Groups" my:RightsLevel="{Binding Source=rights, Path=testAttribute}">

I am trying to display the control dynamically based  on the user rights

1. Created a custom attribute "testAttribute" which is of reference type.

2. Binded  the attribute to User obejct .

3. Created an MPR to provide read permission only set of users as specific requestor set  and All users as target request set and boolean attribute as selected specific attributes.This is created mainly for visibility of tab.

5. In RCDC, we added the  property as {Binding Source=rights, Path=testAttribute} in grouping section and IISRESET .

The control is getting displayed for all the users irrespective of the rights.

Could you please let me know if I am missing anything else?

Thanks  in advance

---

SSPR password Reset issue

November 18, 2014, 4:30 pm

≫ Next: FIM 2010 Active Directory Synchronization over Internet

≪ Previous: Dynamic attribute in FIM

$

0

0

Hi Techies,

I am facing a issue in resetting the password of the users. The user is able to register the password on the registration portal by giving all the answers but when trying to reset the password from the FIM password reset portal, giving the user name as

Domain Name\Username

and after providing all the answers which were used while registering the user for password reset,i get to the next page and able to enter the new password and confirm password. But just a click on Next, I receive the following error

An error has occurred. Please try again, and if the problem persists, contact your help desk or system administrator. (Error 3000)

working on FIM 2010R2 SP1.

PLease help in this.

Thanks in advance

Varun

FIM 2010 Active Directory Synchronization over Internet

November 18, 2014, 10:27 pm

≫ Next: SSPR fails while usine Network Service instead of FIM service Account. Where can I re-configure it?

≪ Previous: SSPR password Reset issue

$

0

0

Hello,



I'd like to ask if FIM Active Directory Management Agents can export AD object data across Internet or will a site-to-site VPN be required?



For example...



I have three forests:

• FIMdomain.com - a separate AD domain for FIM
• ForestA.com - Company A forest with users, no trust or network connection to Company B nor FIMdomain
• ForestB.com - Company B forest with users, no trust or network connection to Company B nor FIMdomain

Goal: To export all users from ForestA and ForestB into FIMdomain. FIMdomain AD will have the consolidated copy of all the users objects from ForestA and ForestB



Question: In order for FIMdomain to export user objects, will I be required to setup trust or private network connection (e.g. site-to-site VPN) to ForestA and ForestB? Or can I connect via Internet and query using LDAPS? Will I be required to configure trusts?



Thank you.





SSPR fails while usine Network Service instead of FIM service Account. Where can I re-configure it?

November 18, 2014, 11:34 pm

≫ Next: Active Directory accountExpires=Error:87

≪ Previous: FIM 2010 Active Directory Synchronization over Internet

$

0

0

SSPR fails when trying to reset the password. Registration is working fine. Reset is working until the last step. Than, after typing the new password twice, I get an error: An error has occurred when trying to reset your password, please contact the helpdesk for assistance".

The following error is written in the System log:
^^^^^^^^^^^^^^^^^^^
Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          11/18/2014 3:34:32 PM
Event ID:      10016
Task Category: None
Level:         Error
Keywords:      Classic
User:          NETWORK SERVICE
Computer:      SR0435.intranet.<client>.nl
Description:
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{000C101C-0000-0000-C000-000000000046}
and APPID
{000C101C-0000-0000-C000-000000000046}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
^^^^^^^^^^^^^^^^^^^^^

The user mentioned is not the one I expect. I expected the FIM service account to do that. Not the Network service. There is a blog here (http://www.identitychaos.com/2009/06/dcom-error-10016-and-sharepoint.html) that deals with this issue. But there the user is a service account. 

My topology is as followed:
Server 1 en 2: SharePoint 2013 farm members. No FIM Components except BRIX DLLs.
Server 3: Service, Portal, SharePoint 2013 Farm administration and portal. Used only by servers 1 and 2.
server 4: SSPR password reset
server 5: SSPR password registration
server 6: Synchronization server

SQL server is elsewhere.

Just to be sure the servers are configured correctly I re-run the SSPR Password Reset installation wizard on server 4 and the Service and portal installation wizard on server 3.  The configuration is as you may expect.

I tried to add the NETWORK SERVICE to the DCOM and give it permissions. The DCOM error in the event viewer disappeared but the password reset failed as well.

The user resetting the password has sufficient permissions to reset passwords.

My first question is: Why the Network Service is used and not the FIM Service account? Where can I change it?

---

GH

Active Directory accountExpires=Error:87

November 19, 2014, 5:13 am

≫ Next: How to get a list of all FIM managed security groups by providing the attribute name used in the group membership criteria?

≪ Previous: SSPR fails while usine Network Service instead of FIM service Account. Where can I re-configure it?

$

0

0

Hi, does anyone know what this error code means for the attribute accountExpires of a user account in AD?

How to get a list of all FIM managed security groups by providing the attribute name used in the group membership criteria?

November 19, 2014, 5:48 am

≫ Next: SQL Always On for FIM

≪ Previous: Active Directory accountExpires=Error:87

$

0

0

Hi All,

Can you share your views on achieving the below:

Suppose HR needs to make some attribute value changes for a large number of users. Now in the environment we have certain criteria based groups which have certain attributes for users which determines which user qualifies to become a member. Now if HR wants to check if the attribute they are going to update will make any impact on those FIM managed group membership, can we do a setting where HR will enter the attribute name and get a list of all such FIM managed groups where that attribute is considered in the criteria?

Regards,

Rajan Shrivastava

SQL Always On for FIM

November 19, 2014, 5:51 am

≫ Next: sync-rule-flow-provisioning-failed

≪ Previous: How to get a list of all FIM managed security groups by providing the attribute name used in the group membership criteria?

$

0

0

I wasn't able to find any information regarding the support of SQL Always On

Does FIM support SQL Always On? If not what should I use? Cluster? Mirroring?

---

The data above this text is pseudorandom, brace yourselves.

sync-rule-flow-provisioning-failed

November 19, 2014, 6:20 am

≫ Next: FIM - How to filter users published to AD

≪ Previous: SQL Always On for FIM

$

0

0

Hi

i am adding a user and while runnig the delta sync on FIM MA , it give me error i.e sync-rule-flow-provisioning-failed.

Microsoft.MetadirectoryServices.ProvisioningBySyncRuleException: An object with DN "CN=108729,OU=FIM,DC=PSPCL,DC=IN" already exists in management agent "PSPCL AD MA".

please provide me solution.

---

FIM - How to filter users published to AD

November 19, 2014, 7:13 am

≫ Next: permissions-issue Exporting to AD

≪ Previous: sync-rule-flow-provisioning-failed

$

0

0

Hello,

I have a FIM and multiple forsets connected to it. All forests have published their users in metaverse.

I would like to be able to filter the users that are populated in each forest based on their domain.

So, I do not want to have all users from metaverse in each forest but only the users from certain companies. 

I know it is possible to filter the users that are published to the metaverse, so I suppose there should be a filter to publish users to the AD.

How can I achieve this with Forefront Identity Manager ? 

Thank you

permissions-issue Exporting to AD

November 19, 2014, 7:23 am

≫ Next: Referencing attribute that's in another connector space

≪ Previous: FIM - How to filter users published to AD

$

0

0

I have FIM up and running smoothly now. Thank you very much!

I am able to export group membership to AD which was an issue for me.

But something frightening is happening.

When I perform an ADMA Export I get a long list of groups with permission-issue errors.
When I look at the Export in Progress per group I see:

Changes: modify
Attribute Name: Member
Old Value\New Value: I see that some members of the groups are designated as a Delete under both Old Value and New Value.
Those same users show under Users in the portal.

Now, if the user accounts have been disabled or removed from AD this would make sense but...

There is no reason for these users to be deleted from these groups. All I am exporting is Group account name and member flow attributes.

Thank God I am getting permission denied.

Can anyone please offer an explanation as to why this may be happening?

Referencing attribute that's in another connector space

November 19, 2014, 7:54 am

≫ Next: Unable to apply AD Password Policy in Self Service Password Reset

≪ Previous: permissions-issue Exporting to AD

$

0

0

The scenario:

Two HR inputs, both contain the EmployeeID and EmployeeType. EmployeeID is the same for both, the EmployeeType is different.

What I want to do is, that the HR1 would use Manager attribute as an reference from HR2, is this even possible?

The ultimate goal is to provision two different accounts (one std user, one admin) that have the same manager (std user).

Unable to apply AD Password Policy in Self Service Password Reset

November 19, 2014, 10:48 am

≫ Next: Export-FIMConfig does not return any data?

≪ Previous: Referencing attribute that's in another connector space

$

0

0

Hi Everyone,

I have a scenario in FIM where in AD has a password policy in which the users last 5 password is remembered in the AD which means if any users enters the same password or the password which he has entered previously then that password should not be allowed.

Now when i am resetting the password from Self Service Password Reset portal through FIM then if i enter the same password which i used initially it accepts that password and the password gets changed which I don't want.

I want that in SSPR if any user enter the previous password then he should not able to reset the password.

I have referred this article http://support.microsoft.com/kb/2443871

In this it was mentioned about to configure the registry whose path is as follows:

SYSTEM\CurrentControlSet\Services\FIMSynchronizationService\Parameters\PerMAInstance\<ma name>

when i login into the FIM Sync Server and when I Opened the Registry i can only see SYSTEM\CurrentControlSet\Services\FIMSynchronizationService\Parameters I could not see this "PerMAInstance\<ma name>" so that is why I am not able to set the desired value.

Request you to please respond.

Your Response is highly appreciated :)

Thanks,

Aman Khanna

Export-FIMConfig does not return any data?

November 19, 2014, 10:51 am

≫ Next: Disable FIM provisioning via registry or powershell?

≪ Previous: Unable to apply AD Password Policy in Self Service Password Reset

$

0

0

Hello everyone,

I have the following FIM query (PowerShell script):

$filter = "/Person[AccountName='jdoe']"
$user = Export-FIMConfig -CustomConfig $filter -OnlyBaseResources
$displayName = $user.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "DisplayName"}
$displayName.Value

I always get back a null value.  Every attempt I have tried using the Export-FimConfig command results in no data returned.  I, however, dont recieve any error messages.  Is there something I need to configure on the server for this to work?

I am running the command on Windows Server 2008 R2 with the FIM 2010 R2 Synchronization Engine and
FIM 2010 R2 Service & Portal installed.

Thank you for any help,

Tanner

Disable FIM provisioning via registry or powershell?

November 19, 2014, 1:23 pm

≫ Next: sync-rule-flow-provisioning-failed‏

≪ Previous: Export-FIMConfig does not return any data?

$

0

0

Hi,

Is there a way to disable FIM provisioning via registry or powershell?

We are looking to auto disable FIM provisioning in a DR scenario in this way. If not possible, we can simply halt the Run Profiles from running, until someone manually unchecks provisioning and performs manual Joins first.

Thanks,

SK

sync-rule-flow-provisioning-failed‏

November 19, 2014, 9:33 pm

≫ Next: FIM R2 Reporting : FIM Historical reports (SSRS) are extremely slow

≪ Previous: Disable FIM provisioning via registry or powershell?

$

0

0

Hi,<o:p></o:p>

While Disabling the provisioning and after running Full Sync on FIM MA  and AD MA, I found 0 joins in statistics.<o:p></o:p>

please resolve the error.<o:p></o:p>

---

FIM R2 Reporting : FIM Historical reports (SSRS) are extremely slow

November 20, 2014, 4:14 am

≫ Next: Change profile template name in FIMCM

≪ Previous: sync-rule-flow-provisioning-failed‏

$

0

0

FIM Historical reports (SSRS) are extremely slow. Specifically when running parameterised report it take > 5 - 10 minutes or keeps running and time out or out-of-memory error.

We have DW Server with 32 GB RAM, 2.27GHz (4 Processor), Both DW and Service Manager database are on two differene instance.

---

Aswathy Raj

Change profile template name in FIMCM

November 20, 2014, 10:07 am

≫ Next: FIM TechNet Guru News: October Winners Announced

≪ Previous: FIM R2 Reporting : FIM Historical reports (SSRS) are extremely slow

$

0

0

Is there anyway to change the name of profile template? Is the name itself referenced somewhere in the FIMCM database? I know that the object itself exists in the AD...

FIM TechNet Guru News: October Winners Announced

November 20, 2014, 12:43 pm

≫ Next: AUTHZ workflow not triggered on attribute change

≪ Previous: Change profile template name in FIMCM

$

0

0

All the votes are in! 

 

And below are the results for the TechNet Guru Awards, October 2014 !!!!

 

For a full list of winners, see the full blog post, as runners up had to be removed from this post to fit the forum max length restrictions.

 

BizTalk Technical Guru - October 2014

	Agustín Mántaras	Visual Basic script to deal with BizTalk Suspended Messages	Mandi Ohlinger: "A quick and easy way to handle suspended messages. I'm a fan!" Ed Price: "Great article! Thanks for including an MSDN Gallery link, a See Also section that links to the Wiki portal, and some great example snippets!" Sandro Pereira: "Nice script, in my opinion it will be best to write this in PowerShell script. Well written, well formatted (some minor improvements can be made)"
	Johns-305 [boatseller]	BizTalk: EDI Features Not Just For HIPAA	Mandi Ohlinger: "A great walkthrough including the screen shots. Nice addition to the Wiki. " Ed Price: "Good use of images and color in the code snippets!" Sandro Pereira: "Nice start be this article should be explained better. Article format can be improved."
	Steef-Jan Wiggers	Securing BizTalk endpoints leveraging Sentinet API Management Part 3	Sandro Pereira: "Another excellent article in this series on Sentinet API Management. Well written, well formatted with nice pictures, great article and I love the topic." Ed Price: "Fantastic depth on this article!"

 

Forefront Identity Manager Technical Guru - October 2014

Wim Beck

Event Driven Scheduling of Forefront Identity Manager (FIM) using a Windows Service

Ed Price: "Fantastic job on formatting, the code, and all the explanations! The TOC and References are a nice touch!" PG: "Nice innovative solution, that is a nice add-on to existing solutions. "

Microsoft Azure Technical Guru - October 2014

	Chervine	Creating and Querying Microsoft Azure DocumentDB	JH: "DocumentDB is one of my favorite new services on Azure. It's cool to see that someone seems to be excited as I am. Hope that this article is just the beginning of a whole series about Azure DocumentDB." Ed Price: "Great use of images and code snippets. Good conclusion! Great topic!"
	Chilbeto	Publishing Multiple Azure Environments	TN: "Great " JH: "This topic is normally forgotten when talking about Cloud development. I had a hard time to find an appropriate mechanism myself. This article provides one of the better ways how you can deploy multiple environments to Azure." Ed Price: "Great overview article. Good diagram at the top! Could benefit from a TOC and References. Good job on the conclusion!"
	saramgsilva	Microsoft's Windows AppStudio: Add Support For Push Notification	Ed Price: "Great introduction and incredibly thorough. Great job!" JH: "A new article about AppStudio focusing on push notifications. Push notifications in my opinion, when done right, makes an app alive. Would love to see a complete example with all features mentioned in the related articles published on GitHub."

 

Microsoft Visio Technical Guru - October 2014

Mr X

Unattended installation of Visio 2013

Ed Price: "Great job, Mr X! Good use of images!" AH: "It gives good instructions with the help of the pictures but its still missing detailed information if some user needs it. Need to provide a wiki/msdn references that are available something like http://technet.microsoft.com/en-us/library/cc179097.aspx. Overall decent article"

Miscellaneous Technical Guru - October 2014

	Brian Nadjiwon	How to Create and Use Classes in PowerShell	Richard Mueller: "Very interesting concepts. It would help to name the objects something like "Jim" rather than "Person", for example. There should be a See Also section, and more links to references." Ed Price: "Great topic and explanations of the classes!"
	Andy ONeill	Visual Studio: Snippetty Tip	Richard Mueller: "Great idea with some good advise." Ed Price: "Great explanations of the code snippets! Fun topic! As is mentioned in the comments and in the article, many people don't know this is possible!"
	saramgsilva	How to create a Virtual Machine for run Windows 10 Technical Preview	Ed Price: "Fantastic topic! Good use of images!" Richard Mueller: "Good images and a good step by step explanation. Needs links to references and other Wiki articles (See Also). We should try not to use first person."

SharePoint 2010 / 2013 Technical Guru - October 2014

	Geetanjali Arora	SharePoint Online : An Introduction to Office Delve	TN: "Great wrap-up about Delve" Ed Price: "Amazing depth and a great overview to a new topic! Great job on the images and details!" GO: "woohooo; a DELVE article. Great work." Margriet Bruggeman: "A new topic explained well, I was actually looking for this info!" Jinchun Chen: "Great."
	Steven Andrews	Building a list specific search with JavaScript	TN: "Great tip for mid-dev" Ed Price: "Great job on the descriptions, formatting, images, and See Also section! Check out the great comment from Dan at the bottom of the article!" GO: "Nice work Steven. It's definitely a great article.!" Margriet Bruggeman: "Great! easy to use solution for a request that is made often" Jinchun Chen: "Nice work"
	Dan Christian	No-code solution to lookup previous item in a list	Ed Price: "Effective images and helpful video and See Also help round out this great article!" GO: "Thanks Dan and as USUAL an usefull article." Jinchun Chen: "Nice. If InfoPath Form is accepted, we can use InfoPath Form to achive the goal as well." Margriet Bruggeman: "I can tell that effort is taken to explain the idea well"

 

Small Basic Technical Guru - October 2014

	Nonki Takahashi	Small Basic: Rotation Centers for Shapes of Triangle and Line	RZ: "Excellent article. This is a must read if you want to make an object move. You need to understand the coordinates and the rotation center." Ed Price: "Great use of images!"
	Nonki Takahashi	Small Basic Known Issue: 26992 - GraphicsWindow.GetPixel(X, Y) Doesn’t Work Properly If X Or Y Has after the Decimal Point in Remote	Ed Price: "Good recommended workaround!" RZ: "Yeah, another bug in Small Basic that might get you and need to be fixed :)"
	Nonki Takahashi	Small Basic: International Resources	Ed Price: "Oh, yeah. This one is so amazing! Thank you for making this and organizing the resources so well!"

 

SQL BI and Power BI Technical Guru - October 2014

	Visakh16	Random SSRS Musings 1 : Rowset Concatenation Using Native SSRS Expressions	MR: "Interesting example of LookupSet function usage" RB: "merging columns on a single line with an interesting solution" Jinchun Chen: "Good workaround we are generally using." Ed Price: "Great descriptions and use of images!"
	Jan D'Hondt	Dates in Excel files rendered from reports are displayed as plain numbers	Ed Price: "Great job laying out the sections. The images help convey a lot!" MR: "Very short tip that could be useful because of different behavior on iPad and Windows" RB: "interesting work-around."
	Anushka Weerakkodyge	Integrating Power View with SharePoint Server 2010/2013 - Multidimensional Mode	RB: "nice walkthrough" Ed Price: "Great depth in the procedure steps! It's similar to another article (see comment), but it's still a good addition. Good use of images!" MR: "This article explains how to install Power View on SharePoint but do not explain that Reporting Services is the tool required for Power View to work - the initial setup is required only whether SSRS has not been installed before. Otherwise, it has to be upgraded and then the shortcut can work."

 

SQL Server General and Database Engine Technical Guru - October 2014

	Shanky	In depth Look at What can Cause Index to be Still Fragmented After Rebuild	AM: "Well covered." Ed Price: "Good job on the explanations, Conclusion, and See Also section!"
	Ronen Ariely	Representing list of values using a single value	Ed Price: "Great breakdown of sections! Good formatting on the sections and code snippets! Great interactions in the comments!" AM: " Interesting options and walk through."
	Visakh16	Generate Scripts for Stored Procedures Without Dynamic SQL in SSMS	AM: "Nice tip for better use of SSMS." Ed Price: "Great breakdown of the problem and solution. As Saeid wrote in the comments, "Clear article which shows handy solution!" Good job!"

System Center Technical Guru - October 2014

Alan do Nascimento Carlos

ALM and IT Operations - Management 360 with System Center Operations Manager in 06 Steps

Ed Price: "Lots of images. Great job breaking up the steps! Could benefit from a TOC and References. Great article!" GO: "Thanks for the only article. great btw. :-)"

Transact-SQL Technical Guru - October 2014

	Visakh16	Behavioral Difference of IIf Function in T-SQL Compared To SSRS	Richard Mueller: "Nicely done with code examples. The "See Also" section should only link to Wiki articles." GO: "Wonderfull article thank you!" Jinchun Chen: "Interesting comparison " Ed Price: "Good topic. Very clean and clear. Great article!" JS: "Good writeup, though I would bring the comparison with the table to the top and reference the samples from there."
	Ronen Ariely	INSTEAD OF Triggers	Ed Price: "Good depth here. Great explanations of the code! Great job interacting in the comments and improving the article!" JS: "Use object qualifiers (schema name to make sure that the right objects will be picked, e.g. dbo.) Outline ab bot more the things what not to do in production! Be aware that although people read this, they tend to use it anyway. If triggers are enabled, they are executed once for each batch They are executed each statement not batch, miswording here." Richard Mueller: "Good article. The "See Also" should only include Wiki articles. Some of the "Resources" could be moved to "See Also". Grammar needs work." GO: "Thanks"
	Praveen Rayan D'sa	Find the Database where user defined object located and where it is being referred.	GO: "This article deserves absolutely a medal THANKS!" Jinchun Chen: "" Richard Mueller: "Good topic. Grammar needs work. "Caution" states undocumented stored procedure is safe for production, but later states it is not." Ed Price: "Great article. We should include the technology in the title. Good descriptions, and great References!" JS: "Although the outlined solution is interesting and shows the public the usage of the "new" system views finding the right dependencies, it is not recommended to describe the usage of undocumented features such as sp_msforeachdb as there are alternatives, especially in this scenario. You could generate a query using the sys.databases view and let it print out the database name along with the use statement. In addition to this and as the statement has to be run with a high privileged account as schema information is secured as well, it should be made safe to SQL injection. In many case in the statements there is just a concatentation of values used. You can easily inject code in here, Also make sure that names / object identifiers are quoted with [] in order to allow also special characters like spaces in the names"

Visual Basic Technical Guru - October 2014

	.paul.	Image balloonTips	Richard Mueller: "Lots of code. Great idea. The "See Also" section should only include links to Wiki articles." Ed Price: "Great solution. Good explanations!"
	.paul.	Image Arrow Pointers	Richard Mueller: "Interesting idea. Need more links. Don't use first person."  Ed Price: "Creative solution! It would be good to break up the code more, to explain it. Great article!"
	Paul Ishak	Visual Basic Graphics Frame Class (Easily Converted to C#)	Ed Price: "Good solution! Could benefit from more explanations of what the code is doing." Richard Mueller: "Don't use first person. Could use more description, explanation, and links."

Visual C# Technical Guru - October 2014

	Chervine	Using XML Serialization with C# and SQL Server	Ed Price: "It goes on for quite a while! Great job breaking out all the code snippets and explaining them well! Could benefit from a References or See Also section. Great TOC!" Søren Granfeldt: "In these days of generic data, this serves as a good example of storing unstructured data" Margriet Bruggeman: "Through discussion of the topic" DB: "Interesting"
	Magnus (MM8)	C#: Generic Type Parameters And Dynamic Types	Søren Granfeldt: "Nice example of diving into generic code and extensibility" DB: "Good walkthrough of generics and reflection" Ed Price: "Important topic! Great descriptions." Margriet Bruggeman: "Good, I like the way the article covers various sides of the problem"
	saramgsilva	File exporter for IEnumerable of T	Ed Price: "Another great article from Sara! Great job on the TOC and code snippets!" Søren Granfeldt: "Great idea; could use a little more generic approach on the formatting of values" Margriet Bruggeman: "Nice example of applying generics"

 

Wiki and Portals Technical Guru - October 2014

Durval Ramos

Summit: Principles of International TNWiki Summit

Richard Mueller: "A great writeup and introduction to this fantastic idea. Well done." Ed Price: "Great depth and planning for this event!" GO: "This is one of the best Portals that I've ever seen! Thanks"

Windows Phone and Windows Store Apps Technical Guru - October 2014

	saramgsilva	How to Integrate Cortana in the Menu App	JH: "I got three words for you: I love Cortana! This article shows nicely how to integrate Cortana into your own app. Would love to see more." Ed Price: "That's what I'm talking about! Way to go for a "What's Next" topic and nail it! I expect this article to gain a lot of interest. Fantastic article!"
	Carmelo La Monica	The class GeocodeQuery in Windows Phone 8.	JH: "Lots of code examples about a feature some apps should be use more. Geocoding becomes more and more important, so this article fits perfectly into this." Ed Price: "This is an important class with a lot of possibilities. Great execution on this article! Could benefit from a References or Additional Resources section. Good job wrapping it up with the conclusion."
	saramgsilva	Export To CSV for Windows Store apps	JH: "Most people laugh when they hear about CSV export of data. A database would be a better place for the data of an app. In my opinion this is not always true (because CSV is small and can be used in different ways), so most apps should have the capability to export data into the CSV file format. This article shows how this can be done." Ed Price: "Another very important article. I love the Source link to the MSDN Gallery. Great job!"

Windows Presentation Foundation (WPF) Technical Guru - October 2014

	Andy ONeill	WPF: Entity Framework MVVM Walk Through 1	Ed Price: "Very well formatted, clear sections, and lots of depth and clear explanations! The TOC, code snippets, Summary, and Further Reading links all help round out this great article!" KJ: "awesome"
	saramgsilva	How to binding a ResourceDictionary to a Lisbox in apps based in XAML	Ed Price: "Incredibly clear and fantastic topic! The TOC and Source link to the Gallery item help provide more value!" GO: "She did it again. Great article."
	Shweta Lodha	PopUps with Interactivity [Prism 5.0]	KJ: "handy" Ed Price: "Good clarity and use of code snippets and images. Could benefit from a TOC and References/See Also. Great job!" GO: "Layout could be better, but still valualble article."

 

Windows Server Technical Guru - October 2014

	Richard Mueller	Active Directory: Generalized-Time Attributes	Mark Parris: "Very detailed article providing very good information." GO: "Top 1 AD article Thanks Richard." JM: "This is an excellent article, thanks for your contribution." Philippe Levesque: "Good article ! I really liked the note about the whenChanged"
	Darshana Jayathilake	Some useful features with Windows Group policies	JM: "This is an excellent article, but I recommend making the title more accurate by renaming it something like "How to configure Applocker using Group Policy" " GO: "I like the article; so great written" Mark Parris: "A good insight on some GPO settings and their capability." Philippe Levesque: "Good visual howto !"
	Mr X	How to manage Windows Taskbar Items pinning using Group Policy	Philippe Levesque: "Good subject well explained, already seen users that ask for that in the forum as it's new." JM: "This is a good article that would be much more useful if you specify the Windows versions to which the article applies." GO: "Merci, Mr X" Mark Parris: "Very useful, especially if you need to utilise this capability post deployment."

-------------------------------- 8< --------------------------------

A huge thank you to EVERYONE who contributed an article to October's competition.

Hopefully we will see you ALL again in November 2014's listings?

If you haven't contributed an article for this month, and you think you can create a more useful, clever and better presented wiki article than the winners above, here's your chance! :D

Best regards,
Pete Laker

More about the TechNet Guru Awards:

• TechNet Guru Competitions

---

#PEJL
Got any nice code? If you invest time in coding an elegant, novel or impressive answer on MSDN forums, why not copy it over toTechNet Wiki, for future generations to benefit from! You'll never get archived again, and you could win weekly awards!

Have you got what it takes o become this month's TechNet Technical Guru? Join a long list of well known community big hitters, show your knowledge and prowess in your favoured technologies!

AUTHZ workflow not triggered on attribute change

November 20, 2014, 8:49 pm

≫ Next: FIM Password Synchronization Not Catching All Password Changes

≪ Previous: FIM TechNet Guru News: October Winners Announced

$

0

0

Got 2 workflows, 1 action which changes the value of an attribute one transition in. The 2nd workflow (request) needs to send out an approval request. This only works when I change the value manually later on:

If I move a user into the correct set, the first workflow gets triggered and the value gets set/updated. However, the 2 workflow - authz - does not seem to be doing anything. No approval request send. When I change the value manually in the portal, the approval does get send.

Looking at the request I see the following:
When it works, the workflow requestor is my user account. When it doesn't do anything, the requestor is Forefront Identity Manager Service Account.

I read somewhere that this account can't be used for AUTHZ's. Is there a workaround for it?

FIM Password Synchronization Not Catching All Password Changes

November 21, 2014, 11:01 am

≫ Next: FIM 2010 R2 SP1 Deployment Prerequisites

≪ Previous: AUTHZ workflow not triggered on attribute change

$

0

0

I have a FIM 2012 R2 environment and I'm about to start synchronizing password changes from AD into our legacy systems.  I have PCNS installed on my DCs and the AD MA in FIM configured as a password sync source.

Everything works - just not all of the time.

I've enabled PCNS verbose logging on the DCs.  I'm getting "The password notification has been delivered to all targets - (Event ID 2100)"success messages for all password changes but the FIM sync engine ony appears to be acting on ~25% of the incoming changes.

I had thought it was my password extension code that may have been having issues but I stripped it down to simply dropping an event into an event log and it's still dropping 75% of the changes.

Has anyone else seen this behaviour before? 

Is there any way to correlate PCNS events with some form of log in FIM?  I can't seem to find anything in the event log that's tied to password changes.

Cheers,

    Ian