Quantcast
Channel: Forum Microsoft Identity Manager
Viewing all 4767 articles
Browse latest View live

FIM 2010 R2 SP1 Deployment Prerequisites

0
0

Hi all,

we are about to deploy FIM 2010 R2 SP1 to achieve the below requirements

1- Account management: unlock, enable/disable, delete
2- Group membership: add/remove user to group, 
3- Schedule for add/remove user to/from groups.
4- Schedule for enable/disable user.
5- Link AD account with Oracle system accounts.
7- Reset/unlock the password either by secret Questions/Answers or alternate Email address.

now what is the prerequisites (Hardware and Software)

- if i have SharePoint deployed can i use it or it's better to install the SharePoint Foundation.

- can we install on preexisting SQL or new SQL server, if we will use a preexisting SQL will we need a new instance or only DB.

- how many servers are required, what is the best practices.

Thanks 

 

FIM 2010 R2 SP1 Deployment Prerequisites

0
0

Hi all,

we are about to deploy FIM 2010 R2 SP1 to achieve the below requirements

1- Account management: unlock, enable/disable, delete
2- Group membership: add/remove user to group, 
3- Schedule for add/remove user to/from groups.
4- Schedule for enable/disable user.
5- Link AD account with Oracle system accounts.
7- Reset/unlock the password either by secret Questions/Answers or alternate Email address.

now what is the prerequisites (Hardware and Software)

- if i have SharePoint deployed can i use it or it's better to install the SharePoint Foundation.

- can we install on preexisting SQL or new SQL server, if we will use a preexisting SQL will we need a new instance or only DB.

- how many servers are required, what is the best practices.

Thanks 


Teka

https://www.reddit.com/r/t4gPISopusTA/comments/2n4wcy/

0
0

https://www.reddit.com/r/t4gPISopusTA/comments/2n4wcy/

https://www.reddit.com/r/t4gPISopusTA/comments/2n4wcy/

https://www.reddit.com/r/t4gPISopusTA/comments/2n4wcy/

https://www.reddit.com/r/t4gPISopusTA/comments/2n4wcy/

https://www.reddit.com/r/t4gPISopusTA/comments/2n4wcy/

https://www.reddit.com/r/t4gPISopusTA/comments/2n4wcy/

https://www.reddit.com/r/pacCmaN/comments/2n4yb5/

0
0

https://www.reddit.com/r/pacCmaN/comments/2n4yb5/

https://www.reddit.com/r/pacCmaN/comments/2n4yb5/

https://www.reddit.com/r/pacCmaN/comments/2n4yb5/

https://www.reddit.com/r/pacCmaN/comments/2n4yb5/

https://www.reddit.com/r/pacCmaN/comments/2n4yb5/

FIM Sync Validation

0
0

Hi,

 I'm using FIM 2010 R2 to sync a CSV file data source with AD. I'm not using the portal sync rules with my CSV data source (all rule config done within the FIM sync service).

I'd like to know if there is any validation I can configure with the FIM sync service application without writing a DLL for a file based CSV data sync?

Thanks

HOW TO RECOVER / RETIRVE FIM Username through OTP ?

0
0

Hi Guys,

I have been facing an issue where my users forget their username and type incorrect username for OTP password reset email. Is there any way to create a link that user can retrieve their username or receive on their OTP registered email address ?

Regards
Sarwar


Sarwar

Which Properties can be changed in AuthN Workflow without requiring user re-registration

0
0

I understand there has been similar questions but to clarify:

Are there any settings in QA Gate that can be changed without requiring the users to re-register?

If so.. which settings can be changed.

I've read a post that suggests you can't change anything without requiring re-registration and I've also read a post that suggested you can add but not remove or modify questions.

If I go through the process before Submitting it suggests Clear Registration is set to False and XOML has changed.

Can someone please provide a definite answer on this one.


Thanks.

HOW TO RECOVER / RETIRVE FIM Username through Email address

0
0

Hi Guys,

I have been facing an issue where my users forget their username and type incorrect username for OTP password reset email. Is there any way that users can recover /retrieve their username by typing their email address like they receive security code by typing their username ?
Regards
Sarwar


Sarwar



Sequential number in workflow

0
0

I need to add a sequential number to a user property employee-id. The initial value is e.g. '100'. If I run the powershell script which is part of the workflow for 1 user at a time it works fine. I do this by adding 1 user to the set this workflow/mpr is attached to.
The script will increment by 1 to 101.

If I have multiple users in the set, this method fails. As the workflow is run simultaneously more than 1 user end up with an employee-id of 101.

How can I get a unique sequential number for a workflow?

Thanks

User Synchronization error - FIMMA - failed creation via web services - Message : Fault Reason: The request message contains errors that prevent processing the request

0
0

Hello All,

The Synchronization manager shows export error. 

One user reported of not being able to register for password reset using FIM. When checked, it is found that the user is not synchronized. Finally , the user is located in the connector space and the error shown for the export is shown in the picture. 

It indicated that objectSID is not unique. But, this is not possible as the user account is functional. If ObjectSID has not been unique, the user account would not be working in any case.

Please help, if there is any way the user can be synchronized.

Regards,

Divye

Determine number of resources affected by "transition in"

0
0

If a MPR/Workflow is kicked off based on resources transitioning into a set, is there a way to determine how many records were transitioned in? E.g. the existing set already contains 50 resources and after the transition in, it contains 60. I basically want to find that 10 resources have been added since last time.

Thanks.

Does SCSM 2012 R2 supports reporting in fim 2010 r2?

0
0

Hi Everyone,

I have a scenario where i am configure fim reporting with SCSM and i have the fim version of 2010 r2 and scsm 2012 r2 ?It would be great if u provide me the information

I have ran the powershell script on on datawarehouse successfully

I have ran the initial sync and incremental sync successfully

while running ETL script of Add Snapins its tell me this is not installed on the machine i am still seeking an answer to fix this issue?

Your response is highly appreciated.

Thanks,

Aman Khanna

Applying an outbound flow rule name to multiple attributes

0
0

I'm looking for general guidance, not a complete solution.  I have done minimal .NET (the foundation course on Microsoft Virtual Academy) and a bit of FIM. 

Quick background:

One of our management agents currently exports (along with a number of unrelated attributes) three phone numbers into a CSV file, which is then imported into a distant cloud application.

Our phone systems rely on our phone number attributes in Active Directory (which is also integrated with FIM 2010 R2) to begin with the "+" character - mobile phones also need this so that they can call from any country.  So, most phone numbers are prefixed with "+64" - New Zealand's international code.  The export attribute flow is as follows (Metaverse attribute on the left, cloud .CSV on the right):

primaryExtn-> Extn

faxTelephoneNumber -> Fax
telephoneNumber -> Phone

Unfortunately, the earlier stated cloud app doesn't accept non-numeric characters (like the "+"), and this isn't an issue high on their list of "things to do". 

So, I need to make sure that these telephone number attributes passed from the metaverse to the cloud .CSV do not contain a "+", and if it does, remove it before placing it in the .CSV file.  I have come up with the basic code in C# so I don't need help here.

I will need to create a flow rule for this, but all of the examples I have found across the internet involving flow rules seem to use actual attribute names - snippets look like this:

if (!mventry["displayname"].IsPresent
name = csentry["FirstName"]

What I'd like to use in my code (since ideally I'll be created a flow rule that applies to three attributes), is something that goes along the following logic:

If ((the attribute that using the flowrule) contains "+"
{ attribute = attribute(replace("+"."") }

I don't know how to do the above.  The other option would be to explicitly make references to each attribute, but that seems to waste code (again, this is pseudocode, I'm not worried about this at the moment):

if (mventry["primaryExtn"].Contains("+")
Extn = primaryExten.(Replace("+","");

if (mventry["faxTelephoneNumber "].Contains("+")
Fax= FaxTelephoneNumber .(Replace("+","");

if (mventry["telephoneNumber "].Contains("+")
Phone = telephoneNumber .(Replace("+","");


If that was all in one flow rule, wouldn't the attributes be changed three times  (once per attribute passed through)? I haven't found anything exactly on the scope of a flow rule - what it can change.


The final option I can think of (probably the easiest, but again a waste of code) is to create three identical flow rules with different names, and put in the individual attribute names in per flow rule.

So I'm basically looking for guidance on how to refer to an attribute that is being actioned by the flowrule, rather than explicitly, or the best way to go about this.

Can I perform In-place OS upgrade on FIM 2010 R2 SP1 Server

0
0

Hi there,

We have recently successfully upgraded FIM 2010 to FIM 2010 R2 SP1 on Windows 2008 R2 SP1 server.

Now I am planning to upgrade the Operating System to 2012 r2 SP1.

What I heard from few is to 

1)uninstall FIM first

2)Upgrade to 2012 R2

3) Reinstall FIM

Can i not perform an inplace upgrade of OS. Please help.

Thanks and Regards,

AK


Error 25009. Invalid object mms_management-agent

0
0

Hi There,

While upgrading FIM 2010 to 2010 R2 SP1, we have encountered an Error 25009. Invalid object mms_management-agent <hr=0x80230406>. Have tried all the articles but the this is not with permissions. Since I am trying on test environment, we have given more than necessary permissions.

Please help.




Request Approval via Email Text

0
0

We have a scenario that the requests generated in FIM sends different type of mails to approvers and requestors. We have a requirement, of approving the requests with the help of mail text like "Approved" or "Reject" by approver.

The approver wants to approve/reject the request with just sending mail as a reply to the mail he received on request submission. We can't use the Outlook feature for this as we only want this to happen with email text.

Is there any way to achieve this?

PS: Post approval the workflow activities should trigger the way they are being deployed in the workflow.


Regards,
Manuj Khurana

Importing Privileged and Test Accounts from AD

0
0

Any thoughts on a good method for projecting or joining accounts in AD into FIM. My issue is that there is one primary AD user account for most people - but some may also have one or more privileged/test accounts that are associated with them. I am currently using employeeid as the primary key in the metadirectory. However I get ambiguous matches if I use that for the *special* accounts. I am tempted to created a whole new object class for these accounts -- but that may get me into more trouble.  I f I project them in as new objects in FIM - I might lose my provisioning flow by matching them to employee status

MPR Permissions and custom attributes

0
0

I've added a couple of custom attributes to a resource. When I change them "manually" through the portal, I can change the values for these attributes without any problems. When I try to update these values using FIM PowerShell cmdlets it fails with "Operation is not valid due to the current state of the object.". If I run the same Powershell command to try and change a standard resource attribute (e.g. Description) it all works with no errors.

The MPR has the following settings:

Set of requestors: Administrators (user running the PS is in this as well)
Operations: all selected
Permissions: Grant permissions selected
Target Resource before/after: All Computers
Resource Attributes: All attributes

MIM PAM VMs Now Available

FIM Server error shows password registration portal unable to connect to FIM Service.

0
0

Hello ,

I face this error sometimes in the error log which says "password registration portal unable to connect to FIM Service."

However, I check at the same time and the registration portal is working fine. I also checked and found port 5726 is open and the protocol used is http. 

I am not able to get any further on this error. Please suggest, in case somebody has faced this already.


Viewing all 4767 articles
Browse latest View live




Latest Images