Are you the publisher? Claim or contact us about this channel


Embed this content in your HTML

Search

Report adult content:

click to rate:

Account: (login)

More Channels


Showcase


Channel Catalog


Channel Description:

This forum is for IT Professionals who have questions/issues or other feedback about Forefront Identity Manager (FIM) 2010 suite

older | 1 | .... | 97 | 98 | (Page 99) | 100 | 101 | .... | 204 | newer

    0 0

    I am populating a DropDownListBox via a lookup of FIM objects.

    My createUser rcdc has near the top the line

    <my:ObjectDataSource my:TypeName="UocSearchDataSource" my:Name="search"/>

    I created a reference attribute departmentRef and bound it to User type objects.

    I have a custom Resource called CostCenters.

    I am populating my dropdownlist control with this code:

          <my:Control my:Name="departmentRef" my:TypeName="UocDropDownList" my:Caption="Tulosyksikkö" my:Description="{Binding Source=schema, Path=departmentRef.Description}" my:RightsLevel="{Binding Source=rights, Path=departmentRef}">
            <my:Properties>
                <my:Property my:Name="Required" my:Value="True"/>
                <my:Property my:Name="Columns" my:Value="40"/>
                <my:Property my:Name="ItemSource" my:Value="{Binding Source=search, Path=CostCenters}"/>
                <my:Property my:Name="SelectedValue" my:Value="{Binding Source=object, Path=departmentRef, Mode=TwoWay}"/>
            </my:Properties>
          </my:Control>

    I am very surprised to see the initial row of my List of Options being set to "<Please select an item>"

    When I expand the list I see all my CostCenters beneath this "<Please select an item.>" row.

    BUT, How do I get rid of this "<Please select an item>"?

    I would like either a NULL initial row or the first real CostCenter.

    What am I doing wrong?

    Should the create rcdc not have the selectedvalue property? I am baffled where this <Please select an item> string comes from!

    *HH


    0 0

    Hello Ether,

    Hopefully this is a fairly simply request but have been hunting for this for awhile and coming up with nothing. How/where do I change the from email address for the OTP email gate notification?

    I have been hunting through config files and reg entries on the portal and service servers but can't find where I can change this.

    Thanks!

    warks


    0 0

    I have just installed the FIM portal into my test environment.  The synchronisation service was already working perfectly (can provision users from a .csv file).
    The FIM Service and Portal are installed on a server (we'll call it SPF1), and the FIM sync service on another server (SYNC1)
    Whenever I try to log on to the fim portal with my standard user account (it has never worked), I get the following error:

    Unable to process your request.

    Please contact your help desk or system administrator.

    Error processing your request: The server was unwilling to perform the requested operation.

    Reason: The requester of this operation is invalid.

    Correlation Id: 7da76fce-5c9a-4596-90f7-8d7243c21de8

    Details: The requestor's identity was not found.

    >Go to Forefront Identity Manager home page

     

    (The web page header does show the FIM logo, so the portal itself is there).

    In the ForeFront logs on SPF1, I get the following:

    Log Name:      Forefront Identity Manager
    Source:        Microsoft.ResourceManagement
    Date:          1/13/2015 5:48:08 PM
    Event ID:      3
    Task Category: None
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      SPF1.testdomain.internal
    Description:
    GetCurrentUserFromSecurityIdentifier: No such user TESTDOMAIN\StandardUser, S-1-5-21-1(sid goes here)
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft.ResourceManagement" />
        <EventID Qualifiers="0">3</EventID>
        <Level>2</Level>
        <Task>0</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2015-01-14T01:48:08.000000000Z" />
        <EventRecordID>523</EventRecordID>
        <Channel>Forefront Identity Manager</Channel>
        <Computer>SPF1.testdomain.internal</Computer>
        <Security />
      </System>
      <EventData>
        <Data>GetCurrentUserFromSecurityIdentifier: No such user TESTDOMAIN\StandardUser, S-1-5-21-1(sid goes here)</Data>
      </EventData>
    </Event>

     

    Log Name:      Forefront Identity Manager
    Source:        Microsoft.ResourceManagement
    Date:          1/13/2015 5:48:08 PM
    Event ID:      3
    Task Category: None
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      SPF1.testdomain.internal
    Description:
    Requestor: Internal Service
    Correlation Identifier: da87f241-eee5-4bf5-b1dd-8a6728a2c627
    Microsoft.ResourceManagement.Service: Microsoft.ResourceManagement.WebServices.Exceptions.UnwillingToPerformException: IdentityIsNotFound
       at Microsoft.ResourceManagement.WebServices.ResourceManagementService.GetUserFromSecurityIdentifier(SecurityIdentifier securityIdentifier)
       at Microsoft.ResourceManagement.WebServices.ResourceManagementService.GetCurrentUser()
       at Microsoft.ResourceManagement.WebServices.ResourceManagementService.Enumerate(Message request)
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft.ResourceManagement" />
        <EventID Qualifiers="0">3</EventID>
        <Level>2</Level>
        <Task>0</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2015-01-14T01:48:08.000000000Z" />
        <EventRecordID>522</EventRecordID>
        <Channel>Forefront Identity Manager</Channel>
        <Computer>SPF1.testdomain.internal</Computer>
        <Security />
      </System>
      <EventData>
        <Data>Requestor: Internal Service
    Correlation Identifier: da87f241-eee5-4bf5-b1dd-8a6728a2c627
    Microsoft.ResourceManagement.Service: Microsoft.ResourceManagement.WebServices.Exceptions.UnwillingToPerformException: IdentityIsNotFound
       at Microsoft.ResourceManagement.WebServices.ResourceManagementService.GetUserFromSecurityIdentifier(SecurityIdentifier securityIdentifier)
       at Microsoft.ResourceManagement.WebServices.ResourceManagementService.GetCurrentUser()
       at Microsoft.ResourceManagement.WebServices.ResourceManagementService.Enumerate(Message request)</Data>
      </EventData>
    </Event>

     

     


    Further, I note that it has trouble connecting to the web exchange connector.  I wonder if this is because I used an alias (for easy migration in the future) for which the certificate does not match the name for?  I'm connecting to "mail.testdomain.internal", although that's actually a NLB group between two CAS/HUB servers.
    Log Name:      Application
    Source:        Microsoft.ResourceManagement.ServiceHealthSource
    Date:          1/13/2015 7:43:49 PM
    Event ID:      12
    Task Category: None
    Level:         Warning
    Keywords:      Classic
    User:          N/A
    Computer:     SPF1.testdomain.internal
    Description:
    The Forefront Identity Manager Service cannot connect to the Exchange Web Service.

    The connection failure may be due to a network failure, firewall configuration error, or other connection issue.  Additionally, the failure may be due to incorrect Exchange Web Service configuration.

    Verify that the Exchange Web Service is reachable from the Forefront Identity Manager Service computer.  Ensure that Exchange is running, that the network connection is active, and that the firewall is configured properly.  Last, ensure that the Exchange Web Service configuration is correct in the Microsoft.ResourceManagement.Service.exe.config file.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft.ResourceManagement.ServiceHealthSource" />
        <EventID Qualifiers="0">12</EventID>
        <Level>3</Level>
        <Task>0</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2015-01-14T03:43:49.000000000Z" />
        <EventRecordID>7581</EventRecordID>
        <Channel>Application</Channel>
        <Computer>SPF1.testdomain.internal</Computer>
        <Security />
      </System>
      <EventData>
        <Data>The Forefront Identity Manager Service cannot connect to the Exchange Web Service.

    The connection failure may be due to a network failure, firewall configuration error, or other connection issue.  Additionally, the failure may be due to incorrect Exchange Web Service configuration.

    Verify that the Exchange Web Service is reachable from the Forefront Identity Manager Service computer.  Ensure that Exchange is running, that the network connection is active, and that the firewall is configured properly.  Last, ensure that the Exchange Web Service configuration is correct in the Microsoft.ResourceManagement.Service.exe.config file.</Data>
      </EventData>
    </Event>

     

     

    I'm not really sure where to start investigating at this point.  The only other thing to note is that after installing the portal, I didn't see a new management agent in the synchronization service (I thought one was supposed to appear, though I could be mistaken).


    0 0

    Hi,

    We have an HR system that contains many different objects: Person, Position, Department, etc

    Naturally the Person object allows us to create employees; the Position object allows us to create positions, etc. in the HR system.

    We have imported the employees to FIM & FIM Portal.

    Next we extended the FIM schemas, and now are importing the various Positions into the new Position object in FIM & FIM Portal.

    The FIM Portal, however, will be used to create new 'contractors' that do not exist as records in HR. However, the Positions these 'contractors' will be assigned to are to be the ones imported from HR.

    Can we therefore expose the Positions available in a drop down / object picker when creating /editing 'Contractors' in the FIM Portal? Also, when new Positions are created/updated/removed in HR, these should be reflected in this drop down/object picker.

    If yes, is there an explanation/guide somewhere we could look at?

    Thank you,

    SK



    0 0

    hi all,

    i will install FIM 2010 R2 SP1 with the evaluation copy, can i make it a licensed version with out uninstalling? also i want to deploy another copy as a DR is that possible with the evaluation copy and what about the license when i want to incense both sites, also i will use the SharePoint 2013 foundation version is this require a license also?

    Thanks


    Teka


    0 0

    Hi,

    I am trying to import multi-value reference into FIM (Group object).

    I can import all attributes from source SQL, except Multivalue reference (into members attribute on Group object).

    I have defined schema like this:

    $obj = New-Object -Type PSCustomObject
    $obj | Add-Member -Type NoteProperty -Name "Anchor-axs_profid|String" -Value ""
    $obj | Add-Member -Type NoteProperty -Name "objectClass|String" -Value "role"
    $obj | Add-Member -Type NoteProperty -Name "name|String" -Value ""
    $obj | Add-Member -Type NoteProperty -Name "member|Reference[]" -Value ""
    $obj

    On source attribute I have members defined in one attribute, divided by ",". 

    Import script:

    $Obj = @{}
    
        $Obj.Add("objectClass", "role")
        $Obj.Add("[DN]", "Role_"+$Object.$("axs_profid"))
        $Obj.Add("axs_profid",   $Object.$("axs_profid").ToString())
        $Obj.Add("name", $Object.$("name").ToString())
        if($Object.$("member").ToString() -ne "")
        {
            [string[]]$members = $Object.$("member").ToString().Split(',')
            $Obj.Add("member", $members)
        }
    
        $Obj
        


    When Full import is triggered, I get following error for roles with multiple users:

    FIM Sync = staging-error

    Event log = 

     

    The server encountered an unexpected error in the synchronization engine:

     "BAIL: MMS(9588): d:\bt\32669\private\source\miis\shared\utils\libutils.cpp(7045): 0x8023040e (The distinguished name is invalid)
    BAIL: MMS(9588): d:\bt\32669\private\source\miis\server\sqlstore\utils.cpp(229): 0x8023040e (The distinguished name is invalid)
    BAIL: MMS(9588): d:\bt\32669\private\source\miis\server\sqlstore\nscsimp.cpp(5348): 0x8023040e (The distinguished name is invalid)
    BAIL: MMS(9588): d:\bt\32669\private\source\miis\server\sqlstore\nscsimp.cpp(5753): 0x8023040e (The distinguished name is invalid)
    BAIL: MMS(9588): d:\bt\32669\private\source\miis\server\sqlstore\nscsimp.cpp(686): 0x8023040e (The distinguished name is invalid)
    BAIL: MMS(9588): d:\bt\32669\private\source\miis\server\sqlstore\csobj.cpp(12876): 0x8023040e (The distinguished name is invalid)
    BAIL: MMS(9588): d:\bt\32669\private\source\miis\server\sqlstore\csobj.cpp(13976): 0x8023040e (The distinguished name is invalid)
    BAIL: MMS(9588): d:\bt\32669\private\source\miis\server\sqlstore\csobj.h(1252): 0x8023040e (The distinguished name is invalid)
    ERR_: MMS(9588): d:\bt\32669\private\source\miis\server\sync\syncstage.cpp(2018): ERR_: MMS(9588): d:\bt\32669\private\source\miis\server\sync\syncstage.cpp(612): ERR_: MMS(9588): d:\bt\32669\private\source\miis\server\sync\syncstage.cpp(647): Staging failed 0x8023040e: [21]ERR_: MMS(9588): d:\bt\32669\private\source\miis\server\sync\syncmonitor.cpp(2528): SE: Rollback SQL transaction for: 0x8023040e
    Forefront Identity Manager 4.1.3559.0"

    If I change the script to return only first member:

    $Obj.Add("member", $members[0])

    import is successfull and I can see referenced member in Group.

    I have also tried to specify DN for both users and roles with the same outcome.

    $Obj.Add("[DN]", "Role_"+$Object.$("axs_profid"))

    I am using the latest version of  PSMA: 5.5

    Thanks for your help guys!


    0 0

    Hello,

    I am trying to use FIMto provision Distribution groups, but whenever I try to export new groups (created with FIM Portal), I get the following error: 


    There is an error in Exch2010Extension BeginExportToCd() function.Type: System.Management.Automation.Remoting.PSRemotingTransportException

    Message: Connecting to remote server failed with the following error message : The server certificate on the destination computer (myExchangeServer:443) has the following errors: 
    The SSL certificate could not be checked for revocation. The server used to check for revocation might be unreachable. For more information, see the about_Remote_Troubleshooting Help topic.

    Stack Trace:    at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
       at System.Management.Automation.Runspaces.RunspacePool.Open()
       at System.Management.Automation.RemoteRunspace.Open()
       at Exch2010Extension.Exch2010ExtensionClass.OpenConnection(String uri, PSCredential credential)
       at Exch2010Extension.Exch2010ExtensionClass.BeginExportToCd(String connectTo, String domain, String server, String user, String password)

    The certificate is valid (has 9 months left), and has been issued by a valid CA, but the CRL info on the Certificate is in LDAP Format, and apparently, the revocation list cannot be retrieved from the server (Server cannot be found).

    I know I can bypass this problem when connecting to Exchange 2010 using PowerShell by including the following option: 

     -SessionOption (New-PSSessionOption -SkipRevocationCheck)

    I have even added the host "myExchangeServer" to the WinRM trustedHosts configuration, but it did not work.

    Is there any way to bypass the CertificateRevocationList checking with FIM for its Powershell Exchange Connection?



    0 0
  • 01/14/15--06:50: BHOLD Self Service
  • Hello,

    In a POC environment, I installed the last release of FIM 2010 R2 with BHOLD modules.

    I installed and configured BHOLD Self Service.

    A manager of a specific OU can activate or revoke proposed roles for all managed users (the manager is a member of the supervisor role linked to this OU). This action can be done through FIM portal with the BHOLD Self Service navigation bar.

    Unfortunately, when I check on BHOLD Core portal, roles are not added or deleted on users.

     

    Does anybody know what it is necessary to check or to configure in order to synchronize all actions from FIM portal to BHOLD Core ?

    I see a specific attribute on BHOLD roles called “Managed by FIM”?  Is this attribute important? What is the expected value in this attribute ?

    Anything else ?

    Moreover, in “Manage Users” tab of BHOLD Self Service, “Status request” is always empty.  Is it normal ?

    Thanks for your help.


    0 0

    Greetings,

    My Windows Azure Active Directory Connector management agent shows nothing under Connection Status. Is this normal? See attachment.

    Thanks in advance


    0 0

    I need to develop an web service (which must be REST FULL ) which will do the following action on FIM Service DB using .NET C#

    -Creating New Object

    -Updating

    -Deleting etc.

    Can you please suggest how I can achieve this? Please do help here.


    0 0

    We are using the FIM Portal to manage "Manual managed" distributions  groups. My users want to be able to add AD DS contacts to their distribution groups via the FIM Portal. Currently I am syncing users/person and groups from AD DS to FIM Portal. In the FIM MA, I do not see a object type for contacts. How can I do this?

    Thanks,

    Steve


    0 0
  • 01/14/15--14:18: Problem access portal
  • Hi.

    My config is as follow.

    windows 2012 R2

    FIM 2010 R2 sp1

    Sharepoint Foundation 2013

    I have followed this guied to install my portal http://www.harbar.net/articles/fimportal.aspx

    after all is installed and I try to access https://FIMPortal.Domain.com/IdentityManagement/ I get a Service is not Available.

    After changing some web.config files and geting alot mor in the log I found this.

    <E2ETraceEvent xmlns="<System">http://schemas.microsoft.com/2004/06/E2ETraceEvent"><System xmlns="<EventID>0</EventID><Type>3</Type><SubType">http://schemas.microsoft.com/2004/06/windows/eventlog/system"><EventID>0</EventID><Type>3</Type><SubType Name="Verbose">0</SubType><Level>16</Level><TimeCreated SystemTime="2015-01-14T21:56:24.3641921Z" /><Source Name="Microsoft.ResourceManagement" /><Correlation ActivityID="{f5c9df9c-de11-3019-e85e-c6f2da7b5263}" /><Execution ProcessName="w3wp" ProcessID="3404" ThreadID="13" /><Channel/><Computer>FIM1</Computer></System><ApplicationData>BrandBar.BrandTableConfigurationModel.TryInitializeUsingConfigurationModel: Error Retrieving PortalUIConfigurationModel Values:Object reference not set to an instance of an object.<System.Diagnostics xmlns="<LogicalOperationStack></LogicalOperationStack><Timestamp>125474445197</Timestamp><Callstack">http://schemas.microsoft.com/2004/08/System.Diagnostics"><LogicalOperationStack></LogicalOperationStack><Timestamp>125474445197</Timestamp><Callstack>   at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)&#xD;&#xA;   at System.Environment.get_StackTrace()&#xD;&#xA;   at System.Diagnostics.TraceEventCache.get_Callstack()&#xD;&#xA;   at System.Diagnostics.XmlWriterTraceListener.WriteFooter(TraceEventCache eventCache)&#xD;&#xA;   at System.Diagnostics.TraceSource.TraceEvent(TraceEventType eventType, Int32 id, String message)&#xD;&#xA;   at Microsoft.IdentityManagement.Logging.IdentityManagementTraceSource.ReportTrace(TraceEventType traceEventType, Int32 eventId, String message)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.WriteTraceMessage(TraceEventType eventType, EventIdentifier identifier, String message)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.TraceMessage(String msg, String source)&#xD;&#xA;   at Microsoft.IdentityManagement.WebUI.Controls.BrandBar.BrandTableConfigurationModel.TryInitializeUsingConfigurationModel()&#xD;&#xA;   at Microsoft.IdentityManagement.WebUI.Controls.BrandBar.get_Model()&#xD;&#xA;   at Microsoft.IdentityManagement.WebUI.Controls.BrandBar.get_BrandTable()&#xD;&#xA;   at Microsoft.IdentityManagement.WebUI.Controls.BrandBar.CreateChildControls()&#xD;&#xA;   at System.Web.UI.Control.EnsureChildControls()&#xD;&#xA;   at System.Web.UI.Control.PreRenderRecursiveInternal()&#xD;&#xA;   at System.Web.UI.Control.PreRenderRecursiveInternal()&#xD;&#xA;   at System.Web.UI.Control.PreRenderRecursiveInternal()&#xD;&#xA;   at System.Web.UI.Control.PreRenderRecursiveInternal()&#xD;&#xA;   at System.Web.UI.Control.PreRenderRecursiveInternal()&#xD;&#xA;   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)&#xD;&#xA;   at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)&#xD;&#xA;   at System.Web.UI.Page.ProcessRequest()&#xD;&#xA;   at System.Web.UI.Page.ProcessRequest(HttpContext context)&#xD;&#xA;   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()&#xD;&#xA;   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&amp; completedSynchronously)&#xD;&#xA;   at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)&#xD;&#xA;   at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)&#xD;&#xA;   at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)&#xD;&#xA;   at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)&#xD;&#xA;   at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)&#xD;&#xA;   at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus&amp; notificationStatus)&#xD;&#xA;   at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus&amp; notificationStatus)&#xD;&#xA;   at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)&#xD;&#xA;   at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)</Callstack></System.Diagnostics></ApplicationData></E2ETraceEvent>

    After analysing this I found : BrandBar.BrandTableConfigurationModel.TryInitializeUsingConfigurationModel: Error Retrieving PortalUIConfigurationModel Values:Object reference not set to an instance of an object.

    Dos anyone have any idea how to fix this or what I have done wrong ending up with this...Done the installation about 5 times now with same result.

    Thx for any ideas

    //Håkan


    May the sword be true!


    0 0

    Greetings,

    So I have two FIM servers in my organization, one in NZ that was built a few years back and a new server in the US that was built just recently. The Azure management agent from NZ works just fine, but the Azure management agent in the US doesn't synchronize at all. As proof, I ran the US synchronization and it showed a status of success, but no entries in the Synchronization Statistics panel. OTOH, when I ran the NZ synchronization immediately after the US synchronization, it too gave a result of success, but this time there were entries in the Synchronization Statistics panel (Unchanged, Adds, Updates, Disconnectors, Connectors with Flow Updates and Connectors Without Flow Updates).

    The MA in the US was built using an import of the MA from NZ and they're identical, with the exception of the NZ MA uses a different account than the US MA does.

    Has anyone ever heard of this? It's important to get this resolved as we're looking to retire the NZ server. I should point out that the AD MA works perfectly.

    Thanks in advance.


    0 0

    I deployed the SSPR client on 1000's of workstations.  However a handful of users have never been able to get through the registration process successfully.  That being that they can access the SSPR Web registration via browser and complete the task.  But when they attempt to login to their wkst every morning the SSPR client gives them the "Could not Connect to Password Rest Service, wait one minute and try again"

    I turned on detail logging and this is the output - any advice would be appreciated

    <E2ETraceEvent xmlns="http://schemas.microsoft.com/2004/06/E2ETraceEvent">
    <System xmlns="http://schemas.microsoft.com/2004/06/windows/eventlog/system">
    <EventID>0</EventID>
    <Type>3</Type>
    <SubType Name="Verbose">0</SubType>
    <Level>16</Level>
    <TimeCreated SystemTime="2015-01-14T20:39:54.4138443Z" />
    <Source Name="Microsoft.ResourceManagement" />
    <Correlation ActivityID="{00000000-0000-0000-0000-000000000000}" />
    <Execution ProcessName="PwdMgmtProxy" ProcessID="1728" ThreadID="4" />
    <Channel/>
    <Computer>PKS363338</Computer>
    </System>
    <ApplicationData>Creating NamedPipeServer ACLs.<System.Diagnostics xmlns="http://schemas.microsoft.com/2004/08/System.Diagnostics">
    <LogicalOperationStack>
    </LogicalOperationStack>
    <Timestamp>91494441</Timestamp>
    <Callstack>   at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)&#xD;&#xA;   at System.Environment.get_StackTrace()&#xD;&#xA;   at System.Diagnostics.TraceEventCache.get_Callstack()&#xD;&#xA;  at System.Diagnostics.XmlWriterTraceListener.WriteFooter(TraceEventCache eventCache)&#xD;&#xA;   at System.Diagnostics.XmlWriterTraceListener.TraceEvent(TraceEventCache eventCache, String source, TraceEventType eventType, Int32 id, String message)&#xD;&#xA;   at System.Diagnostics.TraceSource.TraceEvent(TraceEventType eventType, Int32 id, String message)&#xD;&#xA;   at Microsoft.IdentityManagement.Logging.IdentityManagementTraceSource.ReportTrace(TraceEventType traceEventType, Int32 eventId, String message)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.WriteTraceMessage(TraceEventType eventType, EventIdentifier identifier, String message)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.TraceMessage(String msg, String source)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.TraceMessage(String msg)&#xD;&#xA;   at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.CreateServerPipeACL()&#xD;&#xA;  at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.InitializeRegistryConstants()&#xD;&#xA;   at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.DoStart()&#xD;&#xA;   at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.OnStart(String[] args)&#xD;&#xA;   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)&#xD;&#xA;   at System.Threading._ThreadPoolWaitCallback.WaitCallback_Context(Object state)&#xD;&#xA;   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)&#xD;&#xA;   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallbackInternal(_ThreadPoolWaitCallback tpWaitCallBack)&#xD;&#xA;   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback(Object state)</Callstack>
    </System.Diagnostics>
    </ApplicationData>
    </E2ETraceEvent>
    <E2ETraceEvent xmlns="http://schemas.microsoft.com/2004/06/E2ETraceEvent">
    <System xmlns="http://schemas.microsoft.com/2004/06/windows/eventlog/system">
    <EventID>3</EventID>
    <Type>3</Type>
    <SubType Name="Error">0</SubType>
    <Level>2</Level>
    <TimeCreated SystemTime="2015-01-14T20:39:55.4746462Z" />
    <Source Name="Microsoft.ResourceManagement" />
    <Correlation ActivityID="{00000000-0000-0000-0000-000000000000}" />
    <Execution ProcessName="PwdMgmtProxy" ProcessID="1728" ThreadID="4" />
    <Channel/>
    <Computer>PKS363338</Computer>
    </System>
    <ApplicationData>PwdMgmtProxy: System.ComponentModel.Win32Exception: Could not locate the required registry key, SOFTWARE\Microsoft\Forefront Identity Manager\2010\Extensions\GatePlugins.&#xD;&#xA;   at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.InitializeRegistryConstants()&#xD;&#xA;  at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.DoStart()&#xD;&#xA;   at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.OnStart(String[] args)<System.Diagnostics xmlns="http://schemas.microsoft.com/2004/08/System.Diagnostics">
    <LogicalOperationStack>
    </LogicalOperationStack>
    <Timestamp>94554369</Timestamp>
    <Callstack>   at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)&#xD;&#xA;   at System.Environment.get_StackTrace()&#xD;&#xA;   at System.Diagnostics.TraceEventCache.get_Callstack()&#xD;&#xA;  at System.Diagnostics.XmlWriterTraceListener.WriteFooter(TraceEventCache eventCache)&#xD;&#xA;   at System.Diagnostics.XmlWriterTraceListener.TraceEvent(TraceEventCache eventCache, String source, TraceEventType eventType, Int32 id, String message)&#xD;&#xA;   at System.Diagnostics.TraceSource.TraceEvent(TraceEventType eventType, Int32 id, String message)&#xD;&#xA;   at Microsoft.IdentityManagement.Logging.IdentityManagementTraceSource.ReportTrace(TraceEventType traceEventType, Int32 eventId, String message)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.WriteTraceMessage(TraceEventType eventType, EventIdentifier identifier, String message)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.WriteTraceMessage(TraceEventType eventType, EventIdentifier identifier, String format, Object[] arguments)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.LogError(String formatString, Object[] arguments)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.ReportError(Exception exception)&#xD;&#xA;   at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.OnStart(String[] args)&#xD;&#xA;   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)&#xD;&#xA;   at System.Threading._ThreadPoolWaitCallback.WaitCallback_Context(Object state)&#xD;&#xA;   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)&#xD;&#xA;   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallbackInternal(_ThreadPoolWaitCallback tpWaitCallBack)&#xD;&#xA;   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback(Object state)</Callstack>
    </System.Diagnostics>
    </ApplicationData>
    </E2ETraceEvent>
    <E2ETraceEvent xmlns="http://schemas.microsoft.com/2004/06/E2ETraceEvent">
    <System xmlns="http://schemas.microsoft.com/2004/06/windows/eventlog/system">
    <EventID>0</EventID>
    <Type>3</Type>
    <SubType Name="Verbose">0</SubType>
    <Level>16</Level>
    <TimeCreated SystemTime="2015-01-14T20:42:28.6756419Z" />
    <Source Name="Microsoft.ResourceManagement" />
    <Correlation ActivityID="{00000000-0000-0000-0000-000000000000}" />
    <Execution ProcessName="PwdMgmtProxy" ProcessID="1720" ThreadID="4" />
    <Channel/>
    <Computer>PKS363338</Computer>
    </System>
    <ApplicationData>Creating NamedPipeServer ACLs.<System.Diagnostics xmlns="http://schemas.microsoft.com/2004/08/System.Diagnostics">
    <LogicalOperationStack>
    </LogicalOperationStack>
    <Timestamp>83343725</Timestamp>
    <Callstack>   at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)&#xD;&#xA;   at System.Environment.get_StackTrace()&#xD;&#xA;   at System.Diagnostics.TraceEventCache.get_Callstack()&#xD;&#xA;  at System.Diagnostics.XmlWriterTraceListener.WriteFooter(TraceEventCache eventCache)&#xD;&#xA;   at System.Diagnostics.XmlWriterTraceListener.TraceEvent(TraceEventCache eventCache, String source, TraceEventType eventType, Int32 id, String message)&#xD;&#xA;   at System.Diagnostics.TraceSource.TraceEvent(TraceEventType eventType, Int32 id, String message)&#xD;&#xA;   at Microsoft.IdentityManagement.Logging.IdentityManagementTraceSource.ReportTrace(TraceEventType traceEventType, Int32 eventId, String message)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.WriteTraceMessage(TraceEventType eventType, EventIdentifier identifier, String message)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.TraceMessage(String msg, String source)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.TraceMessage(String msg)&#xD;&#xA;   at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.CreateServerPipeACL()&#xD;&#xA;  at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.InitializeRegistryConstants()&#xD;&#xA;   at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.DoStart()&#xD;&#xA;   at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.OnStart(String[] args)&#xD;&#xA;   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)&#xD;&#xA;   at System.Threading._ThreadPoolWaitCallback.WaitCallback_Context(Object state)&#xD;&#xA;   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)&#xD;&#xA;   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallbackInternal(_ThreadPoolWaitCallback tpWaitCallBack)&#xD;&#xA;   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback(Object state)</Callstack>
    </System.Diagnostics>
    </ApplicationData>
    </E2ETraceEvent>
    <E2ETraceEvent xmlns="http://schemas.microsoft.com/2004/06/E2ETraceEvent">
    <System xmlns="http://schemas.microsoft.com/2004/06/windows/eventlog/system">
    <EventID>3</EventID>
    <Type>3</Type>
    <SubType Name="Error">0</SubType>
    <Level>2</Level>
    <TimeCreated SystemTime="2015-01-14T20:42:29.9670440Z" />
    <Source Name="Microsoft.ResourceManagement" />
    <Correlation ActivityID="{00000000-0000-0000-0000-000000000000}" />
    <Execution ProcessName="PwdMgmtProxy" ProcessID="1720" ThreadID="4" />
    <Channel/>
    <Computer>PKS363338</Computer>
    </System>
    <ApplicationData>PwdMgmtProxy: System.ComponentModel.Win32Exception: Could not locate the required registry key, SOFTWARE\Microsoft\Forefront Identity Manager\2010\Extensions\GatePlugins.&#xD;&#xA;   at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.InitializeRegistryConstants()&#xD;&#xA;  at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.DoStart()&#xD;&#xA;   at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.OnStart(String[] args)<System.Diagnostics xmlns="http://schemas.microsoft.com/2004/08/System.Diagnostics">
    <LogicalOperationStack>
    </LogicalOperationStack>
    <Timestamp>87488035</Timestamp>
    <Callstack>   at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)&#xD;&#xA;   at System.Environment.get_StackTrace()&#xD;&#xA;   at System.Diagnostics.TraceEventCache.get_Callstack()&#xD;&#xA;  at System.Diagnostics.XmlWriterTraceListener.WriteFooter(TraceEventCache eventCache)&#xD;&#xA;   at System.Diagnostics.XmlWriterTraceListener.TraceEvent(TraceEventCache eventCache, String source, TraceEventType eventType, Int32 id, String message)&#xD;&#xA;   at System.Diagnostics.TraceSource.TraceEvent(TraceEventType eventType, Int32 id, String message)&#xD;&#xA;   at Microsoft.IdentityManagement.Logging.IdentityManagementTraceSource.ReportTrace(TraceEventType traceEventType, Int32 eventId, String message)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.WriteTraceMessage(TraceEventType eventType, EventIdentifier identifier, String message)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.WriteTraceMessage(TraceEventType eventType, EventIdentifier identifier, String format, Object[] arguments)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.LogError(String formatString, Object[] arguments)&#xD;&#xA;   at Microsoft.ResourceManagement.Utilities.LoggingManager.ReportError(Exception exception)&#xD;&#xA;   at Microsoft.IdentityManagement.PasswordReset.PasswordManagementProxy.OnStart(String[] args)&#xD;&#xA;   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)&#xD;&#xA;   at System.Threading._ThreadPoolWaitCallback.WaitCallback_Context(Object state)&#xD;&#xA;   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)&#xD;&#xA;   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallbackInternal(_ThreadPoolWaitCallback tpWaitCallBack)&#xD;&#xA;   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback(Object state)</Callstack>
    </System.Diagnostics>
    </ApplicationData>
    </E2ETraceEvent>


    0 0

    Adding ldap groups to AD but also want to populate them with members. The LDAP conn. space has the attribute "memberUid" (type string - multivalue)) and this contains all members (only contains the members accountname). How can I get those names into the MV? I tried a flow definition from "memberUid" to "members" but that doesn't work (string to reference error). What would be the best approach???

    Thanks

    M.A.


    0 0

    HI,

    I am Unable to install Sharepoint Foundation 2013 in Windows Server 2012 for FIM 2010 R2,

    Before SharePoint Foundation 2013 installation I installed all prerequisite software that is required for SharePoint Foundation 2013 but when we run SharePoint Foundation 2013 setup that gives below error so I am requesting you please help on this.

    Setup is unable to proceed due to the following error(s):

    Windows Server Appfabric is not correctly configured.You should unistall Windows Server Appfabric and reinstall it using the SharePoint Products Preparation Tool.

    Regards

    Anil Kumar


    0 0

    Hi,

    On our FIM 2010 R2 environment (version 4.1.3599.0), after renewing the certificates used on FIM Service/Portal and Password Reset/Registration servers two days back, both the password registration and reset no longer work but instead fails on the  last step of the process. So for example when user browse to https://passwordreset.domain.com and fills in their domain\username and click next, FIM will send a security code (SMS OTP) to user´s mobile phone and once user then fills in code and click Next, the Communication error 3008 is shown to user. Same happens in the last step of the registration where user reviews that the mobile number is correct before clicking finally next. Once clicked the same error as is with Reset portal is shown to user. 

    Other changes than renewing the certificates have not been done to the environment after it was working last time two days ago. Synchronization of users/groups create in FIM Portal works normally towards AD.

    All servers within FIM environment are on same domain and subnet and firewall is off on all servers.

    The following error message as an example is recorded on FIM app log on either of the SSPR servers (two in NLB):

    **********

    The error page was displayed to the user.
    Details:
    Title: Communication Error
    Message: An error has occurred. Please try again, and if the problem persists, contact your help desk or system administrator. (Error 3008)
    Source: 
    Attributes: 
    Details: Microsoft.IdentityManagement.CredentialManagement.Portal.Exceptions.GenericCommunicationException: An error occurred while receiving the HTTP response to http://fimservice.domain.com:5726/ResourceManagementService/SecurityTokenService/Registration. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. ---> System.ServiceModel.CommunicationException: An error occurred while receiving the HTTP response to http://fimservice.domain.com:5726/ResourceManagementService/SecurityTokenService/Registration. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a receive. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host

    ***********

    The following error message as an example is recorded on FIM app log on either of the FIM Service/Portal servers (two in NLB):

    ***********

    Microsoft.ResourceManagement.Service: System.NullReferenceException: Object reference not set to an instance of an object.
       at Microsoft.ResourceManagement.WebServices.SecurityTokenService.TokenIssuer.IssueSecurityToken(Message requestMessage, Object request, Claim[] claims)
       at Microsoft.ResourceManagement.WebServices.SecurityTokenService.Challenger.IssueAuthenticationChallenge(Message requestMessage, Object requestBody, Nullable`1 requestContext, UniqueIdentifier authenticationProcessIdentifier, List`1 accumulatedClaims, Nullable`1& currentWorkflowInstanceIdentifier, AuthenticationChallengeType[]& currentChallenges)
       at Microsoft.ResourceManagement.WebServices.SecurityTokenService.ProcessRequest(Message requestMessage, Object requestBody)
       at Microsoft.ResourceManagement.WebServices.SecurityTokenService.RequestSecurityTokenResponse(Message requestMessage)

    ***********

    Both http://fimservice.domain.com:5726 or http://fimservice.domain.com:5725 can be accessed ok using web browser from the SSPR servers. The url of http://fimservice.domain.com:5726/ResourceManagementService/SecurityTokenService/Registration gives http 400 bad request which is ok.

    At least the following fixes provided on urls below have been tried out or were in place already but did not fix the issue:

    http://social.technet.microsoft.com/wiki/contents/articles/24629.fim-troubleshooting-sspr-registration-error-3008-an-error-occurred-while-receiving-the-http-response.aspx

    https://social.technet.microsoft.com/Forums/en-US/ae16496e-413a-45b7-a0d1-b39652c6478a/fim-password-registration-portal-error-3008-communication-error?forum=ilm2 (we have exactly the same three errors on FIM app log as mentioned in this post)

    https://social.technet.microsoft.com/Forums/en-US/aa14cff7-6b93-4413-8c75-737dd08bd25f/error-when-resetting-password-on-sspr?forum=ilm2

    https://social.technet.microsoft.com/Forums/en-US/aab6d5ef-667a-4ea9-876d-415c56852da9/sspr-password-reset-failure?forum=ilm2 (no such lines on FIMService config files)

    Can anyone help us with this and provide some tips what to check next on the environment? As the most weird thing here is that everything was working just fine before the certificates were renewed on all servers and no other changes were done on the environment. 

    -Pappa75

    0 0

    Hi,

    I have a bhold setup where there are list of 600 OUs.

    Have provisioned all the OUs into BHOLD Core and the parent attribute is set in as the objectidentifier of the parents.

    This is achieved using FINDMVutils.

    But when i am exporting only 540 OUs are correctly placed under their parents but there are list of 60 OUs which are not placed correctly under their parent OU instead they are place under ROOT ou as their parent OU.

    The error when importing after export reads "export change not reimported".

    I have checked for issues but still not able to get any help.Can anybody guide me what is the problem.

    i have referred the link https://social.technet.microsoft.com/Forums/en-US/484a701c-7a40-4492-9b0d-f4da4fc17bd2/bhold-import-errorwarning-exportedchangenotreimported?forum=ilm2 but cant understand the reply.


    shakti


    0 0

    Hi,

    I have in FIM a Person object with several attributes I would like to group.

    The person object has a lot of attributes like: entity1phone,entity1mail, entity2phone, entity2mail, ...entity10phone, entity10mail.

    I would like to have an Person object with a collection of Entity objects where the entity object should have the attributes phone and mail.

    Can I do this? How?

    Many, many thanks,

    DD



    0 0

    I added a new custom resource in FIM portal. I added 5 attributes to it. FIMMA refresh schema is not reading the new schema. It says schema is uptodate. I tried IIS reset and even all server restarts. What am I mising?


older | 1 | .... | 97 | 98 | (Page 99) | 100 | 101 | .... | 204 | newer