Quantcast
Channel: Forum Microsoft Identity Manager
Viewing all 6657 articles
Browse latest View live

MIM 2016 - Portal UI bug, Sync Rule editing- Outbound Attribute Flow page navigation control doesn't work as designed

September 21, 2015, 5:33 am
$
0
0

I am trying to edit Outbound Attribute Flows in an existing & working rule.   I currently have 12 Attribute Flows defined which the UI forces viewing into 2 pages.  The page currently has Navigation Bar limits of a page to 10 rules displayed. The bar does not work as expected and I can only view page 2 by going forward to next page , then going backwards.  Unfortunately I can then view the 2 additional rules but the hyperlink to edit the attribute rule does not trigger and I cannot edit it!

Is there a workaround?  

Can I change the default page size for the attribute UI?   Maybe to 15 rows?

Thanks Stu

Search

Mangled Portal UI

September 13, 2013, 10:18 am
$
0
0

Good day all,

I've spent several days on this, and now with an upgrade to 4.1.3661.0 the install account is experiencing the same issue making it difficult to look in the portal for issues.

I just deployed a fully functioning SSPR environment on Windows 2012 and FIM 2010 R2 SP1. Users can use password registration and reset without an issue. I configured workflows, sets, etc with the account used to install FIM and the portal UI was fine. Using any other user to connect to the portal and the UI is not working as expected and overlaps and has validation errors.


(double, non-working toolbar, mangled UI) [[I wiped the domain name myself]

(validation errors, and no submit buttons).

Upon upgrading to 4.1.3661.0  now the install account is experiencing the same issue which makes it difficult to use the portal to look for issues. I've removed the customizations folder, and that wasn't it. I've tried a non-domain connected PC to rule out GPOs. Chrome has the same issue. 

I thought it might be style sheets, but it used to work for the install account and not other admins so that seems to rule that out also.

Thanks for any help!

Dan

How can I create a SET based upon the Source ADMA user object OU attribute?

September 21, 2015, 9:26 am
$
0
0

I've been reading the TechNet docs and my book "Microsoft Forefront Identity Manager 2010 R2 Handbook" but I have not figured out yet how to create a SET based upon the Source ADMA user object OU attribute? Is this possible?

Thanks, Stu

Export AD users to ADLDS without password

September 21, 2015, 11:47 pm
$
0
0

Hello everyone,

I am using FIM Management Agent for sync user from AD to ADLDS

In codding provising, i didn't add sync password,

So AD enable users when have synced to ADLDS,

They are disable.

That's is correctly thing?

And limitation?

Anyone has some idea, can share with me?

Thanks in advance,

QP 

QP

Forefront Identity Manager 2010 Certification

September 22, 2015, 12:23 am
$
0
0

Hello,

Can anyone please let me know which is the current certification exams available for FIM Identity and Access management.

Regards,

Jyothishree SP

PCNS Service (pcnssvc.exe) is crashing after configuring target

September 22, 2015, 1:30 am
$
0
0

Hi,

I am having some difficulty setting up the PCNS. I noticed every time I configure or add the PCNS target, the PCNS service (pcnssvc.exe) is crashing. If I remove the target, PCNS service will run just fine. Any one has experience this?

Looking at the event viewer this is what I can see. Not much of information telling what is the reason for service to crash.

Faulting application name: pcnssvc.exe, version: 4.1.3114.0, time stamp: 0x50ad5a0d
Faulting module name: pcnssvc.exe, version: 4.1.3114.0, time stamp: 0x50ad5a0d
Exception code: 0xc0000005
Fault offset: 0x0000000000027880
Faulting process id: 0x1af4
Faulting application start time: 0x01d0f50ec3aa1c95
Faulting application path: C:\Program Files\Microsoft Password Change Notification\pcnssvc.exe
Faulting module path: C:\Program Files\Microsoft Password Change Notification\pcnssvc.exe
Report Id: 028a4c56-6102-11e5-80d3-3ca82a2117f7
Faulting package full name: 
Faulting package-relative application ID: 


Appreciate any help here.

Thanks!

Gerard

Consolidated Email Notification for Group Expiration

September 21, 2015, 5:53 am
$
0
0

Hi All,

I am stuck up in something where I need your help. We have emails getting triggered via FIM Workflow whenever a group is about to expire 7 days prior to the expiration date. So suppose a user has 7 groups that are going to expire prior to 7 days from today he would recieve 7 email notifications(1 for each group). Now the organization wants to avoid multiple emails triggered to the end user and wants to trigger only 1 email notification consisiting about the information of all the 7 groups thats gonna expire.

Any suggestions on how this can be achieved?

Please let me know if you have any suggestions/solution.

Regards,

Veena

Bulk Recertification of Groups

September 22, 2015, 2:32 am
$
0
0

Hi,

Is there any way we can bulk recertify groups. Currently users have to manually go to each group that is going to expire and renew them.

Is there any way where we can create a button on "My Distribution/Security Group" page like "Renew Groups" and then users can select the checkboxes next to the display names of the groups and click on this button. When they click on this button, internally this should set the "Renew Expiration" attribute to true and a MPR should be called to extend the date by an year or so based on the boolean value of this attribute.

Is this possible? If yes, is there any blog on how to create a custom button on the page.

Thanks in advance!!

Veena

Search

MIM2016- Portal user search only shows one attribute on a user object - Domain. MV has displayName, givenName, sn, etc?

September 22, 2015, 6:50 am
$
0
0

Any ideas what I may have missed during configuration?

MIM2016- Portal user search only shows one attribute on a user object - Domain.  MV has displayName, givenName, sn, etc for all the SourceADMA users.

See images below:

Changing SETs as part of declaritive sync model

September 22, 2015, 9:53 am
$
0
0

I'm still in the Dev lab and have had a SET with all users for my initial Outbound Sync rules.  I need to start filering the Sync rules and will be replacing  the ALL Users set.   I changed my existing MPRs for Add user \ Remove users.  But, I did not see any difference in the accounts that were created in the target.

Is the any dependency I missed when change the SET?

Thanks, Stu

Granfeldt PowerShell MA. How to delta import?

September 22, 2015, 1:43 am
$
0
0

# Granfeldt PowerShell MA - how to delta import

Hi,
How can I do delta import for e.g. Lync MA? The import is using
get-aduser or get-csaduser as base for the objects population.

GH


Using Active Directory Commandlets in FIM PowerShell Workflow

September 20, 2015, 10:17 pm
$
0
0

I'm using Craig Martin's PowerShell Workflow activity and I want to enable some active directory accounts with a script running as an activity in a workflow. My problem is that when I do an Import-Module ActiveDirectory I get an error in event viewer like "module cannot be imported because its manifest contains one or more members that are not valid" and if I don't include it the script fails on the Enable-ADAccount commands saying it's "not recognised as the name of a cmdlet, function... etc"

So what am I doing wrong here? Is it possible to do what I'm trying to do with Craig's workflow activity?

Want to be the Microsoft TechNet FIM Guru for September?

September 1, 2015, 1:17 pm
$
0
0

All you have to do is add an article to TechNet Wiki from your own specialist field. Something that fits into one of the categories listed on the submissions page. Copy in your own blog posts, a forum solution, a white paper, or just something you had to solve for your own day's work today.

Drop us some nifty knowledge, or superb snippets, and become MICROSOFT TECHNOLOGY GURU OF THE MONTH!

This is an official Microsoft TechNet recognition, where people such as yourselves can truly get noticed!

HOW TO WIN

1) Please copy over your Microsoft technical solutions and revelations toTechNet Wiki.

2) Add a link to it on THIS WIKI COMPETITION PAGE (so we know you've contributed)

3) Every month, we will highlight your contributions, and select a "Guru of the Month" in each technology.

If you win, we will sing your praises in blogs and forums, similar to the weekly contributor awards. Once "on our radar" and making your mark, you will probably be interviewed for your greatness, and maybe eventually even invited into other inner TechNet/MSDN circles!

Winning this award in your favoured technology will help us learn the active members in each community.

Feel free to ask any questions below.

More about TechNet Guru Awards

Thanks in advance!
Pete Laker

#PEJL
Got any nice code? If you invest time in coding an elegant, novel or impressive answer on MSDN forums, why not copy it over toTechNet Wiki, for future generations to benefit from! You'll never get archived again, and you could win weekly awards!

Have you got what it takes o become this month's TechNet Technical Guru? Join a long list of well known community big hitters, show your knowledge and prowess in your favoured technologies!

ECMA 2.0-WebService Connection

September 21, 2015, 3:07 am
$
0
0
We are using ECMA 2.0 to connect to a web service.We have declared the configparameters for three inputs Web service URL,username and password in Extensible connectivity code.We get three text boxes to provide the input while creating the MA as expected.But the issue We are not able to copy my complete Webservie URL in the first text box ,the URL is cut short by atleast 8 characters.Due to which the Web service URL is incorrectly read in the code and throwing exception.

Is there any max limit for these text boxes?If yes, how do  we extend them ?

This is in FIM 2010 R2.

DG - Group Delegates

September 23, 2015, 4:54 am
$
0
0

What's the difference of Group Owner and Group Delegates?

Can a group delegate modify/add/delete a DG/members of DG? (in my case, group delegate cannot modify the members)

Thanks

Search

Thank you to the FIM community

September 23, 2015, 5:00 am
$
0
0

I would like to thank the community for your all of your support.  I appreciate all the assistance that this forum and its members have been providing. This one way, one to many forest Directory & Password Sync project just came up.  I'm currently in a design, build and integrate mode in the lab.  While I have been reading the TechNet documentation,  Kent Nordstrom's FIM 2010 R2 book and constantly searching the Forum - FIM is a complex product and a challenge to understand quickly.  With your help I have been moving forward successfully towards the solution.   I hope to one day be able to contribute back to the community as I build my own skills and experience with FIM.

Warning - I'm sure that I will have more questions before I reach project completion.  I will do my best effort to leverage documentation where possible.

Thanks, Stu 

MIM 2016 Upgrade issues on builds 4.1.3646.0 or 4.1.3634.0 or 4.1.3627.0

September 23, 2015, 5:24 am
$
0
0

Ok, I am suffering exactly a same problem descripted in this article:

http://blogs.technet.com/b/identitymanagement/archive/2015/08/07/mim-2016-upgrade-issues-on-builds-4-1-3646-0-or-4-1-3634-0-or-4-1-3627-0.aspx

The workaround is replace Microsoft.IdentityManagement.DatabaseUpgrade.exe.config file with another one.

The problem is that I am still getting the same error and facing the problem. So is that file which can be downloaded from the link above broken allready or am I missing something?

Am I the only one who is suffering with this?

FIM 2010 / AADSYNC Coexist

September 23, 2015, 7:20 am
$
0
0

Hello,

I am working with a client who use FIM 2010 R2.  It is taking inputs from 3rd party applications, and then using the information from the application to provision an account in AD including the users mailbox for Exchange.

There are multiple management agents, one management agent then pushes a subset of users accounts from AD to 365.  The subset of users is close to 50,000 users.

We are in the middle of a POC office 365 migration which will involve pushing a further 6-7 thousand users to 365 from the same AD. 

FIM could accomplish this for us, but due to complications that I wont go into here, we are looking at other options.  The option favoured is to implement AADSYNC into the same domain in addition to FIM.  So to clarify, this would result in having FIM and AADSYNC in the same AD forest, same AD domain, syncing different accounts.

I have on many occasions read that you can only have one DIRSYNC, FIM, AADSYNC instance per forest.  We are working with a 3rd party consultancy who advise that whilst this may not be supported, it is technically possible.

In context to the above scenario, my question is:

a) Is it supported by MS to have FIM and AADSYNC in the same forest

b) Is it recommended

c) What are the drawbacks if it is possible but not recommended and not supported

Thanks very much

Extensible Connectivity 2.0 MA - Export and Import works but not in same Run Profile (no-start-ma error)

July 3, 2012, 3:06 am
$
0
0

Hi.

I am a newbie on ECMA 2 and have a problem that hopefully is easy to resolve. I have migrated an old Custom MA to the ECMA2 interface but I have some problems getting it to work correctly. Export and Import works correctly but when I put them in the same Run Profile (for instance Export+Full Import-Full Sync) I get a no-start-ma error on the second operation. The order of operations does not matter, i.e. if I do a Import first and export after that, the export fails. The second operation, whichever that is, does not reach any code that I have written so it seems to happend internally in FIM.

I have tried running it in separate process, changed between .Net 3.5 and 4.0, upgraded the server to R2 without any success. My worries are that I have missunderstood some basic ECMA 2 stuff. I have for instance not found any good information explaining the usage of CustomData in the ImportRunStep (for instance GetImportEntriesRunStep) or in the result (for instance GetImportEntriesResults).

The only thing I can find in the eventlog is:

FIMSynchronizationService 
- EventID 6401 
   EventRecordID 89262 
- EventData 
   BAIL: MMS(9844): d:\bt\9394412\private\source\miis\ma\extensible\extensionmanager.cpp(550): 0x8000ffff (Catastrophic failure) BAIL: MMS(9844):
d:\bt\9394412\private\source\miis\ma\extensible\extensionmanager.cpp(1354): 0x8000ffff (Catastrophic failure) BAIL: MMS(9844):
d:\bt\9394412\private\source\miis\ma\extensible\import.cpp(404): 0x80231348 (unable to get error text) BAIL: MMS(9844):
d:\bt\9394412\private\source\miis\cntrler\cntrler.cpp(2733): 0x80231348 (unable to get error text) BAIL: MMS(9844):
d:\bt\9394412\private\source\miis\ma\extensible\extensionmanager.cpp(550): 0x8000ffff (Catastrophic failure) BAIL: MMS(9844):
d:\bt\9394412\private\source\miis\ma\extensible\extensionmanager.cpp(1497): 0x8000ffff (Catastrophic failure) BAIL: MMS(9844):
d:\bt\9394412\private\source\miis\ma\extensible\import.cpp(595): 0x8000ffff (Catastrophic failure) ERR_: MMS(9844):
d:\bt\9394412\private\source\miis\shared\utils\libutils.cpp(9944): Failed to start run because of undiagnosed MA error Forefront Identity Manager 4.1.2273.0 

Currently running FIM 2010 R2.

Best regards and thanks for any reply
Håkan

PS! Another totally unrelated question is that I have not found a way to retreive the complete CS-entry in the Connector. Can this be performed as easy as it was before?

SQL server 2012 AlwaysOn Availability Groups support with MIM 2016

August 5, 2015, 8:52 pm
$
0
0
As MIM 2016 is released could you please advise if SQL server 2012 AlwaysOn Availability Groups support with MIM 2016
Viewing all 6657 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>