Hi all,
I am looking for a repository of patches and updates for FIM 2010. I currently have a troublesome installation that I need to update but the updates I need are no longer available. I have pulled down some updates from the Update Catalog but they will not install.
Any suggestions would be appreciated.
This may be my understanding of the product, and any help would be greatly appreciated. I have read everything I can find but still having a hard time understanding what is going on here.
Overview
I am working on a PowerShell MA that exports group info to a rest api. This includes multiple owners and some other custom attributes (like category = type of group based on criteria, approvalType = single owner, multiple owner, manager). I have most of it working and on the home stretch, (I think).
The problem I am facing is on my provision, when I create a new group in ad. I import it then sync the AD MA, I get “The DN must be set before calling CSEntry.CommitNewConnector.”
Info
-The anchor for the MA is a unic sid in the remote system.
-The Join rule is u_objectsid = csObjectID (this is a custom files in the remote system where I want to add the csobjectid on provision.
-Sync rule
Outbound
To all metaverse resources of this type
Scope is group
Scope filter (I have tried a few things here) csObjectid not equal “” (thought was that it would not try to provision until it had this value populated.
Relationship Create resource in external system
Outbound flow ( I have tried a lot of stuff here)
Initial flow = csObjectID =>DN
-My theory on how this SHOULD work.
-what is happening
AD MA is triggering provisioning on custom MA on sync when no csObjectID is in Metaverse.
I was going to try to change the DN but I want to use a value that does not change, I was going to change it to AD objectGuid but that needs to be converted from binary to string which does not seem to happen on initial import/sync and I get the same result.
Thank you for any help or pointers.
Mike
Hi,
i'm trying to deploy MIM 2016 in infrastructure.
almost done with deployment part, like mim sync engine, SQL, share point, at last i got error while installing service and portal setup files.
even troubleshooted that issue but after installing service and portal the site is not accessible, which is created in sharepoint
what is the possible way to resolve issue?
NOTE: not the default site, the site which we create for mim portal access, that site is not accessible.
Hello.
A current environment has an Oracle Internet Directory (OID) as the authoritative source for identity information. A FIM server responsible for replicating identity information to AD. We are going to migrate AD DS from 2012R2 to new AD DS 2016 and decommission the old DCs. What should we configure to still maintain the same replication from FIM to the new DCs?
Regards
Is it possible to customize any of the strings in the SSPR rich-client install which is part of the windows logon?
I came across this article that talks about customizing the password reset web portal. However, it does not have any information relating to customizing the rich client.
https://docs.microsoft.com/en-us/previous-versions/mim/hh877808(v=ws.10)
I also came across a question posted back in 2013, and the answer from Microsoft rep says it is not possible to customize it.
Is this still the case, now in 2019? Thank you.
GUI looks unstable (misaligned) for some users (on the same system) but it looks good for some accounts. Can anyone advise the way to fix it?
Hi All,
Just checking if it is possible to integrate MIM Portal, SSPReg, SSPReset Portals with a 3rd Party 2FA System, for additional layer of Authentication. What are the typical requirements.
Also I wish to know what it will take to send Notification for Passwords generated in a MIM WF for user provisioning in AD via SMS as against E-Mail.
Thanks
Akinzo
I have "inherited" a MIM implementation that has some delimited text file MA's in which there are only export attribute flows. The script that runs the sync cycle first does Import / Sync from Active Directory, and before each Export / Delta Import from the text file MA's runs a Delta Sync on those MA's.
My understanding is that this Sync is superfluous since we are not reading anything in from those MA's. Is that correct or could there be a purpose for for the Delta Sync that I'm not aware of?
Hi All!
I am starting with a SQL database that contains SecondarySchoolIDs. It contains a value that is coma separated list of multiple 3 digit numbers. (102,103,104)
In Active Directory I have a multi-valued custom attribute called SchoolCodes. it currently, and correctly, has each SchoolCode as single values in the attribute.
In my Microsoft Identity Manager (MIM) metaverse I have an Attribute called SecondarySchoolIDs that is Multi-valued (and I've tried both Indexed and Non-Indexed)
In my Management Agent I cannot get the SecondarySchoolIDs attribute to allow Multi-valued. "Attribute is multi-valued" checkbox is greyed out.
When I look at my pending export, I see that the SchoolCodes attribute is getting modified by removing all of the single values and putting in 1 coma separated string.
What do I need to do to get the "Attribute is multi-valued" checkbox in my Management Agent selectable? Or... does MIM even support this?
I have a radiobuttonList, when I select any of the option like if i sleect Consultant, then the ProposedEndDate Textbox should be Enabled same way for other values. here the values are considered as strings.
Hi All
I want to generate account name using MIMWAL in MIM Portal as below
Account name like last name+first name first letter, first name second letter etc till the first name gets end than we have to pick the middle name first letter, middle name last letter like so on
Thanks
Hi,
Appreciate any help in advance.
I am in the process to trialling MIM 2016. I have tried installing MIM Sync Service and am getting the following error whilst trying to start the service
FIMSynchronizationService 6202
The server encryption keys could not be created.I am running Server 2016, Sharepoint Foundation 2013.
Have tried researching but only came across information of User Profile Service which i dont believe SP Foundation has. Strange thing is that i got this working on another network site.
Desperate and stuck!
Kind regards,
Caiden.
I am unable to get the sync service to start after installation of sync service. It complains about registry entry but it does have the permission to write the key. The sync system also is just a standard user account. I have it sql 2016 install and sync is db owner to try to narrow down the problem. The sync user has local admin right and rights to run as a service. I am not sure what is going on.
I am using sharepoint 2016 with sp1. I did try to RTM version too. I ran into the same issue.
if i put a domain admin in to run the service it is completed and a key is made. I do not want to do that . It has to be permissions but i can not figure out where.
I’ve set up the Generic SQL connector reading from a couple of views (including one for multi-values). When I run a full import it stops when it reaches the default page size (5000) even though there are around 30,000 objects to import. It doesn’t error.
If I make the page size lower it just errors saying too many objects returned (0x80231345 Objects returned on import exceeds page size. Import aborted.) So it seems to be importing 5000 whatever I set the page size too.
Has anyone got this running with more than 5,000 objects (in the same partition)? Any ideas on what I may have configured wrong also gratefully received.
Hello,
Is it possible to create multiple Criteria-based groups in MIM Portal based on inputs I will provide?
Any way we can Automate or Import the Criteria file?
Regards, Amol Patil
Hello All
Good Day!!
Would like to seek your help on the below context of MIM Portal Access.
When am trying to logging into the MIM Portal using the Domain User / Authorized Users, the MIM Portal is switching to MIM Admin account and the Portal is opening with Admin Account and is showing as "Welcome, MIM_Install" not as "Welcome,<Domain User>"
and the steps i have done is,
I have added Authorized Users in Sharepoint for Access
Checked / Enabled all the Required MPRs
”General: Users can read non-administrative configuration resources”
“User management: Users can read attributes of their own”
All the required attributes are flowing to MIM Connector like objectSID, displayName, AccountName and Domain
IIS settings as Impersonation, windows enabled. and Negotiate (On top), NTLM selected in Windows Advanced Settings and restarted IIS
But when I open the Sharepoint Site Settings from the MIM Portal page by going back it is showing the login of <Domain User> which i have logged in.
I have tried all the happening possibilities, but no result.
Hope I will get help from Technet Forum for me to proceed further and to resolve the issue.
Thanks in advance.
Has anyone load balanced MIM Service using Azure Load Balancer.
If you have, Can you point me to the right direction?
Thanks,
Nosh
Nosh Mernacaj, Identity Management Specialist
Hi,
We need to validate some attributes like telephonenumber in the FIM portal. So we have given some regular expressions for validating them.
In the user edit page when the value of attribute is entered wrongly, it throws an error before we go to next page. But it is the message for all attribute validations i.e "Invalid Syntax".
Is there any way that we can show different types of error messages for each attribute validation. Can anyone provide some inputs on this...
I found that the generic LDAP adapter, you cannot configure any Sync rules in the portal for it.. you can never see the external resource type.
Has anyone found a work around for this? Or experienced this?
I guess I can do a work flow and MPR in the portal without the sync rule, but would prefer to use the sync rules.
Thanks
Russ
Russell Lema