Hey, I am new to FIM/MIM. Everything that I have seen shows the portals(user/admin) on the different servers. Can they be on the same Sharepoint farm but difference instances?
↧
Multiple Portals same server?
↧
Powershell script to list all groups of users with prefix
Hi All,
First time I use this forum :-0, anyhow I have a problem that I cannot get done in powershell.
I try to export all users with a prefix and their connected groups, meaning sAMaccountname, ADgroupname.
Get-ADUser -Filter {sAMAccountName -like "xx*" -and enabled -eq $true} | select sAMAccountName | foreach-object {
Get-ADPrincipalGroupMembership $_.SamAccountName | select name}
This script just provides me the groupname of all group of the users stating with XX, could somebody help me to get the SamAccountName & The groupname as output to excel?
Many times thanks!
Greets,
Mathijs
↧
↧
Mim 2016 - 4.5.412.0 - sync engine - joiner issue
In the joiner tab, under metaverse search filter, columns are mis-aligned. the joiner icon occupies the first attribute value column and all values are shifted one column to the right. is this known issue? Is there an solution?
↧
MIM 2016 SP1 Test Upgrade Scenarios to MIM 2016 SP2
I am testing an upgrade from MIM 2016 SP1 (4.4.1749) on Win 2012 R2, SQL Server 2014 and SharePoint 2013 to MIM 2016 SP2 (4.6.34) on Win 2019, SQL Server 2017 and SharePoint 2019.
As I was getting the SQL Server 2017 and SharePoint 2019 servers ready, I come up with two scenarios after restoring the FimService and FimSynchronization databases on the new database server: 1) Install MIM 2016 SP1, apply patch 4.4.1749, check everything and then apply patch 4.6.34 (SP2); 2) Install MIM SP1, apply patch 4.6.34 (SP2) and then check everything. Then, a third scenario came to mind: 3) Install MIM 2016 SP2 directly from the installation media.
I decided to try scenario 3) first and ran into some issues with portal pages not responding correctly when clicking on links and RCDC configurations was not being loaded. There seems to be issues with the portal only. MIM synchronization and MIM service are working. The issue with pages not responding correctly are more pronounced with I.E. Should I not been using I.E. with MIM anymore?
Is this third scenario I am describing not a viable upgrade/migration path? I followed the deployment guide on the Microsoft site. Could this be an issue with the MIM portal and SharePoint 2019 which means I should stick with SharePoint 2016 for now?
↧
What do I need to do to set the Date Format in MIM
Hi,
I'm looking at the Employee End Date field and I want it to be in format dd/mm/yyyy. Through my searches, I've found mentions that MIM will take your regional settings, however I've had no luck. I also saw there was a bug in some SP1 releases that meant the format was not being used but I'm using SP2.
So far I've tried
- Setting the date format in control panel
- Setting the Regional Settings of the SharePoint Site
- Setting .Net Globalization in IIS for the MIM Site
If the value comes from the OS, which exact setting needs to be set? Where does MIM pull the value from?
↧
↧
Complex Filter in Set Criteria
I'm looking to add a complex filter to a Set. I have this xpath written out and I know it's valid because it successfully runs when I send it to Export-FIMConfig:
/Person[ObjectID=/Group[DisplayName="Test Group"]/ExplicitMember]
I've tried wrapping it in the tags required for a filter and putting it directly in the Filter attribute of a set through extended properties as well as trying to script it in with Import-FIMConfig but both return Access Denied errors. Some validation must be failing. Know of any way to get this xPath into the set definition?
↧
Manager Attribute (Coming as String from Source) to Metaverse and Metaverse to AD in MIM
Hello Team
Can some one please help me on the below. As i was getting the difficulty while provisioning manager (String format) attribute from source to Metaverse (reference attribute).
i am attaching the screenshot.
---------------------------Synchronization Service Manager
---------------------------
The type of manager (String) is not compatible with the type of manager (Reference)
---------------------------
OK
---------------------------
↧
MIM 2016 SP2 will not install for the MIM Service
I am trying to install the MIM SP2. The MIM Sync works fine but the MIM Service does not work. When I run the msp file I get the pop up with the message "There is a problem with this Windows installer package. The DLL required for this install to complete could not be run. Contact your package vendor." Also in the eventvwr I see
There is a problem with this Windows installer package. The DLL required for this install to complete could not be run. Contact your package vendor. Action DoCheckElevatedPrivileges
Anyone seen this error with installing SP2? There is no anti-virus except Windows Defender. The same msp file installs fine in my Lab. I checked C:\Users\myid\AppData\Local\Temp and my account has Full Control. I tried the patch for Build 1749, that worked
fine.
Thanks
Ike
↧
scaling MIM Gal sysn server
Hi,
Is there a documented way to scale MIM gal Sync by adding another MIM gal sync server.
Best regards
Srinidhi
↧
↧
MIM 2016 License
Hi All,
I am using MIM synchronization Service only and AAD connect for identity Management. Like to know how the license for this product is subscribed.
My clients have Azure Premium(P1) License as subscription. But still I need license separately. Can anyone help with below queries.
I am not using MIM Portal, Service and SSPR.
Do
customers required to buy individual license for MIM Synchronization Service?
- Do customers required to buy individual license for AAD Connect?
- MIM and AAD connect license is part of Azure Premium license? Will both Azure P1 and Azure P2 is applicable?
- If MIM and AAD is part of Azure subscription, do we required to pay any separate subscriptions for MIM and AAD for Monthly/Yearly usage?
Regards
Sridhar
Sridhar
↧
Managing Security Groups
While adding a member in Security group, Email Alias is getting removed.
↧
MIM Portal groups - "Member Selection" disappeared
Hi,
I have created a set to users that are not admin to manage users and groups
For groups management, only users that belong to the "Administrators" Set have the ability to choose "Member Selection"
Admin:
User:
What am I missing?
Thank you
↧
MIM Notification task is not triggering email notification
Hi All,
In one of my customer's environment we have setup user welcome email notification using MRP and customer's SMTP email gateway. It was working as expected but since last few days these notifications are not getting delivered [Few are getting delivered and few are stuck]. I checked in search request and find "System Event Request" with status "PostProcessing":
| System Event Request | 3/18/2020 8:07:31 AM | PostProcessing | Forefront Identity Manager Service Account | System Event |
I am writing this email in evening 8:00PM and this is still stuck in post processing. Can someone faced similar issues. Kindly help. I can see below errors in event viewer:
"The mail sender could not send an outbound email. This failure indicates a misconfiguration either with the mail server or with the specific mail. Frequent, repeating instances of this event indicate a failure with the mail server.
If this event occurs alongside event 12, then this event indicates a failure with Exchange. Infrequent instances of this event indicate misconfiguration of individual emails.
The mail server address is incorrect or specific outbound email has invalid data.
Ensure that the mail sender is configured to connect to the correct mail server and that the outbound mail has correct email addresses.
The specific exception reported by the mail server:
System.Net.Mail.SmtpException: Failure sending mail. ---> System.IO.IOException: Unable to read data from the transport connection: net_io_connectionclosed.
at System.Net.Mail.SmtpReplyReaderFactory.ProcessRead(Byte[] buffer, Int32 offset, Int32 read, Boolean readLine)
at System.Net.Mail.SmtpReplyReaderFactory.ReadLines(SmtpReplyReader caller, Boolean oneLine)
at System.Net.Mail.SmtpReplyReaderFactory.ReadLine(SmtpReplyReader caller)
at System.Net.Mail.CheckCommand.Send(SmtpConnection conn, String& response)
at System.Net.Mail.SmtpTransport.SendMail(MailAddress sender, MailAddressCollection recipients, String deliveryNotify, SmtpFailedRecipientException& exception)
at System.Net.Mail.SmtpClient.Send(MailMessage message)
--- End of inner exception stack trace ---
at System.Net.Mail.SmtpClient.Send(MailMessage message)
at Microsoft.ResourceManagement.Mail.IlmSmtpClient.Microsoft.ResourceManagement.Mail.ISmtpInterop.Send(MailMessage )"
Although customer is using same email gateway for other services and from those services notification are going normally.
Kindly suggest if this is related to email gateway or any issue with MIM services.
If My Answer helps you do not forget to check helpful post and If answers your question do not forget to "Mark it as an Answer" Thanks~ Giriraj Singh Bhamu
↧
↧
MIM 2016 SP2 miiskmu /e error 80004003
Hallo Everyone
I have new installation of MIM Sync Service 2016 SP2 (version 4.6.34.0). Installation was successful (service registered, DB created, I can start manager and e.g. manipulate metaverse schema). Service account provisioned as gMSA.
I cannot export encryption key. When I run "miiskmu /e ...bin /u:<domain>\<gmsa-sam>" from cmd line (as administrator) the tool fails with error 80004003 (object reference not set to an instance of an object).
Can someone help me with it?
Maciek Kluz
↧
Microsoft already announced retirement plan for Windows 2008 server and no more security patches will be applied on windows 2008 server. Hence, we are migrating the FIM servers running on Windows 2008 machine to Azure.
Challenges we faced after moving the FIM environments to Azure.FIM Portal was not opening.We checked the DNS entry,Mappings,SSl,CERT,Service,binding in IIS Manager all are same as like on-prem.We were able to open the Sharepoint Portal after the migration.But couldn't open the FIM portal with Local host and also with the DNS alias.
Please provide the checklists what and all need to be verified after the migration of FIM portal to Azure to make up and running.
↧
Password Sync
Hi ALL!
i am trying to find a solution for password sync. Let me share the problem
we have a MiM instance that it's doing it's thing. it syncs the passwords to other domains etc. PCNS is setup on "domain Users" group. and on MA we have a filters based on attributes.
lets move to the question itself:
is there anyway to filter the users by group membership?
if i would like to sync some users that are member of particular group and send it to diff domain. how can i configure MA filter?
thanks
↧
Change to Retention Period for Request, Approval, Approval Response or Workflow Instance
Just wondering if anybody has been able to change the value in the Retention Period Days under Request and workflow instance retention period configuration. The default values is 30 days, and I would like to change it to a lower number on a test environment I have to see the effect on the size of the FIMService database.
I have seen a couple of posts where folks were indicating they were looking into doing that, but there is no follow-up.
↧
↧
Trying to contact someone I lost contact with
In 2016, I met one of my best friends online. I had met many of them through skype, but I had to get my skype account shut down for personal reasons. I am still looking for one specific person after about 4 years but I can't seem to find them or
anyways to contact that. I was curious that if I gave you my email and average time I used skype if you would be able to find traces of their skype username or any other information. His name is Shawn if that is of any help. I believe his skype username used
to be something like iiQuazzinano... Will you please help me find him? Is there a possible way to search through old files?
↧
MIM Password Synchronisation
Hello, Everybody
We deployed MIM 2016 and we're able to get a set of accounts from our source forest and create these accounts in all our target domains.
On the Agents, we enabled password sync, however, it’s not working.
One account has to be synchronize in two domains at the same time (Two agents). The account is created in all the domains but the password is synchronized only in the first domain (firt agent).
If I deactivate the password synchronization on the first agent, the password is synchronized in the second.
Is there an option I need to configure so that password is synchronize on the two agents at the same time?
Thanks for the feedback.
Regards
Anta
↧
Using SSL with Active Directory MA
Would someone point me to some documentation about using SSL with Active Directory MAs?
I am trying to answer some questions about how to set up the MA connection using SSL and how secure the default "Sign and Encrypt LDAP Traffic" option is.
I'm very novice about certificates, so I would like to find out what kind of certs can be used and if it can be from an internal PKI when syncing with another company's AD or if it need to be from a trusted root like Entrust.
↧