I need to move my SQL databases to a new server.  Only the databases.  I have two databases, MIM Synchronization Service andMIM Service Database.

I have found an article on How to move the backend SQL Server Synchronization Service Database.  However I cannot find any documents to also move the Service Database.

Can anyone recommend instructions.

Thank you.

kathy4270

Hi,

How do I properly escape the "+" sign in a string?

I know have the Custom Expression:

IIF(IsPresent(officePhone),"+3121234"+officePhone,officePhone)
Results in the error: " is not a valid attribute

IIF(IsPresent(officePhone),"\+3123567"+officePhone,officePhone)
Does not escape the character, but just places a "\" in the string

Hi all,

I have a customer who's rolling out SSPR, where some of their users are unable to perform password reset without prefixing their domain (i.e. they have to log in to the portal as domain\username) where the majority don't have to.

I wondered if there was a duplicate identity in the MIM service with the same user name but different domain for the affected users, but this isn't the case.  For good measure, I deleted an affected user from the MIM portal and re-provisioned them but it's still the same.

Does anyone have any idea of how and when the domain is "assumed" or why this might not be working for some users within the exact environment where it works for others?

Thanks,

Paul.

Hi

i'm using MIM 2016 synchronization service without portal. I can provision users and groups from domain A to domain B. If a user ou is missing in domain B the synchronization task creates them. If i delete the user ou with the user in domain A the synchronization task will only delete the user - not the ou? Why is that happen and how can i get a clean synchronization.

Kind regards

derhoeppi

Hi,

I can't seem to find much on google but I'm wondering what steps are involved in moving FIM's sharepoint databases to a completely different SQL server? are there specific registry keys that need to be changed or anything like that?

Cheers.

edit: when accessing the portal we receive a "UnwillingtoPerformException: IdentityIsNotFound" in the event log and directly before that another error:

GetCurrentUserFromSecurityIdentifier: No such user NT AUTHORITY\IUSR, S-1-5-17

Hi

we are provisioning mailboxes in a mail system in the cloud (not o365) and they have provided the MA and dll for that side of the sync.

We are developing our side of the sync which is a local SQL database.

We can sync our sql view into the metaverse, provision mailboxes on the cloud mail system successfully.

However when it comes to populating the email field in the SQL view presented to the SQLMA we are stuck what to do next.

I have configured attribute flow in the SQL MA. How do I enable provisioning the email addres field in our local SQL?

Hi everyone!

I'm using IMAPasswordManagement to update password of Users from AD(Active Directory) to SQL server.

With SetPassword events only fire 4 times, 5th times it(event SetPassword) is not fired.

Please help me this problem!
Thank!

Hello!

I'm looking how I can track changes history in MIM. We decided to send email notifications andout what was changed.

Yes, I know about SCSM, but looking for more simple solution.

So, which notifications are needed:

1.Change in HR DB attribute from 1 to 0 -> generate email to user or user's manager about this change. I think that I can use set and workflow for this, but can't buid a logics fot it.

2. Change in users name/surname  -> generate email to user or user's manager about this change. How it can be done?

3. Information letter to administrator about changes, what happened in AD to user account (change of all attributes, like displayName, first name and so on).

Thanks!

1

We are working on the Sync process using FIM/MIM to sync AD and Custom attributes from sql server to SharePoint user profile.

So far I have done :

1. Created management agent for AD , SQL Server and SharePoint.
2. Created Custom Attributes in Metaverse.
3. Map and defined the attributes flow from SQL Server Agent to Metaverse.
4. Map and defined the attributes flow from Metaverse to SharePoint agent.

but after running the full sync cycle, custom attributes are not getting updated in sharepoint user profile.

please let me know if i am missing any steps.

Hi Everyone,

We upgraded our environment from FIM 2010 R2 to MIM 2016 SP1 last week. After upgrade we notice that Pop URL for any object is not working as the way it was working in FIM2010 R2 version.

Below are the URL format which we were using in FIM 2010 R2 version to open group object type in pop windows:

In FIM 2010 R2:-

https://localhost/identitymanagement/aspx/customized/EditCustomizedObject.aspx?id=6978f402-6efd-4910-9de6-25d5f2fda843&type=Group&_p=1

However, when we remove "&_p=1" and try the rest of URL in MIM then object open but not in pop windows. 

Anyone knows what's URL we should use in MIM 2016 SP1 version to open any object in pop window.

Thanks in advance!!

Sujit Kumar

Hi,

A script which is working fine fails within Powershell. Why?

This is the error.

export-fimconfig : The type initializer for 'Microsoft.ResourceManagement.WebSer
vices.Client.ResourceManagementClient' threw an exception.

At C:\temp\tncs.ps1:100 char:30
+ $CurObject = export-fimconfig <<<<  -Credential $Credential `
    + CategoryInfo          : NotSpecified: (:) [Export-FIMConfig], TypeInitiali
zationException
    + FullyQualifiedErrorId : System.TypeInitializationException,Microsoft.Resou
rceManagement.Automation.ExportConfig

GH

Hi

For some business reasons, I have created a new type of object into the FIM portal and the metaverse : Subcontractor. Those objects are synchronized with an Active Directory. From Active Directory, I get an ObjectSID, synchronized to the FIM Portal.

When I try to log on the Portal with a subcontractor account, I have a Microsoft.ResourceManagement Error (Event ID 3) :

GetCurrentUserFromSecurityIdentifier: No such Domain\User, S-1-5-21- .....

Is the access to the portal limited to Person Object Only ?

Thank you for your answer

Calling all wise men!

Join us and rejoice!

THE FINAL CHALLENGE OF 2016!!

December 2016 Guru, it’s time to share great skills as a TechNet Wiki article and WIN medal(s). Medals? Yes, you can share multiple articles in the same or different categories! Now, navigate to TechNet Guru Competition December 2016  to choose your categories and if it’s not listed add your content in Miscellaneous Category!

New and last month of the year 2016. It’s time for us to wave hands to say "bye bye 2016" by winning TechNet Wiki Guru medals. Let’s make this December to Remember! 

All you have to do is add an article to TechNet Wiki from the field of your interest. Something that fits into one of the categories listed on the submissions page. Copy in your own blog post, a forum solution, a white paper, or just something you had to solve for your own day’s work today.

A snippet you share can make you a December 2016 TechNet Wiki Guru in your favorite category and this is official Microsoft TechNet recognition!

HOW TO WIN

1) Please copy over your Microsoft technical solutions and revelations to TechNet Wiki.

2) Add a link to it on THIS WIKI COMPETITION PAGE (so we know you’ve contributed)

3) Every month, we will highlight your contributions, and select a “Guru of the Month” in each technology.

If you win, we will sing your praises in blogs and forums, similar to the weekly contributor awards. Once “on our radar” and making your mark, you will probably be interviewed for your greatness, and maybe eventually even invited into other inner TechNet/MSDN circles!

Winning this award in your favorite technology will help us learn the active members in each community. 

Feel free to ask any questions below.

More about TechNet Guru Awards.

You Share We Care!

TechNet Wiki Addict Chen V and ...

Thanks,

If my reply is helpful please mark as Answer or vote asHelpful.

My blog | Twitter | LinkedIn

This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

The workflow instance '....' encountered an internal error during processing. Contact your system administrator for more information

I am following the Microsoft installation guide and have managed to get to almost the end where I need to verify/demonstrate that PAM is actually working. 

This is where Jen tries to access a share and gets access denied and then requests privileged access by using the cmdlet new-pamrequest.  The cmdlet fails with the above error.

I tried the portal and it fails as well

I looked at the workflow in question and it is empty, so I am at a loss.  Can anyone point me in the right direction.  Thanks. 

Hilalh

After updating a MA schema (in this particular case I had added a column to an Oracle MA), I got this error in the event log:

Event 6331, FIMSynchronizationService
A update on the configuration of a MA or MV failed to replicate to a target connector directory that is capable of storing MA/MV configurations. As a result, the MA/MV configuration data in this connector directory is not up to date. Please correct the condition that causes the error, and triggers a resync by updating the password information of the target MA.

This error has been reported on other occasions, and I'm afraid that there is no better solution than re-installing, which would be annoying on a production system.

Has someone found out a way to deal with this without reinstalling?

Thanks,
Paolo

P.S: I have submitted a bug on connect: mv-data replication failure after MA schema update. Please vote it if you think it's useful.

I try to query MIM PAM for existing Roles. But the user I am using always gets all Roles he is a candidate or errors.
Whats wrong using either Powershell module or REST API as stated below?

This is OK (Powershell module):
Get-PAMRole -DisplayName CorpAdmin

But this produces an error:
Get-PAMRole -Filter {DisplayName -eq 'CorpAdmin'}
Get-PAMRole : cannot filter as requested

Using REST API I always get all roles the user is a candidate but not the one I am asking for:

$filter = 'filter=DisplayName eq "CorpAdmin"'
$Encode = [System.Web.HttpUtility]::UrlEncode($filter)
$uri = 'http://MIMRedPAM.red.corp.dir:8086/api/pamresources/pamroles?$' + $Encode
$result = Invoke-RestMethod -Method GET -Uri $uri -UseDefaultCredentials 
$result.value

Can anyone of help?
Henry

Hello Everyone,

I am experiencing an issue with the MIM Reporting failing on the Initial Sync. Both times I have experienced the issue has been with the MIM 2016 SP1 install media. SCSM Service manager is on a separate server with SQL and SCSM DW is on a separate server with SQL. I first complete the SCSM 2012 Service Manager and Data Warehouse installation, register the Data Warehouse and confirm the initial MPSync job finishes with all Management Packs imported/associated. Then I run the MIM 2016 SP1 Reporting installation and confirm the MIM Management Packs are all imported/associated and showing up in Reports in the SCSM console. Then I run the FIMPostInstallScriptsForDataWarehouse.ps1 script which completes successfully. When I run theStart-FIMReportingInitialSync.ps1 script and check the Reporting Job in the MIM Portal, it fails immediately and produces the below errors.

Firewall is off between the servers as well. Has anyone seen this issue before and have a solution?

Reporting Job Details: 

ObjectTypeName: Person,

AttributeName: ObjectType,

RequestIdentifier: 00000000-0000-0000-0000-000000000000,

ObjectID: 7fb2b853-24f0-4498-9534-4e10589723c4,

Value: Person,

DataType: String,

MultiValue: False,

Added: True,

SubscriptionDetails: <DataWarehouseClassProperty ClassTypeIdentity="FIMDW.FIMPerson" PropertyIdentity="FIMObjectType" ManagementPackIdentity="Microsoft.Forefront.IdentityManager.Datawarehouse.Base" ManagementPackVersion=”1.0.0.1”/>,

EventTime: 12/05/2016 19:38:27

Event Viewer:(Three errors connected to the issue)

Error
12/5/2016 11:38:17 AM
Microsoft.ResourceManagement.ServiceHealthSource
68 None

"The FIM Reporting ETL job failed while making a call to the System Center Service Manager Management Server SDK service.  This could be caused by a network or service interruption which is preventing communication between the FIM Service and the System Center Service Manager SDK Service, or by an internal error within System Center.

To fix this issue, ensure that there are no firewalls or network connectivity issues which may be preventing communication between these two services. Also ensure that the System Center Management and System Center Data Access services are running on the System Center Service Manager Management Server.

If you encounter this error after running your first ETL job, ensure that you have installed the FIM Reporting support scripts on your Data Warehouse machine.  You can find these scripts in the Service and Portal folder of your FIM media.

For more information about this error, view the most recent reporting job in the FIM Portal and look for any exceptions which may have occurred.
"

Error
9/21/2012 4:19:41 PM
Microsoft.ResourceManagement 3
None

Reporting Job Manager: Reporting job halted due to error.

Error
9/21/2012 4:19:41 PM
Microsoft.ResourceManagement 3
None

ObjectTypeName: Person, AttributeName: ObjectType, RequestIdentifier: 00000000-0000-0000-0000-000000000000, ObjectID: 7fb2b853-24f0-4498-9534-4e10589723c4, Value: Person, DataType: String,

MultiValue: False, Added: True, SubscriptionDetails: <DataWarehouseClassProperty ClassTypeIdentity="FIMDW.FIMPerson" PropertyIdentity="FIMObjectType" ManagementPackIdentity="Microsoft.Forefront.IdentityManager.Datawarehouse.Base" ManagementPackVersion=”1.0.0.1”/>, EventTime: 12/05/2016 19:38:27 ---> System.InvalidOperationException: Cannot find management pack with identity Microsoft.Forefront.IdentityManager.Datawarehouse.Base
   at Microsoft.ResourceManagement.Reporting.DataProvider.DataWarehouseManagementPackManager.GetManagementPack(String managementPackKey)
   at Microsoft.ResourceManagement.Reporting.DataProvider.DataWarehouseObjectGenerator.CreateEnterpriseManagementObject(Guid objectIdentifier, String classType, String managementPackIdentity)
   at Microsoft.ResourceManagement.Reporting.DataProvider.DataWarehouseObjectGenerator.CreateEnterpriseManagementObject(DataWarehouseClassMapping mapping)
   at Microsoft.ResourceManagement.Reporting.DataProvider.DataWarehouseCollection.ProcessEntry(ExportLogEntry entry)
   --- End of inner exception stack trace ---
   at Microsoft.ResourceManagement.Reporting.DataProvider.DataWarehouseCollection.ProcessEntry(ExportLogEntry entry)
   at Microsoft.ResourceManagement.Reporting.DataProvider.DataWarehouseProvider.ProcessBatch(List`1 batch)
   at Microsoft.ResourceManagement.Reporting.ReportingManager.ExecuteBatchOfExtractTransformLoad(IDataManager dataManager)
   at Microsoft.ResourceManagement.Reporting.ReportingManager.ExportData(IDataManager dataManager)
   at Microsoft.ResourceManagement.Reporting.ReportingManager.RefreshSchema()
   at Microsoft.ResourceManagement.Reporting.JobManager.Run()

My FIM version is 2010 R2 4.1.3733.0

I have an Oracle 11g client and MA. I need edit one attribute and change the nullable flag, but it is not posible from MA Properties.

How can I do?

Hi!

I have a strange problem with MPR and Workflows interactions.

1. MPR with Trainsition In (ckecking for employee status - vacation/fired, do on) Action Type is working fine, I get email notifications and Requests are in Completed status.

2. MRP with Modify, Create Action Type(checking for user attributes changes) is workig strange. If only one user was modified - everything is OK. If there are 2-3 users are modified I get errors in Requests:

First error:

Update to msidmCompositeType: '' Request PostProcessingError Built-in Synchronization Account 

<RequestParameter xmlns:q1="http://microsoft.com/wsdl/types/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="UpdateRequestParameter"><Target>bad9929a-6f4c-4515-9be2-c15f12c09c6b</Target><Calculated>false</Calculated><PropertyName>LastName</PropertyName><Value xsi:type="xsd:string">User1-TXT333344222</Value><Operation>Create</Operation><Mode>Modify</Mode></RequestParameter>
------------------------------------------------------------
<RequestParameter xmlns:q1="http://microsoft.com/wsdl/types/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="UpdateRequestParameter"><Target>cc87859a-cafe-44fb-b109-e325762a53b3</Target><Calculated>false</Calculated><PropertyName>Department</PropertyName><Value xsi:type="xsd:string">IT-TXT2222445511</Value><Operation>Create</Operation><Mode>Modify</Mode></RequestParameter>

Second Error: System Event Request  PostProcessingError Forefront Identity Manager Service Account 

Parent Request: Update to msidmCompositeType: ''

RequestParameter:

<RequestParameter xmlns:q1="http://microsoft.com/wsdl/types/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="SystemEventRequestParameter"><Target>bad9929a-6f4c-4515-9be2-c15f12c09c6b</Target><Calculated>false</Calculated><WorkflowDefinition><Value>747e22cc-0811-46dc-9717-fb43a4b87eff</Value></WorkflowDefinition></RequestParameter>
------------------------------------------------------------

RequestStatusDetail:

<RequestStatusDetail xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" DetailLevel="Information" EntryTime="2016-12-30T12:23:13.6990636Z">This unknown request parameter cannot be processed.</RequestStatusDetail>

Can anybody say haw this problem can be resolved?

Thanks!