Quantcast
Channel: Forum Microsoft Identity Manager
Viewing all 6944 articles
Browse latest View live

importing from azure active directory connector gives only few attributes

July 4, 2018, 9:11 am
$
0
0

Hello,

I have to connect the output of non active directory system to Office365 to provision users. To this end I have installed MIM 2016 and added the azure active directory connector.

The office365 tenant has pre-existing user accounts. I specified an immutableId for these accounts using powershell. I then was able to import these users.

The problem is I get only very few attributes in the import, though I selected many for import.

I would at least expect a value for userprincipalname and the email addresses of the user, but I barely get more than first and lastname. How do I get the agent to import more attributes? Is this a result of those account already existing? If so how do I convert them to "synced" accounts?

Hope somebody here know the answer.


Search

MiM SYNC cross forest - Group Membership - Contacts & Users

July 10, 2018, 3:52 am
$
0
0

Currently I have MIM sync implemented with GALSYNC to create and manage cross forest contacts.  Now I want to expand on this.   We are currently doing a cross forest move of users with ADMT, Prepare-mailboxmove.ps1.  This process works fine, a user in A is move to B and through SID history they also keep their group memberships.  What I want to do is populate the corresponding Mail Enabled distribution groups with the users contact in Domain B, when the user is migrated to domain B the contact is created in A (Currently working) and the contact is also added to the correct Distribution Group.  Is this even possible?

Domain ADomain B
USER.A1USER.B1
Contact.B1Contact.A1
Before Migration
DLDL
Contact.B1User.B1
After migration
DL
User.B1Contact.B1


Fimcalendar does not work in MIM2016 SP1

February 28, 2017, 3:17 am
$
0
0

Hi,

We have upgraded MIM 2016 to MIM 2016 SP1. Everything works fine, except the FimCalendar (https://github.com/pieceofsummer/FIMCalendar). We use this date picker because this is a handy functonality for the end-users. But in SP1 the FimCalendar doe not work anymore. Does someone have the same problem? And does someone knows how we can solve this problem?

Thanks for your help.

Johan van der Molen

sync-generic-failure error in ADConnect

June 18, 2018, 9:07 pm
$
0
0

Hi,

I am getting sync generic error when trying to sync on Prem AD object to Azure AD.

The error is "A different entry with target identifier already exists"

Kindly assist me to resolve this error

Rajesh

MIM and Cardax integration

July 10, 2018, 4:46 pm
$
0
0

Hi,

Has anyone integrated FIM/MIM with a building access security card system called Cardax before?

Which MA did you use / develop?

Were there any complexities to be aware of?

Thank you,

SK

Clear value in source on FilterForDisconnection

July 11, 2018, 11:12 pm
$
0
0
I have a FilterForDisconnection rule so that CS entries are removed that satisfy a certain condition. What I need to do is set a value on that newly disconnected object - the metaverse entry remains so I don't think it comes under deprovisioning. I just need to write something to the actual object in the source before it's disconnected. Is there some way I can do this?

Synchronizing nested active directory groups

July 12, 2018, 2:38 am
$
0
0

Hello dears..

is there any way to sync groups between active directory and MIM 2016 without expanding nested groups and convert it to a group that contains members only ?

I have some cases that I need to manage membership of nested groups without the members expanding, please help.

thank you :)

FIM 2010 R2 - Removing attribute from Attribute Flow

July 12, 2018, 6:04 am
$
0
0

Dear community,

In an Account & Resource Forest scenario for Exchange, FIM 2010 R2 has been installed and configured with two Management Agents. Currently, one Management Agent is importing user objects from the Account Forest into MIM, the other Management Agent is exporting those user objects from MIM into the Resource Forest.

Currently, the attribute "mailNickname" is synchronizing from the Account forest into the Resource forest thru FIM.

My intend is, to remove the attribute "mailNickname" from the attribute flow, so that this attribute is not synchronized into the user objects in the Resource Forest from the user objects from the Account forest anymore - BUT I have to make sure, that user objects in Resource Forest, who already have the attribute "mailNickname" set, that the attribute "mailNickname" will not be deleted or emptied - the user objects in Resource forest  should remain as they are.

How FIM thinks and works in that case?
Does FIM no longer feel responsible for the attribute "mailNickname" in the Resource Forest if I remove the attribute from the attribute flow? (which is what I want) Or will FIM remove the attribute "mailnickname" from all user objects in the target Resource Forest (which is not what I want)?

Thanks everybode for input!

Search

Query on FIM/MIM

March 27, 2018, 2:00 am
$
0
0

Hi,

Can anyone help me with this query ?

for 11 years , I have worked inActivedirectory and and have knowledge in powershell as well. But  I am planning to switch in to FIM  and MIM.

Can anyone guide me what all thing should I know about Fim and MIM and also please share me best documents to learn these ?

Installation of FIM / MIM on SharePoint 2010 and SharePoint 2013

October 15, 2017, 6:59 am
$
0
0

1. Need clarifications on RCDC Life Cycle. which one do we call RCDC Life Cycle and what are the steps.

2. the Differences of Installing FIM / MIM on SharePoint 2010 and SharePoint 2013 

Bhold breaks nested groups structure in active directory

July 15, 2018, 1:11 am
$
0
0

Hello dear all

I have a nested group structure that I don't want to break it when managing group membership when using MIM bhold but I can't find a way for that..

is there any possible solution to keep managing groups with Bhold without breaking the nesting ??

Thank you..

Randa

FIM 2010 R2, I get an error when I try to run Full Import on HR MA - no-start-database-schema-mismatch, Schema-Out-of-date

July 16, 2018, 7:10 am
$
0
0

FIM 2010 R2

I get an error when I try to run Full Import on HR MA - no-start-database-schema-mismatch, Schema-Out-of-date, 0x80230823

HR MA is connecting to MSql.

I tried to refresh the schema, but it shows that it is up to date. Tried to reenter passwords, but nothing changed.

What then can be the problem here? Maybe some bad data in some table can cause this?
Cannot find any useful information on web.

MIM 2016 SP1 Reporting Initial Sync Failing

December 5, 2016, 1:03 pm
$
0
0

Hello Everyone,

I am experiencing an issue with the MIM Reporting failing on the Initial Sync. Both times I have experienced the issue has been with the MIM 2016 SP1 install media. SCSM Service manager is on a separate server with SQL and SCSM DW is on a separate server with SQL. I first complete the SCSM 2012 Service Manager and Data Warehouse installation, register the Data Warehouse and confirm the initial MPSync job finishes with all Management Packs imported/associated. Then I run the MIM 2016 SP1 Reporting installation and confirm the MIM Management Packs are all imported/associated and showing up in Reports in the SCSM console. Then I run the FIMPostInstallScriptsForDataWarehouse.ps1 script which completes successfully. When I run theStart-FIMReportingInitialSync.ps1 script and check the Reporting Job in the MIM Portal, it fails immediately and produces the below errors.

Firewall is off between the servers as well. Has anyone seen this issue before and have a solution?

Reporting Job Details: 

ObjectTypeName: Person,

AttributeName: ObjectType,

RequestIdentifier: 00000000-0000-0000-0000-000000000000,

ObjectID: 7fb2b853-24f0-4498-9534-4e10589723c4,

Value: Person,

DataType: String,

MultiValue: False,

Added: True,

SubscriptionDetails: <DataWarehouseClassProperty ClassTypeIdentity="FIMDW.FIMPerson" PropertyIdentity="FIMObjectType" ManagementPackIdentity="Microsoft.Forefront.IdentityManager.Datawarehouse.Base" ManagementPackVersion=”1.0.0.1”/>,

EventTime: 12/05/2016 19:38:27

Event Viewer:(Three errors connected to the issue)

Error
12/5/2016 11:38:17 AM
Microsoft.ResourceManagement.ServiceHealthSource
68 None

"The FIM Reporting ETL job failed while making a call to the System Center Service Manager Management Server SDK service.  This could be caused by a network or service interruption which is preventing communication between the FIM Service and the System Center Service Manager SDK Service, or by an internal error within System Center.

To fix this issue, ensure that there are no firewalls or network connectivity issues which may be preventing communication between these two services. Also ensure that the System Center Management and System Center Data Access services are running on the System Center Service Manager Management Server.

If you encounter this error after running your first ETL job, ensure that you have installed the FIM Reporting support scripts on your Data Warehouse machine.  You can find these scripts in the Service and Portal folder of your FIM media.

For more information about this error, view the most recent reporting job in the FIM Portal and look for any exceptions which may have occurred.
"

Error
9/21/2012 4:19:41 PM
Microsoft.ResourceManagement 3
None

Reporting Job Manager: Reporting job halted due to error.

Error
9/21/2012 4:19:41 PM
Microsoft.ResourceManagement 3
None

ObjectTypeName: Person, AttributeName: ObjectType, RequestIdentifier: 00000000-0000-0000-0000-000000000000, ObjectID: 7fb2b853-24f0-4498-9534-4e10589723c4, Value: Person, DataType: String,

MultiValue: False, Added: True, SubscriptionDetails: <DataWarehouseClassProperty ClassTypeIdentity="FIMDW.FIMPerson" PropertyIdentity="FIMObjectType" ManagementPackIdentity="Microsoft.Forefront.IdentityManager.Datawarehouse.Base" ManagementPackVersion=”1.0.0.1”/>, EventTime: 12/05/2016 19:38:27 ---> System.InvalidOperationException: Cannot find management pack with identity Microsoft.Forefront.IdentityManager.Datawarehouse.Base
   at Microsoft.ResourceManagement.Reporting.DataProvider.DataWarehouseManagementPackManager.GetManagementPack(String managementPackKey)
   at Microsoft.ResourceManagement.Reporting.DataProvider.DataWarehouseObjectGenerator.CreateEnterpriseManagementObject(Guid objectIdentifier, String classType, String managementPackIdentity)
   at Microsoft.ResourceManagement.Reporting.DataProvider.DataWarehouseObjectGenerator.CreateEnterpriseManagementObject(DataWarehouseClassMapping mapping)
   at Microsoft.ResourceManagement.Reporting.DataProvider.DataWarehouseCollection.ProcessEntry(ExportLogEntry entry)
   --- End of inner exception stack trace ---
   at Microsoft.ResourceManagement.Reporting.DataProvider.DataWarehouseCollection.ProcessEntry(ExportLogEntry entry)
   at Microsoft.ResourceManagement.Reporting.DataProvider.DataWarehouseProvider.ProcessBatch(List`1 batch)
   at Microsoft.ResourceManagement.Reporting.ReportingManager.ExecuteBatchOfExtractTransformLoad(IDataManager dataManager)
   at Microsoft.ResourceManagement.Reporting.ReportingManager.ExportData(IDataManager dataManager)
   at Microsoft.ResourceManagement.Reporting.ReportingManager.RefreshSchema()
   at Microsoft.ResourceManagement.Reporting.JobManager.Run()

MIM 2016 SP1 Service and portal wizard ended prematurely

July 17, 2018, 11:20 pm
$
0
0

Hi, 

I am trying to install MIM 2016 SP1, have installed SQL 2016, SharePoint 2016 so far and getting this error.

I am having one active directory which is my domain controller, installed MIM synchronization on that server and on another server i have installed SQL, SharePoint as well as trying to Install MIM Service and portal and getting the Service and portal error.

So my question is do i need Exchange Online as i am selecting that option but not having exchange online.

I ran the command ""msiexec /I "Service and Portal.msi" /L*V MIM_Service_Install.logto get the log file but unable to troubleshoot that log.

Here is the link for the log file. help will be appreciable. 

https://nathcorp1-my.sharepoint.com/:u:/g/personal/roshan_kumar_nathcorp_com/EfUlMiYyZr5BjVDSlNAd1dUBoqjseIMJ2ZTLP8hmFd82Hw?e=qhIKcp

Thanks,

Roshan


Sailpoint 7.2 integration with Microsoft Identity Manager 2016

July 18, 2018, 10:05 am
$
0
0

Hi,

 

I am currently trying to integrate Sailpoint 7.2 with Microsoft identity Manager(MIM) for one of the requirements and I am stuck at the step where you import Management agent Sailpoint-MA on MIM Synchronization client. I have entered the details as shown in attached screenshot and when I click on Next I get error as "Unable to retrieve schema". The MA is a custom one of type ECMA 2.0. This MA has been provided by Sailpoint for integrating with FIMR2. I think it should work with MIM as well but not very sure.

Appreciate if someone can help me with this. Thanks.

Regards, Chandan

Search

Error deleting attribute in the FIM Sync Engine

December 20, 2010, 12:05 pm
$
0
0

I have a metaverse attibute I mistakenly did not set up as multivalued.  I had a flow rule (configured in the portal) that was putting data into the attribute, but got errors thanks to my misconfiguration.  I removed the inbound flow for that attribute and the attribute shows zero inbound flows in the metaverse, but when I try to remove it, I get "Object reference not set to an instance of an object".  This is a custom object type in the metaverse and a custom attribute only used by the new object type.

Sync engine is at version 4.0.3558.2.

Thoughts?

Keith

How to Delegate Group Management to Service Desk

July 18, 2018, 12:13 pm
$
0
0

I have been looking for a way to delegate adding and removing users from groups through the MIM Portal to our Service Desk.

I have tried creating an MPR that grants read access to All Groups and All Group Attributesm, and another MPR that grants Add and Remove Multivalues attributes for the Manually Managed Membership attribute.

Also I have excluded these user from the NON Administrators set as well.

Currently they still cannot see any Security groups(Im not managing Distribution Groups in MIM).

Is there something that I am missing?

Database upgradation from SQL 2008 R2 to 2014

July 19, 2018, 3:21 am
$
0
0

Hello Friends,

We are upgrading our databases FIM databases from 2008 to SQL 2014 and to new servers as well.

We have FIM 2010 R2(v4.1.3436) in our environment. So I just want to know how to proceed so that new servers will be adopted by our existing FIM environment.

Can we go with in-place upgrade by just stopping the service ,so that we can provide the new db details while installing the product and registries will be configured accordingly.

Kindly suggest.

Regards,

Suman

MIM 2016 DG workflow giving error You cannot call a method on a null-valued expression.

July 19, 2018, 10:37 am
$
0
0

Hi All,

I have workflow which updates mail,proxy addresses and mail alias when user change alias of Distribution group. Workflow has below steps

1. Read values from default env-- Working

2. Generate new mail id using .PS1- Working 

3. update mail id-getting updated in object

4. Generate proxy list using .ps1- Log file shows its generating proxy list

5. update proxy --not working

6. Calculate new aliases - log file is empty

7. Update alias - not working

 now when mim log showing You cannot call a method on a null-valued expression.then which script would be giving this error.

How to fix this

MIM 2016 Issue while applying hotfix apply from 4.4.1302.0-->4.4.1749.0

July 19, 2018, 11:09 am
$
0
0

Hello,

I am getting below error when we try to apply hotfix. Anybody know how to fix this?

MSI (s) (58:DC) [10:43:21:397]: Executing op: CustomActionSchedule(Action=PatchRemoveFIMPortal,ActionType=1025,Source=BinaryData,Target=CAQuietExec,CustomActionData="C:\Program Files\Microsoft Forefront Identity Manager\2010\Portal\Microsoft.IdentityManagement.SolutionPackUtility.exe" action=uninstall mode=ServiceAndPortal log=event SHAREPOINTTIMEOUT=180 SHAREPOINT2016RESTART=1 SHAREPOINT2007CAPATIBILITIES=1  SolutionPack=MicrosoftIdentityManagement.wsp deleteweb=no continueonerror=no UILevel=5)

MSI (s) (58:88) [10:43:21:397]: Invoking remote custom action. DLL: C:\Windows\Installer\MSIC216.tmp, Entrypoint: CAQuietExec

CAQuietExec:  Microsoft.IdentityManagement.SolutionPackUtility.exe will deploy and/or retract the FIM solution packs. This operation may take long time in a SharePoint farm environment.

CAQuietExec:  Executing all administrative timer jobs in preparation for FIM solution pack retraction.

CAQuietExec:  Retracting microsoftidentitymanagement.wsp

CAQuietExec:  An exception occurred while running Microsoft.IdentityManagement.SolutionPackUtility.exe: A deployment or retraction is already under way for the solution "microsoftidentitymanagement.wsp", and only one deployment or retraction at a time is supported.

CAQuietExec:  An error occurred while retracting FIM portal solution packs.

CAQuietExec:  Error 0xfffffffa: Command line returned an error.

CAQuietExec:  Error 0xfffffffa: CAQuietExec Failed

CustomAction PatchRemoveFIMPortal returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)

Viewing all 6944 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>