Quantcast
Channel: Forum Microsoft Identity Manager
Viewing all 6944 articles
Browse latest View live

Access To Fim Portal Throwing Sharepoint Parsing Error

September 21, 2020, 8:38 am
$
0
0

I was wondering if any of you guys could shed some light on where else I can look at to figure out what is going on. I had reported a portal access issue a month of so ago on another server which I was able to fix by reinstalling the Service/Portal services. Unfortunately, I have had no luck using the same approach on this other server. It is currently running MIM 2016 SP2 with the latest service pack (4.6.263.0) on a Windows 2016 server. Portal, FIM Service and FIM Sync Service are all running on thi same server, and I don't seem to have any issue with FIM Service and FIM Sync Service. It seems to be restricted to the portal itself. I am able to retrieve and update data through the resource management URL. I can also access the Sharepoint Admin site without any problem.

Parser Error  
             Description:An error occurred during the parsing of
a resource required to service this request.   Please review the
following specific parse error details and modify your source file
appropriately.
           



            Parser Error Message:Code blocks are not allowed in this file.



            Source Error:

                     
Line 21:     <SharePoint:RobotsMetaTag ID="RobotsMetaTag1" runat="server" />
Line 22:     <asp:PlaceHolder runat="server">Line 23:         <link rel="ICON" href="<%= Microsoft.IdentityManagement.WebUI.Controls.SharePointUtility.PopulateAbsolutePathFromLayouts("images/MSILM2/favicon.ico") %>" />Line 24:         <link rel="SHORTCUT ICON" href="<%= Microsoft.IdentityManagement.WebUI.Controls.SharePointUtility.PopulateAbsolutePathFromLayouts("images/MSILM2/favicon.ico") %>" />
Line 25:


Search

All about Active Directory CNF object finding validation and removing

September 21, 2020, 11:08 am
$
0
0
Hello All,

I need to know all about CNF , How to validate the CNF object and which object i need to keep and which one i have to remove with live example"
Also, How to rename CNF object ?

I really appreciate if anyone can help me please.

MIM 2016 integration with Success Factors

September 21, 2020, 11:33 am
$
0
0

We are in middle of integrating Success Factors Odata API with the MIM solution using the web service configuration tool. While we are able to authenticate to the Success Factor API and are able to design the import workflows. When importing the data into the MIM Sync we are getting the followingexceptionerror"stopped-extensible-extension-error", in the application events" The extensible extension returned an unsupported error, the stack trace is: 

Microsoft.MetadirectoryServices.ExtensibleExtensionExcept... Microsoft.MetadirectoryServices.ExtensibleExtensionException: Object reference not set to an instance of an object. ---> System.NullReferenceException: Object reference not set to an instance of an object. at Microsoft.IdentityManagement.MA.WebServices.Activities.HttpRestServiceCallActivity.HandleRestServiceException(WebException fault, AsyncCodeActivityContext context) at Microsoft.IdentityManagement.MA.WebServices.Activities.HttpRestServiceCallActivity.EndExecute(AsyncCodeActivityContext context, IAsyncResult result) at System.Activities.AsyncCodeActivity.CompleteAsyncCodeActivityData.CompleteAsyncCodeActivityWorkItem.Execute(ActivityExecutor executor, BookmarkManager bookmarkManager) --- End of inner exception stack trace --- at Microsoft.IdentityManagement.MA.WebServices.AbstractWorkflowOperation.ThrowSyncEngineExceptionFromUnhandled() at Microsoft.IdentityManagement.MA.WebServices.ImportStrategy.GetImportEntries(ImportRunStep importRunStep) at Microsoft.IdentityManagement.MA.WebServices.WebServiceManagementAgent.GetImportEntries(GetImportEntriesRunStep importRunStep) Forefront Identity Manager 4.6.34.0

Kindly advise if anyone has come across any such error.

Windows Server 2016 R2 ISO link or Patch link

September 22, 2020, 6:37 am
$
0
0

Hi,

Please provide Windows Server 2012 R2 ISO link or Patch link, we need to update from Server 2016 standard to R2 standard.

Thanks

Lakshminarayana

MIM Portal: Can Create Sets, MPRs, Groups, etc, but not Schema or User Objects.

September 22, 2020, 9:34 am
$
0
0

It looks like this MIM server I am working on is cursed!!!  LOL

After all the trouble to get the portal to work again after an issue with SharePoint patch updates, I am now facing an odd issue where I can create sets, MPRs, groups and few other objects, but I cannot create a user or an schema attribute. I can modify a user and the description of an attribute though.

The request is being denied, and event viewer reports a timed-out operation. I even created a God MPR that allows any operation on any object, and I still cannot create those objects.

Does anybody know what could be going on and what I might need to do?  

Restrict Global Admin MFA Methods

September 23, 2020, 8:50 am
$
0
0

Is it possible to change the mfa methods specifically for Global Admins that is different from the normal user base? What we are looking to do is the following:

User base - Can register MFA by use of SMS, Phone Call, Mobile App, Software/Hardware token (note I understand that sms is not a good thing, but at this point in time we are stuck where we are)

Users with Global Admin - Must register and use Authenticator App as well as Hardware token to authenticate.

Please let me know if it is even possible to do such a thing or any recommendations you may have.

<style><br _moz_dirty="" /></style>

Custom resource type is not displayed in criteria-based group filter selector

September 23, 2020, 11:58 am
$
0
0

I've created a custom resource type, Computer, and have it synchronizing with an AD MA.  I need to populate groups by the computer's operating system (this attribute is synchronized and visible in the portal).  I created a new group and set it to criteria-based, but when I go to the members tab it only shows "all eligible resources", "groups", and "users", no other resource types. 

I can create a set with the criteria I want.  And the filtering works if I build the filter xml manually and set it to the group's filter attribute.  But I can't change anything with that group in the GUI since it will claim the filter is not valid.

Did I miss something I needed to do to let the custom resource type show up as part of the criteria selection for groups?

Unable to Delete Resources from MIM Portal

September 23, 2020, 11:10 am
$
0
0

Hello there,

I am trying to delete some resources in our Development MIM portal (logged in with Administrator account that setup the Portal) and when I delete the resource, it acts like it's going to do it, then gives an error stating it was unwilling to complete the request.  I have included the error details below.

Thank you in advance for any advice and input!

Error processing your request: The server was unwilling to perform the requested operation.
Reason: 
Unspecified.
Correlation Id: 
dedadd48-1c33-44eb-bfb5-98dab0a79d70
Request Id: 
693f0f11-f4b3-4169-96df-6c4de12693ca
Details: 
Request could not be dispatched.

Systems Engineer

Search

Granfeldt PS MA - ChangedAttributes confusion.

September 24, 2020, 10:10 am
$
0
0

Hi all,

I'm using MIM Sync 4.6.34 with the Granfeldt PowerShell MA 5.5.3.1309. In looking at the examples, I see a lot of code like this:

foreach ($can in $_.ChangedAttributeNames)
    {# $can : ChangedAttributeName
    foreach ($ValueChange in $_.AttributeChanges[$can].ValueChanges)
        {
        if ( $can -eq 'homeFolderPath' ){$homeFolderPath = $ValueChange.Value}
        }
    }

In the pipeline objects set, I cannot find an attribute called "AttributeChanges".

In the documentation (online) it says to specify control attributes as $_."[ChangedAttributeNames]" as opposed to $_.ChangedAttributeNames.

Are the examples outdated compared to the latest release of the MA? Am I looking at "Simple" objects verses standard "CSEntryChange" objects? Is any of this really documented anywhere other than other people's code? This is all very confusing.

Any help would be greatly appreciated.

-- Tim.

MIM 2016 SP2 Portal - SQL Performance

September 25, 2020, 12:15 am
$
0
0

Hello!

I've patched a few environments to 4.6.263.0 and I've noticed really abysmal performance in the MIM-portal compared to 4.5.412.0 when writing changes to objects in the database.

For test I added a a new bool to users that does nothing else. Changing this value in the portal will run up to 30 seconds.

Sync engine seems to have equal performance as before.

I've increased the timeouts so it seems that it runs ok but it just takes a lot longer time. Have anyone else experienced the same issues patching to SP2?


MIM for GAL Sync between two organizations

September 25, 2020, 12:24 am
$
0
0
Hi Team,

I need some advise.

We have a use case in which we want to have GAL Sync between two organization.

That means we have two seperate Forests.
Forest A - Having Exchange Hybrid 
Forest B - OnlyExchange Online

There is a one way trust between Forest A and B ( A is dominant , B cannot do any changes in A )

So, we plan to use MIM and install it in Forest A and MIM has GalSync Agents already.

Is there any documentaion or links which I can refer to plan the solution ?

change the name

September 27, 2020, 1:56 pm
$
0
0

when I send an email my name is displayed as 'am I connected' and when received by those I send it to it is directed most occasions to 'spam'

how do i CHANGE THE TITLE BACK TO MY REAL NAME?

Sync is not happening from FIM to AD via MIM service

September 28, 2020, 9:38 am
$
0
0

Hi All,

I am facing issue while sync the user & group object from FIM portal to AD. But it works fine with AD to FIM sync.

I have defined the MPR, Sets & Workflow for inbound and outbound sync, but I am unable to find the exact issues.

Could you please help me to resolve this issue.

Thanks,

Arunabathan.G

Help about a "required" field on RCDC

September 29, 2020, 1:35 am
$
0
0

Hello all,

I have a "required" field here but I would like to know if its possible to get this field "mandatory" depending on the "UserType". Is that possible ?

<my:Control my:Name="RestaurantRef" my:TypeName="UocIdentityPicker" my:Caption="{Binding Source=schema, Path=RestaurantRef.DisplayName}" my:Description="" my:RightsLevel="{Binding Source=rights, Path=RestaurantRef}"><my:Properties><my:Property my:Name="Required" my:Value="true"/><my:Property my:Name="Mode" my:Value="SingleResult"/><my:Property my:Name="ObjectTypes" my:Value="Restaurant"/><my:Property my:Name="ColumnsToDisplay" my:Value="DisplayName,Description"/><my:Property my:Name="AttributesToSearch" my:Value="DisplayName"/><my:Property my:Name="Filter" my:Value="/Restaurant[ActiveStatusBoolean = True]"/><my:Property my:Name="ResultObjectType" my:Value="Restaurant"/><my:Property my:Name="Value" my:Value="{Binding Source=object, Path=RestaurantRef, Mode=TwoWay}"/><my:Property my:Name="ListViewTitle" my:Value="Search Restaurant Category"/><my:Property my:Name="PreviewTitle" my:Value="Restaurant Category"/><my:Property my:Name="MainSearchScreenText" my:Value="Search Restaurant Category"/></my:Properties></my:Control>

MIM Portal - Unable to process your request

September 29, 2020, 2:27 am
$
0
0

Hi experts,

MIM Portal stopped working after reboot and SharePoint 2016 Security Update installation. I am getting the below error since the reboot.
29131-image.png


I tried to configure enabling detailed error pages using the link https://social.technet.microsoft.com/wiki/contents/articles/2278.how-to-configure-detailed-error-pages-for-the-fim-portal.aspx#Enable_Detailed_Error_Pages

But No luck.

This one seems to be a generic error. I m not able to figure out the exact error as it did no report any in the event viewer except this.

29133-image.png

Any pointers would be appreciated.

Thanks and Regards, Siva Kumar Balaguru

Search

There's an error in the display configuration. Please contact your system administrator. No visual configuration is specified.

September 29, 2020, 7:14 am
$
0
0

Hi,

We recently did a migration of MIM from server to server using the Powershell based tools and am now recieving errors related to the resource control display configurations. The below is shown at the bottom of the window when trying to create new Sets for example.

"There's an error in the Set display configuration. Please contact your system administrator. No visual configuration is specified."

Looking at the RCDCs i can see most are duplicated. I've found a few entries about this (though not much!) about re-installing the FIM portal, but that's not really viable in this case. 

Is there anyway to fix the RCDCs as this is preventing us from creating or modifying MPRs, Workflows, Sets etc.

Thanks.

Adam


Access Reviews in Azure & Bulk Group Upload

September 30, 2020, 1:38 am
$
0
0
I'm trying to set up a recurring access review in Azure to track guest access to Teams Sites. Given then number of sites I have I need to be able to automatically update the access review with the current list of O365 Groups, but I'm struggling to find a way to do this. Anyone else had this problem?

MIM Job No-Start-Credentials (Authentication Fails) AD Management Agent

September 30, 2020, 10:25 am
$
0
0

Hi everyone,

I have a MIM MA that connects to our AD domain for user provisioning/deprovisioning, etc. but am seeing continuous failures in our nightly jobs with the error No-Start-Credentials and Authentication Failed.  The MA tasks are run with a Service Account with a non-expiring password that works when signing in normally, running MA jobs for another connector, and manually running the connector jobs from the Sync Manager.  It only fails when our nightly job runs (Task Scheduler that calls a script to kick off the jobs).

I am befuddled as it works everywhere else, in the same job on a different MA, and when manually kicking off jobs, but fails when the nightly tasks runs.

Thank you in advance for any input/advice you have!

Systems Engineer

Running Syncs via script

September 30, 2020, 3:10 pm
$
0
0

Hi

I have several script that run a sequence of Syncs (run profiles)

This was working for years but now the scripts report an unknow exception doing this:

Set Service = GetObject("winmgmts:{authenticationLevel=PktPrivacy}!root/MicrosoftIdentityIntegrationServer")

The Syncs continue to work when triggered manually via the FIM Sync Service Client UI.

Any clue on what I should look for as missing or damaged (dll, config, ...)?

Tks,

JD

Error while re installing the MIM service portal---Error: The creation of this directory failed:

October 1, 2020, 6:27 pm
$
0
0

I have cleared SharePoint logs and restarted system many times but not resolved this problem, please let me know how to fix it.

  • Microsoft.IdentityManagement.SolutionPackUtility.exe will deploy and/or retract the FIM solution packs. This operation may take long time in a SharePoint farm environment. 
    CAQuietExec:  Restarting "SharePoint Timer" service (sptimerv4)
    CAQuietExec:  Executing all administrative timer jobs in preparation for FIM solution pack deployment.
    CAQuietExec:  Running SharePoint jobs
    CAQuietExec:  Deploying microsoftilmportalcommondlls.wsp
    CAQuietExec:  Running SharePoint jobs
    CAQuietExec:  IDAM-GSUPMIM03 : Error: The creation of this directory failed: C:\Windows\Temp\solution-1fd27c28-3126-44a2-8644-f25f6e29fc18.
    CAQuietExec:  
    CAQuietExec:  Error - SharePoint did not confirm the deployment of the FIM solution pack microsoftilmportalcommondlls.wsp within the expected time. This operation may take long time on SharePoint farm. Specify the bigger value for "SHAREPOINTTIMEOUT" parameter. (The default value is 180 seconds)
    CAQuietExec:  Retrying installing solution microsoftilmportalcommondlls.wsp
    CAQuietExec:  Running SharePoint jobs
    CAQuietExec:  IDAM-GSUPMIM03 : Error: The creation of this directory failed: C:\Windows\Temp\solution-59bb2d03-3c2b-4d8d-b08b-f282b24e45f8.
    CAQuietExec:  
    CAQuietExec:  Error - SharePoint did not confirm the deployment of the FIM solution pack microsoftilmportalcommondlls.wsp within the expected time. This operation may take long time on SharePoint farm. Specify the bigger value for "SHAREPOINTTIMEOUT" parameter. (The default value is 180 seconds)
    CAQuietExec:  Retrying installing solution microsoftilmportalcommondlls.wsp
    CAQuietExec:  Running SharePoint jobs
    CAQuietExec:  Error - SharePoint did not confirm the deployment of the FIM solution pack microsoftilmportalcommondlls.wsp within the expected time. This operation may take long time on SharePoint farm. Specify the bigger value for "SHAREPOINTTIMEOUT" parameter. (The default value is 180 seconds)
    CAQuietExec:  Error - SharePoint did not confirm the deployment of the FIM solution pack microsoftilmportalcommondlls.wsp within the expected time. This operation may take long time on SharePoint farm. Specify the bigger value for "SHAREPOINTTIMEOUT" parameter. (The default value is 180 seconds)
    CAQuietExec:  An error occurred while deploying FIM portal solution packs. 
    CAQuietExec:  Error 0xfffffffa: Command line returned an error.
    CAQuietExec:  Error 0xfffffffa: CAQuietExec Failed
    CustomAction InstallCommonPortal returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)
    Action ended 5:54:33: InstallExecute. Return value 3.

Viewing all 6944 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>