Hi,
Forefront Identity Manager 2010 R2 SP1 is supposed to have Exchange 2013 support. In the AD MA I see only Exchange 2007 and Exchange 2010 listed as options for Exchange provisioning.
According to the following article:
http://technet.microsoft.com/en-us/library/aa998597(v=exchg.150).aspx
There should be an option to specify Exchange 2013. I don't see this at all. I'm running Forefront Identity Manager 2010 R2 (4.1.3419.0).
Anyone see Exchange 2013 listed or know a fix?
Thanks,
Stefan
Hello,
i'm a beginner in FIM.
i want to understand why Full Import for FIM MA does not importing objects? i have these statistics in "Synchronization Statistics":
After Full Sync , i have these statistics :
No projections, no joins ? what are the probable causes for that ?
Regards
Hello everybody,
I have an issue on FIM portal after deleting person object.
On FIM Portal, I have an error message: access denied.
I'm on 4.1.3496.0 version.
On event viewer, I see following deadlock:
Microsoft.ResourceManagement.WebServices.Exceptions.UnwillingToPerformException: Other ---> System.Data.SqlClient.SqlException: Reraised Error 1205, Level 13, State 51, Procedure CalculateRequestSetTranstionsMembershipConditionEvaluation, Line 2298, Message: Transaction (Process ID 54) was deadlocked on lock resources with another process and has been chosen as the deadlock victim. Rerun the transaction.
at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj)
at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
at System.Data.SqlClient.SqlDataReader.ConsumeMetaData()
at System.Data.SqlClient.SqlDataReader.get_MetaData()
at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString)
at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async)
at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, DbAsyncResult result)
at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method)
at System.Data.SqlClient.SqlCommand.ExecuteReader(CommandBehavior behavior, String method)
at System.Data.SqlClient.SqlCommand.ExecuteReader()
at Microsoft.ResourceManagement.Data.DataAccess.DoRequestCreation(RequestType request, Guid cause, Guid requestMarker, Boolean doEvaluation, Int16 serviceId, Int16 servicePartitionId)
--- End of inner exception stack trace ---
Did you ever see that ?
Thank you.
Antho
I have created a Multivalued Reference Attribute (D_Groups). but neither i can edit it nor browse any data for that.
it looks like this.
How to fix it?
Hello,
I'am using SSPR with google chrome browser and i'am pormpted , when i click OK without writing anything it's ok.
With IE i'am not prompted
Any idea about kerberos and google chrome ??
Thanks
Hi,
I'm installing FIM 2010 R2 SP1 with Reporting feature.
It is going to be installation with separate SQL and separate servers for SCSM DW and SCSM MS.
I have SQL where I prepared 3 instances (default one for FIM databases, one for SCSM SM databases, one for SCSM DW databases). My question is - which one of them should have SQL Reporting services installed?
Borys Majewski, Identity Management Solutions Architect (Blog: IDArchitect.NET)
Hi,
I am trying to implement configuration for fim 2010 r2 password registration language pack.In my environment Password Registration and Password Reset portal working fine but now want to implement multi Language senario specially for Hindi Language.I installed
language pack in Password Registration and Reset Machine and do some configuration for Hindi Language like first create one Set,Workflow and MPR for Hindi Language and also create Customization folder in root directory of FIM Password Registration and Reset
and also create a Strings.hi-IN.Resources file in Customization folder but this is not reflected in my environment this take English Language by default.So please suggestiom me where i am wrong.
and also provide some setting for Hindi Language in Internet Explorer(Browser).
Regards
Anil Kumar
Hi,
I use a display name format of lastname, firstname so I'm trying to use EscapeDNComponent to escape the comma. However, I get an error when the WF executes:
Object Reference not set to an instance of an object
If I use "DisplayName" directly, the WF generates the correct string.
My customexpression looks like so:
EscapeDNComponent("CN=" + DisplayName)
I'm sure its bombing out at this point. If I remove the CustomExpression and do a simple "CN=" + DisplayName, the correct string is generated (but ofcourse that won't work when provisioning to AD)
Also, I'm trying to use this as part of a function evaluator which constructs the DN then passes it to the sync rule. Is there a limitation that EscapeDNComponent cannot be used inside a function evaluator?
Thanks
I have two providers for internet:
1- ADSL
2- FiberLine
I want to make group of users be on the Fiber line, remaining on the ADSL line.
Using forefront TMG>>>>>
by use ISP Redundancy or other, I don't care, it is important to identify each user on line what I want for each users.
Possible? if yes,,, how?~~~
thanksHi,
We have a requirement to have the same users in 2 separate forests, Forest A and Forest B. So users from Forest A are also created in Forest B via FIM.
FIM Sync, Portal and SSPR is deployed in Forest A.
Users log unto workstation in Forest B, where they need to be able to change their passwords, using the traditional cntrl-alt-del routine; these passwords need to be replicated to Forest A.
Additionally users in Forest B must be able to reset their passwords using the FIM add-ins and extensions, as well as via the SSPR Portal which is hosted in Forest A. So effectively, password changes in Forest A must also be replicated to Forest B.
Since PCNS is unidirectional - is the above actually possible?
thanks,
DW
Hi *.*,
I almost finished a FIM 2010 R2 implementation, and it looks like it's working nicely. However, I want to use it for mail-enabled distribution and security groups management and I'm facing two typical issues:
I have taken a peek to the RCDC XML "Configuration for Group Creation". I can perfectly identify theEmailEnabling and Alias controls, but I don't get the logic that decides if it is going to be shown (SG) or not (DG).
So my questions:
Thank you so much,
Carlos
PD: For example, identified EmailEnabling control in RCDC, in case you want to comment it:
<my:Control my:Name="EmailEnabling" my:TypeName="UocCheckBox" my:Caption="%SYMBOL_EmailEnablingCaption_END%" my:Description="%SYMBOL_EmailEnablingDescription_END%" my:AutoPostback="true" my:RightsLevel="{Binding Source=rights, Path=Email}"><my:Properties><my:Property my:Name="Text" my:Value="%SYMBOL_EmailEnablingValue_END%"/></my:Properties><my:Events><my:Event my:Name="CheckedChanged" my:Handler="OnChangeEmailEnabling"/></my:Events></my:Control>My scenario is that when the new user is created in the Forefront Identity Manager then the administrator should get the alert in his mail box that the new user has been created.
Please guide me with the proper steps.
Your response will be higly appreciated
Regards,
Aman Khanna
There are few Distribution Groups on O365(which is on Cloud) andthese Distribution groups are not in Active Directory.
so CAN FIM directly manage those distribution Groups exist on O365(which is on cloud).
please suggest some thing.
Hello,
I have a CSV management agent, i know that we can only do a delta export.
How without using SSIS can i run a full export in the csv file ?
Any idea
Hi all
Quick question... I know that Datacard IDWorks Enterprise is supported for FIMCM when using with smartcard printing, but the question is, is Datacard IDCentre Gold also supported? For what I've heard, they are the same product.
Hi All,
I have a requirement to perform cross forest exchange migration. Below link with ILM sample code helps to create mail enabled users. I am looking for the similar sample code for FIM 2010 or des FIM 2010 provides this out of box ?
http://technet.microsoft.com/en-us/library/ee861124(v=exchg.141).aspx
Regards,
Hi,
I am looking for a way to extract stats/reports for a customer around Self-Service Password Reset of ROI information.
e.g.
1.How many users have registered
2.List of account and displayname of users that have registered.
2.List of account and displayname of users that have not registered yet
3. How many user have successfully been able to reset there passwords for the week/month
4.Nice to have would be a more detailed report on password resets. e.g time of day, resets per day etc.
This customer does not have the FIM Reporting component installed and need to extract this from the FIM service DB.
Any info would be appreciated.
I am implementing FIM R2 SP1 on win 2012 servers and migrating FIM 2010 RTM configurations to the new environment. Some of the custom Sets, MPRs etc did not import correctly into the new portal and when I try to manually add a set or alter an MPR I recieve the following error
Error processing your request: The operation was rejected because of access control policies.
Reason: The operation failed as a result of insufficient access rights.
Attributes: ActionParameter,ActionType
Correlation Id: 11a13390-6a1f-4776-a796-fd0f05101120
Request Id:
Details: No policy grants the Requestor permission to complete all changes.
I have tried enabling "all attributes" in "Administration: Administrators control set resources" and "Administration: Administrators control management policy rule resources" and recieved the same errors. I am logged in as the user who installed the portal and it is a member of the administartors set.
What am I missing? Any ideas welcome please.
Within FIM 2010 R2 I have created 2 sets called "Password Expiration Notification (7 Days)" and "Password Expiration Notification (Tomorrow)", the criteria I have set to populate these sets is:
Select users that match all of the following conditions:
Password Last Set prior to 35 days
User account control = 512
and
Select users that match all of the following conditions:
Password Last Set prior to 41 days
User account control = 512
Our domain password policy stipulates passwords should be changed every 42 days.
I've have the sets populating correctly and have followed the tutorial here http://setspn.blogspot.co.uk/2010/10/fim-send-password-expiration.html to setup the workflows, email templates and MPRs to send an email to the user when they transition into one of the above sets.
It is sort of working, in the sense it is sending emailed but when I look at the System Event Requests that appear under Search Events emails are only being sent to users who password have already expired and not all of the members of the sets.
Anybody able to suggest a reason why emails are not being sent to all members of the sets?