fim2010R2

Microsoft Identity Manager online resources (#MIM2016)
  1. Quick note on Microsoft Learn & Docs
  2. Microsoft news and announcements
    1. Microsoft Product support lifecycle
    2. Feeds
  3. Official documentation – Microsoft
    1. Getting prepared
    2. Best practices
    3. Deployment documentation
    4. MIM for developers
    5. MIM reference material
  4. Github
    1. (Microsoft) MIM Configuration Documenter
    2. (Microsoft) Workflow Activity Library (WAL)
    3. MIM projects
  5. Microsoft Community
    1. Forums (Active)
    2. Microsoft Answers
    3. Forums (Achive)
    4. Technet blogs archive
    5. Experts Exchange
    6. Microsoft Wiki
      1. FIM/MIM related content (check the tags)
      2. ILM/FIM/MIM article overview
      3. ILM/FIM/MIM Troubleshooting
    7. The FIM/MIM geek blogs & posts…
  6. Social Media
    1. Facebook
    2. Twitter
  7. Books
    1. Online Companion guide for MIM 2016 book
  8. Visio Stencils
  9. Archives
    1. Microsoft Learn – previous versions

Quick note on Microsoft Learn & Docs

A while ago Microsoft moved from Docs (Docs.microsoft.com) to Learn (Learn.microsoft.com), but still some older information might point to the Docs links. In case the redirect fails, replace the docs prefix in the URL to learn an try again.
If it still fails, Bing it and let me know.

Microsoft news and announcements

Microsoft Product support lifecycle

https://docs.microsoft.com/en-us/lifecycle/products/?terms=Identity

Feeds

Official documentation – Microsoft

Getting prepared

Supported platforms: https://learn.microsoft.com/en-us/microsoft-identity-manager/microsoft-identity-manager-2016-supported-platforms

Best practices

https://learn.microsoft.com/en-us/microsoft-identity-manager/mim-best-practices

Deployment documentation

MIM for developers

MIM reference material

Github

(Microsoft) MIM Configuration Documenter

https://github.com/microsoft/MIMConfigDocumenter

(Microsoft) Workflow Activity Library (WAL)

https://github.com/microsoft/MIMWAL

MIM projects

https://github.com/search?q=mim2016

Microsoft Community

Forums (Active)

Microsoft Answers

Forums (Achive)

Technet blogs archive

Technet blogs archive: https://learn.microsoft.com/en-us/archive/blogs/

Experts Exchange

Microsoft Wiki

FIM/MIM related content (check the tags)

ILM/FIM/MIM article overview

https://social.technet.microsoft.com/wiki/contents/articles/3610.fim-2010-mim-2016-related-wiki-articles.aspx

ILM/FIM/MIM Troubleshooting

https://social.technet.microsoft.com/wiki/contents/articles/3610.fim-2010-mim-2016-related-wiki-articles.aspx#FIM_Troubleshooting_Article

The FIM/MIM geek blogs & posts…

Below you’ll find some interesting and helpful articles and posts (some of the are old/archived… But still valid for MIM too.)

In alphabetic order (on last name)

Social Media

Facebook

Twitter

Books

Online Companion guide for MIM 2016 book

Visio Stencils

https://github.com/PeterGeelen/Microsoft-Identity-Manager/tree/main/FIM-MIM%20stencils

Archives

Microsoft Learn – previous versions

https://learn.microsoft.com/en-us/previous-versions/windows/desktop/forefront-2010/ee652263(v=vs.100)

#MIM2016 Troubleshooting: SQL Connection issues

On TNWiki you’ll find my latest article on MIM 2016 troubleshooting.

MIM 2016 Troubleshooting: SQL Connection issues

This week I got (dragged into/) involved in a MIM 2016 performance troubleshooting, on a test / dev server, facing a large bunch of errors.

The first detection happened on the sync server, but apparently rather it’s twin brother was causing the issues.

It became pretty quickly obvious that MIM was not able to connect to (one of) it’s databases on the SQL server, so the sync engine was unable to pull information from the MIM service.

Also bizar, we could still work on the MIM sync GUI, but almost any MA action in the GUI failed…

Furthermore the Portal did not respond and finally the “MIM Service” service, didn’t behave as expected, not willing to start.

The event viewer contained the obvious amount of errors…

Finally,  the SQL DBA to the rescue.

I’ve added a lot of significant technical event info into the article, to make it easy to search for you, for later reference.

Read the tech details in: MIM 2016 Troubleshooting: SQL Connection issues

Updated: 2020-12-29

Note-to-self: #MIM2016 & #FIM2010 Config documenter released on GitHub

Source: Announcement on MIM 2016 Group on LinkedIn by  Jef Kazimer

Source Code: https://github.com/Microsoft/MIMConfigDocumenter

Jef announced that the Identity Community Projects team has published the MIM Config Documenter tool to the Microsoft GitHub Organization as an open source community project.

The MIM configuration documenter is a very nice and easy tool to generate documentation of a MIM / FIM synchronization or service installation.

It allows to: 

  • Document deployment configuration details for the MIM / FIM solution, including MIMWAL Workflow definitions
  • Track any configuration changes you have made since a specific baseline
  • Build confidence in getting things right when making changes to the deployed solution

You can find the project code, releases, and documentation at https://github.com/Microsoft/MIMConfigDocumenter

 

#MIM2016 Troubleshooting: Uninstall fails with error – Administrator privileges are required to run installer. Please re-launch installer with administrator privileges.

I’ve got a new post up on TechNet Wiki about MIM2016 troubleshooting:

Full version at the TNWIKI: MIM2016/FIM2010 Troubleshooting: Uninstall fails with error – Administrator privileges required

Feel free to add useful information yourself, I’m looking forward to your feedback and cooperation to make it better.

The short version is below.

Rikard Strand Jump has published a similar article, which has served as baseline for this article. Rik’s article is focussed on DirSync, but the troubleshooting below is more widely applicable and even programs not related to FIM/MIM/DirSync…

When you try to uninstall or to change the component from the Control Panel > Programs (Uninstall a program), you get a error pop up, saying:

Administrator privileges are required to run installer. Please re-launch installer with administrator privileges.
 
There are some troubleshooting steps, including running the Control Panel in administrator mode.
 
If that doesn’t work, you need to find the uninstaller info in the registry and run the msiexec command with the uninstaller info.
Open the registry editor and navigate to

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\

In this directory you’ll find the installed programs with their GUID, which is mostly fixed per application.

Eg

  • MIM 2016: {5A7CB0A3-7AA2-4F40-8899-02B83694085F}
  • DirSync/AADConnect: {C9139DEA-F758-4177-8E0F-AA5B09628136}

And finally, the quick and dirty option is to kill the uninstall registry key before your run the uninstall from the control panel again

In case of MIM2016
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5A7CB0A3-7AA2-4F40-8899-02B83694085F}
 
You know the usual warning: I didn’t tell you to delete the registry key.

Last update: 2020-12-30

Note-to-self: Hotfix rollup package (build 4.4.1459.0) is available for #MIM2016 SP1

Microsoft has released an hotfix for MIM2016 SP, with an awful lot of updates and improvements.. to much to list… but more to read:

See here: https://support.microsoft.com/en-us/help/4012498/hotfix-rollup-package-build-4-4-1459-0-is-available-for-microsoft-iden

Last update: 2020-12-30

Note-to-self: Got #MIM2016 product feedback, feature wish list? aka.ms/mimfeedback

Very short note-to-myself (#memory-function-on)…

David Steadman, respected @fimguy, now  @TheMIMGuy posted an interesting poke…

So, got any constructive suggestion, move over to that feedback page at: https://aka.ms/mimfeedback

(Last update: 2020-12-31)

Microsoft released #MIM2016 Service Pack 1 UPDATE package

Source: https://aka.ms/mim2016sp1upgrade

Since the release of MIM 2016 SP1 just a few weeks ago, Microsoft received significant feedback from the community, their partners and customers regarding the upgrade paths for the service pack.

8th of November, Microsoft announced the availability of the MIM 2016 SP1 Update MSP.

This MSP allows current customers on MIM 2016 RTM, or any hotfix build since 2016 RTM to perform an in-place upgrade to the current build of this MSP (4.4.1302.0).

The supported in-place upgrade scenarios are outlined in the table below. To obtain this update, please click here.

Please note, an updated MSI for new implementations is likely to be released soon.

Carefully check the upgrade paths, as this MSP cannot be applied to build 4.4.1296.0 (MIM 2016 SP1 RTM).

The download page explicitly mentions: “MIM 2016 RTM Versions to update their infrastructure to the latest SP1 Build without complete uninstall. Customers already on MIM 2016 SP1 (4.4.1237) can not install this patch. 

Supported Operating System

Windows Server 2012, Windows Server 2012 R2, Windows Server 2016

MIM 2016 RTM or one of the following hotfix builds: 4.3.2064.0 4.3.2195.0 4.3.2266.0″

Initial Build Hotfix Applied Build after SP1 Update
RTM None 4.4.1302.0
RTM 4.3.2064.0 4.4.1302.0
RTM 4.3.2064.0, 4.3.2195.0 4.4.1302.0
RTM 4.3.2195.0 4.4.1302.0
RTM 4.3.2266.0 4.4.1302.0

Additionally, for customers running Office 2010 needing the x86 Add-ins and Extensions, do not update using this MSP, a forthcoming hotfix will be made available in the coming months.

If you have any comments for the Product Group, please send us an email at: mim2016@microsoft.com

(Last update: 2020-12-31)

#FIM2010 & #MIM2016 Error 25009 fun stuff on #TNWiki

For the FIM Geeks, I’ve submitted some new FIM/MIM 25009 event troubleshooting articles on TechNet Wiki (http://aka.ms/Wiki)

Plus, a page the collects all the 25009 troubleshooting resources, including lots of fun stuff of Tim Macauly.

If you got more of this 25009 fun stuff yourself, feel free to add your articles and add them to the collection page.

Updated: 2020-12-30

A hotfix rollup package (build 4.1.3765.0) is available for #FIM2010

Source: https://support.microsoft.com/en-us/kb/3171318

Issues that are fixed and features that are added in this update

This update fixes the following issues and adds the following features that were not previously documented in the Microsoft Knowledge Base.

FIM Certificate Management

  • Issue 1 A smart card search takes 3.5 minutes on an idle server. Additionally, the search never ends if the server is stressed.
  • Issue 2 The Duplicate Revocation Settings policy is replaced because some users could not set it.
  • Issue 3 There is a redundant space in the “Profile Summary” string on the Request Complete page for some languages.

FIM Synchronization Service

  • Issue 1 In a metaverse search and when you view the object, there is a Last Modified field. But when you sort that field, it sorts as a generic text field instead of as a date field.
  • Issue 2 Error messages (such as Event ID 6313) are logged in the event log. Additionally, performance counters don’t work.
  • Issue 3 The Sync Service crashes when you run a Full Synchronization process that has Equal Precedence set for attributes that exist in IAF or EAF.
  • Issue 4 When an incorrect page size (either less than the minimum or more than the maximum) is used for the run profile of the ECMA2 management agent, the size value quietly changes to the minimum or the maximum after you click Finish.
  • Issue 5 An error message from the Management Agent cannot be parsed if it contains some special symbols. Therefore, the error message doesn’t appear in the error list as expected, and a non-informative error window appears.
  • Issue 6 You receive a “Reference to undeclared entity ‘qt'” error message when you run the history process and the history text contains the “greater than” symbol (>).
  • Issue 7 Under certain conditions, the file selection dialog box does not appear on the MA configuration wizard pages.
  • Issue 8 A “MEMORY_ALLOCATION_FAILURE” error occurs in the Performance Monitoring tool when the performance data .dll file cannot open the process.

FIM Portal

  • Issue 1 Multivalued labels are displayed incorrectly in a single line in the UI.

FIM Service

  • Issue 1 During an Export process between the Synchronization and FIM Service, the msidmCompositeType request may fail if some multivalued string attribute value is changed in the scope of the Export session. This behavior affects performance.
  • Issue 2 In SharePoint Server 2013 and later versions, if you change a workflow or update an email template by using the FIM Portal, the version is automatically updated to 4.0.0.0. This causes a system error message during processing.

BHOLD

  • Issue 1 When you add a user to an organizational unit (OU) that has some incompatible permissions in the OUs role, all the incompatible permissions are assigned.
  • Issue 2 Some issues are fixed for attribute-based authorization (ABA) roles that are assigned to a user when the roles have incompatible permissions.
  • Issue 3 When you use the Access Management Connector to provision new OUs with a parent OU, all the parent OU roles are inherited but are also disabled.
  • Issue 4 An error occurs in BHOLD during installation in Internet Information Services (IIS) 10.
  • Issue 5 If two or more roles assigned to a user who has the same permissions as the roles, and the roles use the endDate attribute, you cannot extract a user permission that has the latest date.
  • Issue 6 An email alias is truncated if it is longer than 30 characters.

Updated: 2020-12-30