Category Archives: FIM

Query the FIM Synchronization Service Database using SQL

Posted on by No Comments ↓

Often times when managing a FIM / MIM implementation you may find that you need information that is not available to you via the Synchronization Service Manager tool. An alternative method for getting that information is by directly querying the FIM Sync database. It should be noted that this is not a Microsoft supported method for retrieving FIM Synchronization data as there is risk in creating a lock on a record with your query at the Continue reading Query the FIM Synchronization Service Database using SQL

How to Disable Stale (Inactive) Accounts in AD via FIM

Posted on by No Comments ↓

A common requirement for organizations is to disable Active Directory (AD) accounts when the account is stale (inactive). Often times the IT department will run a script directly against their AD that will identify those accounts, and then disable and move them to a specified OU. While this is effective for many, it will likely cause problems in an organization where FIM is authoritative for user accounts. In these cases, FIM may reverse the change by moving Continue reading How to Disable Stale (Inactive) Accounts in AD via FIM

Installing the MIMWAL

Posted on by 6 Comments ↓

The MIMWAL is the publically released version of the FIM WAL v1 and FIM WAL v2 that were previously only available to Microsoft engagement engineers. The MIMWAL is described by Microsoft as a “powerful solution accelerator for MIM / FIM that provides foundational activities which can be combined to create complex workflows to implement business processes within a MIM / FIM solution simply by configuration instead of coding for days and months.” It is very exciting Continue reading Installing the MIMWAL

Forcing Users to Register for FIM Self Service Password Reset – SSPR

Posted on by 2 Comments ↓

You have implemented FIM Self Service Password Reset (SSPR) to reduce the number of calls to your Help Desk. After a few months the Help Desk is reporting that users are still calling to have their passwords reset. You pull a report and find that a significant number of users have not registered for SSPR. In this blog post we will detail an option that forces users to register for SSPR thereby increasing your return on investment (ROI) for its implementation. Continue reading Forcing Users to Register for FIM Self Service Password Reset – SSPR

Provisioning to AD Using the MIMWAL

Posted on by No Comments ↓

In January of 2016 Microsoft made the MIMWAL publically available. The MIMWAL is a Workflow Activity Library (WAL) for building complex workflows in the Microsoft Identity Manager (MIM) 2016 and Forefront Identity Manager (FIM) 2010 R2 solution. For more information about the MIMWAL to include project source code, releases and documentation, and discussion forums visit http://microsoft.github.io/MIMWAL/. As a Microsoft Partner, we have had access to the MIMWAL prior to it being released to the public. We have utilized Continue reading Provisioning to AD Using the MIMWAL

Reporting on FIM SSPR

Posted on by 1 Comment ↓

If you have installed FIM Self Service Password Reset (SSPR), chances are that management will want to know what sort of return they are getting on their investment. One way to determine ROI on FIM SSPR is to look at the number of phone calls the Help Desk receives for password resets before and after its deployment. However, management will likely want more concrete evidence that it’s the deployment of SSPR that is lowering the number of calls. In this blog Continue reading Reporting on FIM SSPR

Don’t Forget to Move FIM SQL Server Agent Jobs When Moving Backend FIM Databases

Posted on by No Comments ↓

If you are moving your FIM databases from one database server to another, it is important to also bring over the default FIM Jobs. These SQL Server Agent Jobs are stored in the msdb System Database and will not come over with your FIM databases. To move these jobs, Open SQL Server Management Studio, expand SQL Server Agent and expand Jobs. Note: You will see 9 FIM related jobs (we’re running FIM 2010 R2), all Continue reading Don’t Forget to Move FIM SQL Server Agent Jobs When Moving Backend FIM Databases

FIM or MIM Installation Error – Wizard Ended Prematurely

Posted on by No Comments ↓

Have you received the following error installing FIM/MIM? Most likely you have because there are many prerequisites that must be met for a successful install. And what makes matters worse, the error message reported is very non-descript and there are rarely any useful information found logged anywhere on the computer. And finally, the setup wizard requires many inputs from the user and when you re-run it, the previously entered information has to be re-entered. Arghhhh!!!! Continue reading FIM or MIM Installation Error – Wizard Ended Prematurely

Synchronizing Country from FIM to Active Directory

Posted on by No Comments ↓

Question: What do “c”, “co”, and “countryCode” all have in common? Answer: They are all attributes found on user objects in Active Directory (AD) that represent a user’s country. So, why is this the focus of a blog post? Well, it makes synchronizing a user’s country from FIM to AD a bit more complex than one would initially think. For starters, one might ask, “which attribute do I synchronize to?” Then the next question could be, “when I change Continue reading Synchronizing Country from FIM to Active Directory

Missing State Attribute in MIM

Posted on by No Comments ↓

What? No State…? Something that I’ve always found peculiar is that “State/province” is not a default attribute in the MIM Portal. One of the main Directory Services systems that we synchronize with is Active Directory (AD). AD has “State/Province” because it’s useful information to include with a user’s identity. And when deploying MIM to an organization, one of the objectives is to provision users from the MIM Portal. In this blog post, I will detail Continue reading Missing State Attribute in MIM