[SUPPORT TROUBLESHOOTING] Forefront Identity Manager Synchronization Service Not Starting – Error creating com objects

PROBLEM SCENARIO In a recent issue that i was working, the Forefront Identity Manager Synchronization Service was failing to start.  In review of the Application Event Log the following was received.   APPLICATION EVENT LOG The server encountered an unexpected error and stopped. “BAIL: MMS(3176): d:\bt\37281\private\source\miis\shared\maxml\cdext.cpp(416): 0x80070057 (The parameter is incorrect.) BAIL: MMS(3176): d:\bt\37281\private\source\miis\shared\xmlpe\xstack.cpp(405): 0x80070057… Read more

KB: Microsoft Azure AD Management Agent hangs during Full Import or Delta Import

When you run a Full Import or a Delta Import on the Microsoft Azure Active Directory (Azure AD) Connector, one of the following actions occur: 1. The following error is logged in the Application Event Log: FIMSynchronizationService Event 6801 The extensible…(read more)… Read more

[INFO] Provisioning a Mail Enabled User

I’d like to cover something that I get asked about a lot: provisioning mail enabled users with FIM. In this example, I’m going to focus more on the FIM pieces and much less on the Exchange piece as I am in no way an Exchange guy. (Heck, I’m…(read more)… Read more

[INFO] Service account is not secure in its current configuration

Used to secure the following MIM PAM Service Accounts Application Pool ( For Rest API ) PAM Component Service Privileged Access Management Monitoring Service Issue: When installing the “PAM” Privileged Access Management Features you…(read more)   MIMPAM Module: https://docs.microsoft.com/en-us/powershell/identitymanager/mimpam/vlatest/mimpam PAM RESET API Service Details: https://docs.microsoft.com/en-us/microsoft-identity-manager/reference/privileged-access-management-rest-api-service-details Privileged Access Management Rest API Reference: https://docs.microsoft.com/en-us/microsoft-identity-manager/reference/privileged-access-management-rest-api-reference Privileged Access Management… Read more

[AZURE AD CONNECT SYNC SERVICES] HOWTO: Control which attribute flows to UPN

  Problem Statement / Goal In this scenario we have multiple partitions selected in a single On-Premise Active Directory Connector  We want to control which attribute flows in the Metaverse Attribute userPrincipalName based on the suffix in the userPrincipalName.  One condition would have the On-Premise Active Directory mail attribute to flow the value to the… Read more

Support-Info: (Sync): Run Profile Optimization

Products Involved Discussed Forefront Identity Manager Synchronization Service Microsoft Identity Manager Synchronization Service Purpose: The purpose of this document is to discuss from a high level how to optimally execute run profiles to effectively and efficiently reach the intended goal. Disclaimer This document will discuss the execution of run profiles simultaneously.  However, running more than… Read more

[INFO] Installing the Microsoft Identity Manager 2016 Service and Portal (With SSPR) – Clean Install

As you may be aware, the new version of identity – Microsoft Identity Manager 2016 – has been released. While the in-place upgrade of the service and portal from FIM 2010 R2 to MIM 2016 is covered in great detail here , I would like to take…(read more)… Read more