[SUPPORT TIP]: FIM CM 2010 / MIM CM 2016 Admin Key Diversification and Certificate Renewal

~ Milan Milosavljevic | Senior Escalation Engineer Hi everyone, Milan Milosavljevic here from the Microsoft Platform AD Identity support team with another support tip for you. This one is regarding an admin authentication problem when the CM smartcard profile template is configured to support Base CSP cards and the Diversify Admin Key option is enabled…. Read more

Support-Info: (RUN HISTORY): How to use the MIIS_RunHistory WMI Class

  PURPOSE The purpose of this article is to provide an illustration of how to utilize the WMI Namespace Provider, MicrosoftIdentityIntegrationServer, to pull information about the Run History (Operations Tab).   Through the MIIS_RunHistory class, we can gather information about each run. For successful objects, we can only grab numbers. If there is a synchronization error,… Read more

[SUPPORT TIP] How to delete a single group from the Identity Management Portal using PowerShell

PURPOSE The purpose of this blog is to illustrate how to delete a single group in the FIM Portal. SCRIPT #———————————————————————————————————- set-variable -name URI -value “http://localhost:5725/resourcemanagementservice’ “ -option constant #———————————————————————————————————- function DeleteObject { PARAM($objectType, $objectId) END { $importObject = New-Object Microsoft.ResourceManagement.Automation.ObjectModel.ImportObject $importObject.ObjectType = $objectType $importObject.TargetObjectIdentifier = $objectId $importObject.SourceObjectIdentifier = $objectId $importObject.State = 2 $importObject |… Read more

Now Available: MIM 2016 June Preview

Today we’re making available early access via technology previews (CTP) of some of the “work in progress” changes for MIM 2016. These changes are intended for inclusion in future hotfixes, service packs and new versions of Microsoft Identity Manager. The CTP has an EVAL license and is not intended for production use, customers who have… Read more

[FIM Portal Access] The server principal is “S-1-9-3….” is not able to access the database. “FIMService” under the current security context

Hi Everyone! Over the past couple of days we have been working on an issue related to portal access where the root cause was not immediately evident and took some digging to get to. Just to clarify the overall problem; when attempting to access the portal we were seeing a pretty common error from FIM/MIM… Read more

[SUPPORT TIP] How to manipulate the email suffix on Primary SMTP proxyAddress

Hello Again, GOAL Modify the primary SMTP Email Suffix within the ProxyAddresses attribute. The challenge here is to be able to loop through the proxyAddresses collection and modify a single piece of information on a single line item in the proxyAddresses collection. I was able to accomplish the given task through the following steps. Open… Read more

[SUPPORT TROUBLESHOOTING] Group Objects Sync Error: Error in evaluation of expression – securityEnabled

Hello again! So today was working on an issue where I was attempting to synchronize groups and experienced several different exceptions that prevented the synchronization of groups. In attempting to synchronize a group an exception is thrown. Exception Error in evaluation of expression: CBool(BitAnd([groupType],-2147483648)) . Sync Rule: In from AD – Group Common Destination: securityEnabled… Read more

Support-Tip: (AADCONNECT): Filtering – Control which groups sync to O365

Hello again! Today, I wanted to share a simple scenario that I recently worked on to control which groups get synchronized to O365 (Azure). This is very similar to filtering with users. I am using one of the latest builds of Azure AD Connect and will be using the cloning feature of Azure AD Connect… Read more