This page summarizes the posts I’ve made relating to Microsoft / Forefront Identity Manager. Mostly posts associated with troubleshooting installation and configuration and bespoke management agents that I’ve developed using the Granfeldt PowerShell Management Agent.
This post details how to install, configure and use the Lithnet.PoshBot Plugins with Slack or Teams. Your Service Desk/Identity Operators can then query the MIM MetaVerse or MIM Service using the Lithnet IdentityBot from Teams and/or Slack.
ChatOps for Microsoft Identity Manager
Also see ChatOps for Azure Active Directory
Further below on this page you will find working bespoke management agent examples for;
Active Directory, Active Directory Photos, Azure Active Directory, Azure Active Directory Business to Business (B2B), Azure MFA, Exchange, Exchange Online, Dynamics 365 Finance & Operations, Have I Been Pwned, Home Directories, Lotus Notes, Office365, Oracle Internet Directory / LDAP Password Sync, RACF, Sailpoint IdentityNow, SharePoint Online, Skype for Business / Lync, Terminal Services, Twitter, Workday and xMatters.
As I post more I’ll try to keep this page updated. But you can also always use the categories, search and tags. Jump to the bottom of this page for links to posts associated with errors encountered during installation configuration.
First up, you can get it from GitHub here. Søren’s documentation is pretty good but does assume you have a working knowledge of FIM/MIM and posts on this blog post are no different. Configuration tasks like adding additional attributes the User Object Class in the MIM Portal, updating MPR’s, flow rules, Workflows, Sets etc are assumed knowledge and if not is easily Bing’able for you to work it out.
Three items I had to work out that I’ll save you the pain of are;
If you receive HRESULT 0x80230729 creating a new FIM/MIM Management Agent checkout this post.
From version 5.6.3.2022 there are new configuration items for Auxiliary Username and Password and additional configuration options. For more details see the Using the new Granfeldt FIM/MIM PowerShell Management Features post.
For more advanced functions such as logging to the Windows Application Event Log, Differential Sync, Paged Imports and Password Sync see the following examples.
Rather than output logging to a text file, send Informational, Warning and Error events to the Windows Application Event Log.
Sending Granfeldt PowerShell Management Agent Events to the Windows Application Event Log
See these two posts on how to configure the Granfeldt PowerShell Management Agent to page the import of data into Microsoft Identity Manager as well as configuring Delta Synchronization for Azure Active Directory.
How to configure Paged Imports on the Granfeldt FIM/MIM PowerShell Management Agent
Multi-Threading Granfeldt PowerShell Management Agent Imports with Workday as an example.
See these two posts on how to configure the Granfeldt PowerShell Management Agent to synchronize passwords.
Synchronizing Passwords from Active Directory to the IBM/Lotus Domino Identity Vault using Microsoft Identity Manager – Part 3
Perform nightly backups of your MIM development environment including the MIM Sync Server, Management Agents, MIM Service, and Management Agents extensions. Nightly generation of the MIM Service and Sync Configuration and generation of a web page with the backups and configuration reports.
Automated Microsoft Identity Manager Configuration Backups & Documentation to Azure
FIM / MIM Synchronising between multiple Active Directory Forests separated by firewalls fails with the error Kerberos-no-logon-server on Active Directory Management Agent Export.
Diagnosing FIM/MIM ‘kerberos-no-logon-server’ error on an Active Directory Management Agent
Dynamic Active Directory User Organisational Unit (OU) placement
See this post on how to configure the Granfeldt PowerShell Management Agent to connect to Azure Active Directory.
This post details building a Granfeldt PowerShell Management Agent to manage Azure AD Groups.
This post details a Granfeldt PowerShell Management Agent for Azure AD Users (partial attribute set) using MIM Paged Imports
How to configure Paged Imports on the Granfeldt FIM/MIM PowerShell Management Agent
See these posts on how to configure the Granfeldt PowerShell Management Agent to connect to Azure Active Directory for managing Azure AD B2B.
Automating Azure AD B2B Guest Invitations using Microsoft Identity Manager
How to use the FIM/MIM Azure Graph Management Agent for B2B Member/Guest Sync between Azure Tenants
A management agent for Azure MFA to obtain user Azure MFA registration information for use with reporting on who’s registered for Azure MFA and with what methods.
An Azure MFA Management Agent for User MFA Reporting using Microsoft Identity Manager
The Microsoft Azure AD Graph Connector integrates Azure AD with Microsoft Identity Manager. Not performing a sync for 30 days will result in stopped-extensible-extension-error .
See these three posts on how to configure the Granfeldt PowerShell Management Agent to connect to Exchange Server.
Configuring Remote PowerShell to a Remote Active Directory Forest for FIM/MIM GalSync
See this post on how to configure the Granfeldt PowerShell Management Agent to provision Exchange Online Mailboxes against On Premise Exchange Server.
Provisioning Hybrid Exchange/Exchange Online Mailboxes with Microsoft Identity Manager
See this post on generating the Granfeldt PowerShell Management Agent Schema Definition File script.
Automate the Generation of a Granfeldt PowerShell Management Agent Schema Definition File
Recovering from Granfeldt PowerShell Management Agent Schema HRESULT: 0x80231343 Error
Granfeldt PowerShell Management Agent Schema HRESULT: 0x80231343 Error
This post shows building an HRM Management Agent for Dynamics 365 Finance & Operations using the Granfeldt PowerShell Management Agent and the Dynamics 365 FO Integrations PowerShell Module.
A Dynamics 365 Finance & Operations Management Agent for Microsoft Identity Manager
See these three posts on how to configure the Granfeldt PowerShell Management Agent to connect to leveraged Have I Been Pwned Password Data.
Identifying Active Directory Users with Pwned Passwords using Microsoft/Forefront Identity Manager
See this post on how to configure the Granfeldt PowerShell Management Agent to manage Windows Home Directories.
Three of these four posts detail how to configure the Granfeldt PowerShell Management Agent to synchronise passwords to IBM Domino/Notes Password Fault.
Getting the System.NotImplementedException: The method or operation is not implemented error when synchronising passwords to Lotus Notes? Checkout this post.
See these two posts on how to configure the Granfeldt PowerShell Management Agent to connect to Azure Active Directory for managing Photos and Office365 Licenses.
Office365 Licensing Management Agent for Microsoft Identity Manager
An example Granfeldt PowerShell Management Agent to connect to Oracle Internet Directory using LDAP.
Microsoft Identity Manager PowerShell Management Agent for Oracle Internet Directory
A rudimentary RACF Management Agent using the Granfeldt PowerShell Management Agent.
A Rudimentary RACF Management Agent for Microsoft Identity Manager
A management agent for SailPoint IdentityNow Roles.
SailPoint IdentityNow Roles Management Agent for Microsoft Identity Manager
A management agent for Sailpoint IdentityNow Governance Groups.
SailPoint IdentityNow Governance Groups Management Agent for Microsoft Identity Manager
See this post on how to configure the Granfeldt PowerShell Management Agent to connect to SharePoint Online for managing SharePoint Online User Profiles.
Managing SharePoint Online (SPO) User Profiles with FIM/MIM 2016 and the Granfeldt PowerShell MA
See this post on how to configure the Granfeldt PowerShell Management Agent to connect to provision users to Lync/Skype for Business.
See this post on how to configure the Granfeldt PowerShell Management Agent to manage User Active Directory Terminal Services Profile configuration.
See this post on how to configure the Granfeldt PowerShell Management Agent to connect to Twitter.
A Twitter Management Agent for Microsoft Identity Manager
See these posts on how to configure the Granfeldt PowerShell Management Agent to connect to Workday HR.
Building a Microsoft Identity Manager PowerShell Management Agent for Workday HR
Multi-Threading Granfeldt PowerShell Management Agent Imports with Workday as an example
See this post on how to configure the Granfeldt PowerShell Management Agent to connect to xMatters.
Building a FIM/MIM Management Agent for xMatters
This section contains a bunch of posts relating to errors installing and configuring Microsoft Identity Manager.
Error 25009 HResult 0x80131700 when installing Microsoft Identity Manager
Microsoft Identity Manager Service and Portal Setup Wizard ended prematurely
Microsoft Identity Manager Graph Connector stopped-extensible-extension-error
Granfeldt PowerShell Management Agent Schema HRESULT: 0x80231343 Error
Microsoft Identity Manager “sync-rule-validation-parsing-error” error
Microsoft Identity Manager Sync Server HResult 0x80040E14 Error
Cannot load Windows PowerShell snap-in MIIS.MA.Config on Microsoft Identity Manager 2016 SP1
This website uses cookies.