MIMFIMMA Creation: Failed to connect to the specified database or Forefront Identity Management Service

Are you having issues creating the MIM/FIM Portal Management Agent because you are getting an error like the one below? After you have exhausted all the usual things (e.g. making sure it’s not a firewall issue, making sure it’s not a SQL login permission issue, etc.) but are still stumped, check the Forefront Identity Manager…


Help Desk RCDC Tab for Unlocking and Unregistering Users from SSPR

In virtually every Self-Service Password Reset engagment I have done, there is always some role that organization’s helpdesk / service desk (etc) plays in the administrative processes that accompany it; mainly the ability for them to clear the registrations of users whom have simply forgotten their security question answers and to unlock users whom have…


How to Enable Users to Access the MIM Portal

Ok, so you’ ve imported all the users into the portal, but no other account can access it other than the FIM Administrator used to install the application. You’ve done the usual to verify that everything as it is supposed to be: You verified that the user accounts in the portal have the following attributes…


How to Update a Resource’s Reference Attribute with just a Function Evaluator

I figured out something very simply yet no know with whom I consulted knew how to do: How does one update a resource object’s attribute if it is a reference type with just out-of-the-box (OOB) functionality? For instance, say that you wanted that whenever an owner of a group was deleted from AD that it…


A Note When Creating a Custom Resource Types that Has a Domain Attribute Binding

Ugh, this one was a pain-in-the-ass to figure out, but I did, so I thought I would share. The other day, I had to add a custom resource type to the portal — computer and contact types to be specific. After I did all tedeious work of expanding the schema, granting permissions to the synchronization…


Automating Rebuilding of FIM Service Database Full-Text Index Catalogs

A recommend practice is the regular rebuilding of the full text catalog for the FIM Service database, since this optimizes performance of FIM queries. Without attention to maintaining this catalog one may experience SQL timeouts occurring leading to failures in FIM requests. This blog entry contains the instructions on how to set up the automation to…


Automating the Clearing of a FIM Synchronization Server’s of Run History

As many of you know, periodically clearing of the FIM Synchronization Server’s Run History is not only a good idea, it’s a recommended practice. Since the run history is stored in the FIMSynchronizationService database, doing so serves to minimize the growth of it, which otherwise can grow to extreme sizes after a period of time if…


Powershell: Create 1000 Test User Accounts

For those looking for populate a test domain — oooh with say a 1000 users with distinct user attribute values — here is a script that I think will do you just fine:    Import-Module ActiveDirectory  $total = 1000 for ($userIndex=0; $userIndex -lt $total; $userIndex++)  {   $userID = “{0:0000}” -f ($userIndex + 1)  $userName = “test.user$userID”   Write-Host…


FIM 2010 Kerberos Overview & Setup

I don’t usually do this, but I came across just a great article on how FIM 2010 utilizes Kerberos for securing communications between its components, that I thought I would share it: FIM 2010 Kerberos Setup by Thomas Vuylsteke …What a great piece of IP


Automating FIM Syncs but "A Specified Logon Session Does Not Exist!" WTF does that mean?

Personally, I think it would be really nice — and perhaps is long overdue — for the FIM Synchronization engine to provide functionality to allow for the automated execution of run profiles on a schedule, but until that sweet day, we need to use the standard process of exectuing the run profiles via a script, initiated…