MIM SSPR Reset from pre-registered user in sync connected untrusted domain! say what!!

Hello Folks Just as a reminder from a blog post I posted last year   Scenario: In Contoso they have a MIM SSPR deployed currently Contoso Users and register and reset using MIM. They have recently partnered with FabriKam and wanted to offer SSPR for there users without the need for a trust. FabriKam want…

Microsoft Identity Manager 2016 SP1 with Outlook 2016 odd behavior with ‘Prerequisites Not Met’, Microsoft Forms/Smart Tag What!!

Issue: Today I went to install the Outlook plugin for Microsoft Identity Manager 2016 SP1 latest and greatest installed. To my surprise I was met with ‘Prerequisites Not Met’ First Outlook 2016 was installed from the Office 365 install wizard , Then Installed MIM add-add in with just the password option as i knew there…

QuickTip: Automation of MIM Management Agents password

In the past the automation of password changes in FIM have been a bit complex with opening the MA and having to update with clear text password. In recent document updates we have posted here :   https://docs.microsoft.com/en-us/powershell/identitymanager/microsoft.directoryservices.metadirectoryservices.config/vlatest/set-miisadmaconfiguration In this example we just updated the password in active directory without updating the MA to simulate automated…

Microsoft Identity Manager 2016 SP1 and Exchange Online

Enabling Exchange online notification and updating the password used by the Microsoft Identity Manager(FIMService)   Scenario: When using the Exchange online email notification integration you prompted to enter your exchange online Email account and the password . In most cases you must update the password and or account in the future an the only way…

CM – Enabling multiple user certificates on one Smart Card

  Enabling multiple user certificates on one Smart Card Scenario: Create an automated way of adding two certificates to the same card each representing a different account. Solution: provides the capability to put two or more certificates, each associated with a different account, on one card. The additional certificates are not limited to accounts solely…

Creating Microsoft Identity Manager (SP1) Portal Site on SharePoint 2016

Hello all been a busy season for FIM/MIM today I wanted to walk through the steps of installing MIM SP1 on SharePoint 2016. Below are the steps I took to get everything working from service and portal standpoint. As a reminder all accounts were pre-created and service principal names(SPN) were already set. For more information,…

Windows 2016 TP5 Add-WindowsFeature Fails for SharePoint 2016 Prerequisite Installer

Add-WindowsFeature : The request to add or remove features on the specified server failed. Installation of one or more roles, role services, or features failed.   prerequisiteinstaller log shows: 2016-09-29 12:17:36 – Install process returned (0X3E8=1000) 2016-09-29 12:17:36 – [In HRESULT format] (0X800703E8=-2147023896) 2016-09-29 12:17:36 – Last return code (0X3E8=1000) 2016-09-29 12:17:36 – Reading the…

PAM: Failed with Operation requires that destination domain auditing to be enabled

  Issue:  When trying to create NEW-PAMGROUP : Failed with Operation requires that destination domain auditing to be enabled “System.Exception: Failed PAM group 'TFCAdmins' SID migration; Exception: System.ComponentModel.Win32Exception(0x80004005): The operation requires that destination domain auditing be enabled at Microsoft.IdentityManagement.WinTools.SidCloner.CloneSid(String sourceIdentity, String sourceDomain, StringsourceDC, String sourceUserName, SecureString sourcePassword, String targetIdentity, String targetDomain)” ——————————————— When looking at…

FIM/MIM OOB Solution CIO Direct Reports and Indirects

Scenario: In this scenario there was a request to have a distribution list for all  CIO > Manager + Direct Reports > Manager + Direct Reports. The end result will be everyone who reports to the CIO both directly and indirectly. Sample Data: CIO Direct and Indirect Reports Distribution List Directors DL Manager DL Supervisors…