QuickTip: Automation of MIM Management Agents password

In the past the automation of password changes in FIM have been a bit complex with opening the MA and having to update with clear text password. In recent document updates we have posted here :  

https://docs.microsoft.com/en-us/powershell/identitymanager/microsoft.directoryservices.metadirectoryservices.config/vlatest/set-miisadmaconfiguration

In this example we just updated the password in active directory without updating the MA to simulate automated change of the password. As a note to update the password on the sync box you must be part of the SyncAdmins group.

clip_image002

Now lets open elevated PowerShell console and import the module:

import-module “C:\Program Files\Microsoft Forefront Identity Manager\2010\Synchronization Service\UIShell\Microsoft.DirectoryServices.MetadirectoryServices.Config.dll

Then lets get the credentials :

<note> This is a very simplistic way to get credentials but think if you was using a credential management service that could launch the Set-MIISADMAConfiguration when you have a password rollover<note>

 

$u = get-credential -UserName mimadma -Message “Get ADMA”

clip_image004

Set-MIISADMAConfiguration -MAName: “CONTOSO.COM” -Forest:”contoso.com” -Credential: $u

clip_image006

Now after setting the password using cmdlet we run the MA without issues

clip_image008

David Steadman has written 40 articles

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>