In the past the automation of password changes in FIM have been a bit complex with opening the MA and having to update with clear text password. In recent document updates we have posted here :
In this example we just updated the password in active directory without updating the MA to simulate automated change of the password. As a note to update the password on the sync box you must be part of the SyncAdmins group.
Now lets open elevated PowerShell console and import the module:
import-module “C:\Program Files\Microsoft Forefront Identity Manager\2010\Synchronization Service\UIShell\Microsoft.DirectoryServices.MetadirectoryServices.Config.dll
Then lets get the credentials :
<note> This is a very simplistic way to get credentials but think if you was using a credential management service that could launch the Set-MIISADMAConfiguration when you have a password rollover<note>
$u = get-credential -UserName mimadma -Message “Get ADMA”
Set-MIISADMAConfiguration -MAName: “CONTOSO.COM” -Forest:”contoso.com” -Credential: $u
Now after setting the password using cmdlet we run the MA without issues