Adventures in identity management
I presented this at the MIM Team User Group meeting last week, but was having some computer issues and apparently people couldn’t hear me. There did seem to be quite a bit of interest from the comments window, so I figured I’d write it up as a blog post. This solution allows an Office 365…
I worked with the FIMWAL in the past on a couple of MCS engagments, but hadn’t yet had the opportunity to use the open-sourced MIMWAL on an engagment. I have, however, just been converting something I’ve done before to all-MIMWAL workflows, in preparation for re-using the concepts on a new project. This is a pretty…
I recently wanted to do some analysis of existing groups in a well established AD that has a lot of groups (more groups than users in fact). I was hoping to find groups that looked like good candidates for conversion to role-based (aka criteria-based) groups.
I’ve had various stabs over the years at tools that will dump out the whole connector space, or just the pending exports, and convert it into a CSV file for easy analysis. They often fall down on two things: the XML file produced by CSExport can be very large (way too big for Get-Content), and…
Most people who work with FIM will be familiar with the “Value Violates Uniquess” errors when you try to export an object through the FIM MA that conflicts with an existing object on an attribute that has enforced uniqueness in the FIM Service. If the duplicate is on a string attribute like AccountName then it’s…
Today I presented a session called “all about data” at the FIM Team User Group meeting. One of the goodies I shared was my Data Quality script. The point of this script is to run against the FIM Service on a regular basis and look for anomalies that can be easily fixed – for example…
I’ve shared the new version of the documentation scripts here: https://unifysolutions.jira.com/wiki/display/FIMTEAMCOM/Automatic+Word+Documentation The best new feature is in Document_SyncConfig.ps1 which now includes an end-to-end attribute flow map based around Metaverse object/attribute – so showing all IAFs and EAFs going via each Metaverse attribute.
I’ve just been troubleshooting sporadic export errors through the FIM MA in a Test environment. The export would fail a couple of times in a row with a failed-modification-via-web-services or failed-creation-via-web-services and the detailed error said something about “AttributeNameViolatesSchema”. Eventually the export would succeed all on its own, without anything else changing.
Listening to Andy van den Biggelaar’s FIM Team User Group session on Reporting this week reminded me that I haven’t shared the latest versions of my Requests and Approvals archiving scripts, and I also haven’t shared the scripts I now use to log Sync runs and convert import and export log files to CSV, ready for…
I’ve uploaded a Sync Service auto-documentation script to the FIM Team Scripts site, to go with the Portal one I shared a couple of months back. You can get them both here:Â https://unifysolutions.jira.com/wiki/display/FIMTEAMCOM/Automatic+Word+Documentation