Saturday, March 27, 2010

FIM Training – So Many Options

SQLSoft has a neat little map of the available FIM training options.  It stands to reason there’d be lots of options given the size of FIM product.  It is great to see so much training content available, even though I’d prefer to see it broken down into feature areas such as:

  • FIM Service and Portal
  • FIM Synchronization
  • FIM Certificate Management

Of course I expect the lines to blur between these feature areas as they all become even more integrated in future releases, at least according my my personal crystal ball (not any official Microsoft plan of record).

Friday, March 19, 2010

Suppressing Full Sync Warnings with PowerShell

Been browsing over the WMI reference for ILM lately and noticed something I hadn’t seen before:

SuppressFullSyncWarning Method of the MIIS_ManagementAgent Class

This can be especially useful with FIM since the Sync Service gets versioned quite a bit more now that it lives in symbiosis with the FIM Service.

Running this method on the MIIS_ManagementAgent WMI class will suppress those warnings but in the Identity Manager user interface and in the Event Log.

Thursday, March 04, 2010

RunHistory Parsing

In writing some scripts to dig out Sync errors lately I ran into a strange bug.  On the plus side, I wasn’t able to repro on FIM, just on ILM.

Issue

Running this command will eventually start to return null:

Get-WmiObject -Class MIIS_RunHistory -Namespace root/MicrosoftIdentityIntegrationServer -filter("MaName='MyMA'")




This is strange because the query doesn’t change, but eventually it will just stop working.  The cmdlet doesn’t report an error, it just stops returning results.  Once this happens the only way I am able to fix it is to restart the ‘Windows Management Infrastructure’ service.



Workaround



Cycling the WMI service is a bit of a pain, so instead I issue the query using the MaGUID:




$ma = Get-WmiObject -Class MIIS_ManagementAgent -Namespace root/MicrosoftIdentityIntegrationServer -Filter("Name='MyMA'")
Get-WmiObject -Class MIIS_RunHistory -Namespace root/MicrosoftIdentityIntegrationServer -filter("MaGuid='" + $ma.guid + "'")



Issuing the query using the MA Guid did not repro the problem.  A simple little workaround to a strange little problem.

Tuesday, March 02, 2010

FIM 2010 RTM’d!

Big day today, FIM 2010 RTM was announced at RSA.

Microsoft® Forefront™ Identity Manager 2010 Evaluation Version

FIM is a very important release as it stands on the shoulders of the sync engine to provide a strong workflow engine along with new UI for both administrators and end users.  The sync engine has been an appliance that could largely hide in a datacenter until now.  In FIM Microsoft takes advantage of Microsoft Office to expose identity data to end users.

FIM 2010 is a huge leap forward in terms of functionality and extensibility.  I’m happy to see RTM, and excited about what Microsoft and partners will build on top of this new platform.