AD Sync issue
Hey, I am new to FIM and I am doing a pilot for my company. I have followed the FIM 2010 installation guide and the getting started guide. However, I am unable to view any of the AD accounts in the "FIMObjects" folder from within the https://localhost/identitymanagement portal. Any ideas? Any steps I might have missed or the guide missed would be welcomed. Thanks
September 21st, 2011 12:44am

Hi Osa, I haven't used FIM Portal alot but I'm not familiar with a FIMObjects folder. Is the Portal web page loading correctly? Usually if you've synced your AD users into FIM Portal you should be able to see them by clicking on users in the navigation pane on the left then leaving the search within selection at the top right as 'all users' and clicking the magnifying glass. You should then see your synced users. Hope I helped Dan
Free Windows Admin Tool Kit Click here and download it now
September 21st, 2011 7:11am

Are you sure you have AD accounts in the metaverse already? Need realtime FIM synchronization? check out the new http://www.traxionsolutions.com/imsequencer that supports FIM 2010 and Omada Identity Manager real time synchronization!
September 21st, 2011 9:32am

High-level, this is what must happen to get objects in the portal: 1. Create and configure the AD MA. This includes projection rules and attribute flows into the metaverse, unless you are doing everything through the portal. (I don't, so I'm fuzzier there.) 2. Create and configure the FIM MA. 3. Full import run on the AD MA. 4. Full sync run on the AD MA. (Deltas can be done later) You should see exports to the FIM MA queue up during this step. 5. Export run on the FIM MA. If you see errors anywhere along the way, you'll have to resolve them. Make sure that you're accessing the portal with a FIM administrative account, especially when you are just starting out, so that you have access to all the search scopes and options.
Free Windows Admin Tool Kit Click here and download it now
September 22nd, 2011 8:07am

Hey, Thanks for your response, I meant to say FIMObject OU and yes, the FIM Portal page is loading correctly
September 22nd, 2011 7:48pm

Thanks for your response. How to I get the AD accounts in metaverse?
Free Windows Admin Tool Kit Click here and download it now
September 22nd, 2011 7:49pm

Thanks for your response. No I am not doing everything through the portal. I am using the Synchronization service manager. Yes, I have created and configured the FIM MA and AD MA as instructed in the Common Configuration for FIM 2010 Getting Started Guide. A full import and sync run on both FIM MA and AD MA was successful without any errors. However, I have errors on FIM MA export run. I get a "failed-creation-via-web-services" error when i do the Export run on FIM MA. Any further advice would be appreciated. Thanks
September 22nd, 2011 8:00pm

Check the details of the error. There should be an indication as to why it failed. Not having seen your error but having seen the same thing myself every time I set up a FIM environment from scratch, I'd say you need to enable an MPR that grants your synchronization account permission to write the objects and their attributes to the FIM Service. Log into the portal, go to Management Policy Rules, and search for "Synchronization: Synchronization account controls users it synchronizes". Click on it and ensure that "Policy is disabled" is unchecked on the General tab. If you have any special attributes you've configured in the portal and are trying to export, you may have to open up the MPR properties and modify the resource attributes section of the Target Resources tab.
Free Windows Admin Tool Kit Click here and download it now
September 22nd, 2011 8:33pm

Thanks for your response Chris. When I checked the general tab of "Synchronization: Synchronization account controls users it synchronizes", Policy is disabled was already unchecked. I would investigate the details of the error. Cheers
September 22nd, 2011 9:57pm

Hi Osa, you need to give some permissions to fim ma service account in the FIM service database for export to run successfully.I mean connect permission to the FIM MA on FIM Synchronization service. HBB
Free Windows Admin Tool Kit Click here and download it now
September 23rd, 2011 8:08am

It would help if you provide the error message.Need realtime FIM synchronization? check out the new http://www.traxionsolutions.com/imsequencer that supports FIM 2010 and Omada Identity Manager real time synchronization!
September 23rd, 2011 9:14am

Thanks guys for attempting to help resolve this issue. I created a new test server, re-installed everything (OS, SQL, WSS, FIM) and it is now working. Cheers
Free Windows Admin Tool Kit Click here and download it now
September 30th, 2011 4:56pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics