Good day FIM people Hi i am in the process of implementing the Password Reset Portal I have sucessfully installed FIM and have created the ADMA and FIMMA management agent My ADMA works fine and i can see users from the specific container in AD are getting imported into the Metaverse with the proper display names and the number of adds also increments to 1 and i can see the user with their distinguished name in there , next i run the Full synchronisation run profile and see the Projections also increment to 1 and also the connector with flow updates also increments with 1 , Next i do a metaverse search for the newly imported user and can see the user in the Metaverse with their proper display name Next i run the FIMMA Management agent which should sucessfull import this user from the Synchronisation database to the Fim Service Database , I run the Full synchronisation and see the Export Attribute flow imcrements to 1 the provisioning Adds also increased to 1 and the provisioning Disconnects also increases to 1 but the only thing is that when i click on these i see the exported attributed flow as the Distingguished name which comes up as a bunch of numbers and letters instead of a proper display name but in the properties of it i can see the first name and last name attributes and the object SID How can i change the Distinguished name to display name and also when i go to my FIM portal and check the users in the FIM portal i only see the Display name which comes in as (No display Name) also when i click on the properties i only the first name and the last name the resourceSID is also empty Please help Nishant Gulati

The DN for the FIMMA is a guid. That is why you see the GUID and not a displayname like AD. When you export to FIM, make sure you also include the "Displayname" attribute in your attribute flow within the FIM MA (you need to set this manually in the FIM MA) and set it to "Export". Then you see the display name within the portal. The GUID behavior within the FIM connector space cannot be changed. Need realtime FIM synchronization? check out the new http://www.traxionsolutions.com/imsequencer that supports FIM 2010 and Omada Identity Manager real time synchronization!

Good day Paul Hi i tried that and it did not work when i ran the Fim agent I saw the number of updates increment to one and the number of Adds also incremented to one when i opened up the Object details in the syn statistics window it still came up with the Distinguished name My Portal has somewhat stopped working keeping getting service is unavailable I think i will revet back to my VM snaphopt and try to install the Fim service and FIm syn and then try to re-create my management agent Thanks you for you reply It was helpfull Regards NishNishant Gulati

Good day Paul Hi it worked I have got the display name , Domain , Account name in the FIm Service Portal and also the account name in it Thank you so much I will implement the password reset portal steps now Thanks againNishant Gulati

Good day Paul Hi it worked I have got the display name , Domain , Account name in the FIm Service Portal and also the account name in it Thank you so much I will implement the password reset portal steps now Thanks againNishant Gulati

Good day Paul Hi if you dont mind there are a couple of question that i need to clear I can now see the Display Name , Domain , Account Name Populated in the FIM Portal correctly thank you again I have also implemented the 13 steps needed for implementing the password reset portal i can now access the http://fim/passwordportal site when i put in my name i get the error message that the User name you entered does not have permissions to use the self-service passwprd reset . Please make sure your user name is correct and try gaian or contact technical support I have tried the portal from my local machine and on the portal itself i get the same error message Next i try this from the Http://fim/identitymanagement page and i click on Register for Password Reset This open up the FIM Password Reset Registeration Page With my username and Password it then takes me to next page and asks me all the Minimum Questions which i answer correctly Next it starts to process the Password Reset Regsiteration and an error message comes up saying an Error was encountered . Please call helpdesk or your system administrator for Fruther Assistance Any clues please ??? Regards Nish Nishant Gulati

Have you already looked in the eventlog ? especially the one beneath Eventviewer --> Applications and Services Logs --> Forefront Identity ManagerNeed realtime FIM synchronization? check out the new http://www.traxionsolutions.com/imsequencer that supports FIM 2010 and Omada Identity Manager real time synchronization!

Good morning Paul Hi i checked the logs i get this message " Log Name: Forefront Identity Manager Source: Microsoft.ResourceManagement Date: 18/03/2011 11:09:55 AM Event ID: 3 Task Category: None Level: Error Keywords: Classic User: N/A Computer: KENS-POC-007.corporateict.domain Description: System: System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: No connection could be made because the target machine actively refused it 10.20.200.41:443 at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Int32 timeout, Exception& exception) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context) at System.Net.HttpWebRequest.GetRequestStream() at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) at Microsoft.ResourceManagement.WebServices.Mail.Exchange.ExchangeServiceBinding.FindItem(FindItemType FindItem1) at Microsoft.ResourceManagement.WebServices.Mail.Exchange.MailChannel.ExchangeMailChannelListener`1.ExchangeMailListener.<OnPollTimerExpired>b__0(Boolean findUnreadItems) at Microsoft.ResourceManagement.WebServices.Mail.Exchange.MailChannel.ExchangeMailChannelListener`1.ExchangeMailListener.OnPollTimerExpired(Object state) Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft.ResourceManagement" /> <EventID Qualifiers="0">3</EventID> <Level>2</Level> <Task>0</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2011-03-18T03:09:55.000000000Z" /> <EventRecordID>16070</EventRecordID> <Channel>Forefront Identity Manager</Channel> <Computer>KENS-POC-007.corporateict.domain</Computer> <Security /> </System> <EventData> <Data>System: System.Net.WebException: Unable to connect to the remote server ---&gt; System.Net.Sockets.SocketException: No connection could be made because the target machine actively refused it 10.20.200.41:443 at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket&amp; socket, IPAddress&amp; address, ConnectSocketState state, IAsyncResult asyncResult, Int32 timeout, Exception&amp; exception) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetRequestStream(TransportContext&amp; context) at System.Net.HttpWebRequest.GetRequestStream() at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) at Microsoft.ResourceManagement.WebServices.Mail.Exchange.ExchangeServiceBinding.FindItem(FindItemType FindItem1) at Microsoft.ResourceManagement.WebServices.Mail.Exchange.MailChannel.ExchangeMailChannelListener`1.ExchangeMailListener.&lt;OnPollTimerExpired&gt;b__0(Boolean findUnreadItems) at Microsoft.ResourceManagement.WebServices.Mail.Exchange.MailChannel.ExchangeMailChannelListener`1.ExchangeMailListener.OnPollTimerExpired(Object state)</Data> </EventData> </Event> " I am going back to the my Sharepoint services bit as i skipped the assigning its own application pool but and also the Service principle names bit Not so sure whether that might be the issue but i need to fix it as other admin get service not available when trying to access the identity management page Regards Nish Nishant Gulati

Good morning Paul Hi i checked the logs i get this message " Log Name: Forefront Identity Manager Source: Microsoft.ResourceManagement Date: 18/03/2011 11:09:55 AM Event ID: 3 Task Category: None Level: Error Keywords: Classic User: N/A Computer: KENS-POC-007.corporateict.domain Description: System: System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: No connection could be made because the target machine actively refused it 10.20.200.41:443 at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Int32 timeout, Exception& exception) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context) at System.Net.HttpWebRequest.GetRequestStream() at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) at Microsoft.ResourceManagement.WebServices.Mail.Exchange.ExchangeServiceBinding.FindItem(FindItemType FindItem1) at Microsoft.ResourceManagement.WebServices.Mail.Exchange.MailChannel.ExchangeMailChannelListener`1.ExchangeMailListener.<OnPollTimerExpired>b__0(Boolean findUnreadItems) at Microsoft.ResourceManagement.WebServices.Mail.Exchange.MailChannel.ExchangeMailChannelListener`1.ExchangeMailListener.OnPollTimerExpired(Object state) Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft.ResourceManagement" /> <EventID Qualifiers="0">3</EventID> <Level>2</Level> <Task>0</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2011-03-18T03:09:55.000000000Z" /> <EventRecordID>16070</EventRecordID> <Channel>Forefront Identity Manager</Channel> <Computer>KENS-POC-007.corporateict.domain</Computer> <Security /> </System> <EventData> <Data>System: System.Net.WebException: Unable to connect to the remote server ---&gt; System.Net.Sockets.SocketException: No connection could be made because the target machine actively refused it 10.20.200.41:443 at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket&amp; socket, IPAddress&amp; address, ConnectSocketState state, IAsyncResult asyncResult, Int32 timeout, Exception&amp; exception) --- End of inner exception stack trace --- at System.Net.HttpWebRequest.GetRequestStream(TransportContext&amp; context) at System.Net.HttpWebRequest.GetRequestStream() at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) at Microsoft.ResourceManagement.WebServices.Mail.Exchange.ExchangeServiceBinding.FindItem(FindItemType FindItem1) at Microsoft.ResourceManagement.WebServices.Mail.Exchange.MailChannel.ExchangeMailChannelListener`1.ExchangeMailListener.&lt;OnPollTimerExpired&gt;b__0(Boolean findUnreadItems) at Microsoft.ResourceManagement.WebServices.Mail.Exchange.MailChannel.ExchangeMailChannelListener`1.ExchangeMailListener.OnPollTimerExpired(Object state)</Data> </EventData> </Event> " I am going back to the my Sharepoint services bit as i skipped the assigning its own application pool but and also the Service principle names bit Not so sure whether that might be the issue but i need to fix it as other admin get service not available when trying to access the identity management page Regards Nish Nishant Gulati

i am in the process of re-congifuring my IIS and sharepoint again on the server i think i need to configure sharepoint service to user Kerberos and the Service principle names and SSL and sharepoint Alternamte access mapping . and then try to install the portal and the password reset portal again I will leave the FIm service and the FIM Syn Service the way they are as i can see users in the FIM portal with their proper attributes I will let you know how i went abd thanks you for helping me out over here Paul regards NishNishant Gulati