Issue in Extensible Connectivity 2.0 in Update Rollup 2
This isn't so much a question as it is a note that the "Refresh Schema" action in Rollup 2 makes encrypted ConfigParameters unavailable. You can see that they are encrypted, access and decrypt the SecureValue property, etc., but the length of the decrypted string is 0. I suspect that, in keeping with the "Refresh Schema" action of all the other management agents, there ought to be a dialog to re-enter credentials as part of the refresh action. As a workaround I've built my ECMA2 MA to read from a protected section of the registry when necessary (and I suppose DPAPI would work also), although this tends to increase the overhead for keeping a warm standby server ready / doesn't use the regular FIM encryption keys. That said, I'm pleased to see the "Refresh Schema" button implemented and otherwise working in Rollup 2 compared to 2010R2 RC. And one note for developers: The .IsEncrypted and .SecureValue properties are new with Rollup 2, but are not present or supported in R2 RC. I ended up using a little reflection to make a DLL that works on both versions of FIM.
April 4th, 2012 4:12pm

There was an update to the FIM Release Candidate on Connect that has it. Functionally, it is suppsed to be the same as Update 2. My project was using an older copy of the DLL that had the same version number. Once I copied the newer DLL from the GAC and updated the reference in my project, it appeared.Eric
Free Windows Admin Tool Kit Click here and download it now
May 16th, 2012 10:39am

Are you guys currently doing an AD Extensible Connectivity 2.0 MA by chance? I have an issue where I use the below line in my project, configParametersDefinitions.Add(ConfigParameterDefinition.CreateEncryptedStringParameter("Password", "")); password = configParameters["Password"].Value; I don't know how to pass the value to the DirectroyEntry method without the event viewer complaining that "System.InvalidOperationException: Encrypted parameter should be retrieved using the SecureValue property." Please help.
May 21st, 2012 5:04pm

Hi, When you use the encrypted parameter, you must decrypt it like this. using System.Security; using System.Runtime.InteropServices; private string Decrypt(SecureString inStr) { IntPtr ptr = Marshal.SecureStringToBSTR(inStr); string decrString = Marshal.PtrToStringUni(ptr); return decrString; } param = Decrypt(configParameters["encrypted param name"].SecureValue); Naohiro Fujie MVP for Forefront Identity Manager ( Jan 2010 - Dec 2012 )
Free Windows Admin Tool Kit Click here and download it now
July 15th, 2012 5:43am

Thanks for the reply!!!!!
July 16th, 2012 10:54am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics