Monday, December 14, 2015

PowerShell MA now on CodePlex

Today is a big day...

For a lot of years, I've been maintaining the Granfeldt PowerShell Management Agent for FIM and MIM. This MA was build for during FIM project that I did many years ago and some of the efforts put into building this MA was sponsored by the customer ... and therefore I was not allowed to release or distribute source code for the MA.

Many people have asked me for the source code for the MA - and now I'm happy to announce that I have released the ever so popular PowerShell MA to CodePlex. So head on over to https://psma.codeplex.com/ and have a look. The current release is the same as you have been able to download from my blog.

Now that I've moved the code to CodePlex, I'll be shutting down the pages for the MA on my blog and start to maintain documentation and code on CodePlex.

I'd love to get sample scripts from all of you and make them available for download on the CodePlex site.

Thank you all for the kind words about this MA over the years - and I hope for your continued support after the move to CodePlex. I would just looove a review from you for this MA, so head on over to CodePlex and write up a small review.

Thank you,
Soren

Saturday, December 12, 2015

MIM2016 hotfix out (build 4.3.2064.0)

Microsoft just gave us a pre-Christmas gift in the form of a hotfix for MIM 2016 which has just been released. Pop into the link below and read the release notes to see if any fixes applies to your environment.

https://support.microsoft.com/en-us/kb/3092179

As always ... don't forget to backup before applying patches...

Merry Christmas

Thursday, November 12, 2015

Generic SQL Management agent released

Today is a big day for me...

For a long time now, I've wanted to build a new SQL Management that could do more than the built-in SQL Server Management Agent that you get out-of-the-box with FIM and MIM. And, finally, I have done just that.

It is here....

By using this generic Management Agent for SQL, you can synchronize almost any type of information with SQL Server tables - and now you can finally do deltas as well ...and hold on, you can run stored procedures against the tables as part of your synchronization import and export schedules. All these tings combined should give you the options to make some awesome solutions with FIM/MIM and SQL.


The MA have a lot of features that are needed for a modern FIM2010 or MIM2016 setup, including -
  • Full and delta imports
  • Delta and full exports
  • Can keep and revive deleted information / rows
  • Can execute pre- and post import/export Stored Procedures
The schema is very flexible and is generated based on the database tables definitions. A refresh of the schema for this management agent rediscovers the schema and you can override the structure in different manners using a configurable XML data.

I really hope that you make use of this MA and please let me know if there are any issues as this is the initial release - and I'll try to fix any issues as soon as possible.

You can get it on CodePlex from this URL - https://sqlma.codeplex.com/

Go it a go when you can...

Enjoy,
Soren

Sunday, November 8, 2015

Minor update of PowerShell MA released

I've released a minor update for the PowerShell MA. The build number for this is 5.5.1.1017 and the build is compatible with earlier 5.5 releases so you should be able to just replace the .DLL in the Extensions folder of your installation

NOTE - the MA now requires .NET Framework 4.5.2 to run, so please make sure that you have that installed on your Synchronization Service server.

The big news for this version is that I have added support for Write-Debug, Write-Verbose, Write-Progress, Write-Warning and Write-Error in your scripts. Any information from these commands will go into the trace log and  any information from Write-Warning or Write-Error will also go into the event log on your Synchronization Server for you to monitor and react to.

Also, all scripts will now receive an extra parameter of type PSCredential that hold the username and password configured on the MA. This is handy for you to use in your scripts. You will still get the username and password as separate parameters.

This version contains these changes -

  1. Added support for Write-Verbose/Debug/Progress/Error in scripts.
  2. Changed PowerShell host to use PowerShell instead of RunSpace to remedy memoryleak in System.Automation.dll if using RunSpace.
  3. Optimized import code to be more responsive after script returns.
  4. Also, added support for control values naming to no longer being case-sensitive. 
  5. Added additional parameter to all scripts to pass a PSCredential object for use in scripts.Simplified logging information for import objects.


As always, I've tried to test this version, so hopefully there are no big issues. Please do let me know if you find anything.

Go find the new version in the download section for the PowerShell MA.

Enjoy,
Soren

Monday, October 19, 2015

New version of FIM.MARE

I'm happy to announce that I've released a new version of my Rules Extension framework called
FIM.MARE.


The framework enables FIM and MIM administrators to, declaratively, create advanced flow rules with a wast number of transform functions and even conditions (scoped rules) for FIM2010 R2. This framework can in many installation be used as a replacement for Synchronization Rules (SR's) or as a supplement to these by using the FIM Synchronization Service to setup the advanced rules.

This new version has a lot of new features and is stable (I'm already using it at several installation instead of SR's). It even has the ability to load your own existing classic rules extension (.DLL's), thereby letting you reuse your own code - and of course, also in that way, open up the framework so you're able to write your own code if the flow rules are too complex to construct with the framework functions and features.


Let's help the children this Christmas

If you use this framework or any of my other frameworks, please consider a small donation to support my Christmas 2015 quest to donate to Unicef. Use this link to read more about it and maybe donate/support.

You can find FIM.MARE on CodePlex.

Sunday, October 11, 2015

Let's help the children this Christmas

Christmas is approaching and this year I'm going to try out something again as I did in 2012...

All donations received at this blog will go uncut to Unicef. A lot of people are directly or indirectly helped by this organization and I'm hoping to get your support to make a small contribution this year.

I hoping for a donation from you or your company, if you're using any of my free projects for your FIM or MIM installation -

  1. My PowerShell Management Agent
  2. My Workflow Library for the FIM Service
  3. My Codeless Provisioning Framework for FIM2010R2
  4. My Rules Extension Framework for FIM2010R2
  5. My MARunScheduler

Donate as little or as much as you can - even very small donations (a few dollars) will help the cause - and I'll make sure to include your name in the letter that will accompany the check for Unicef - no matter the amount.

I'm hoping for your support by Christmas / December 21st, 2015 - and thanks to all of you who have already donated. I will, through my company, also by adding an amount to the donation by Christmas.

You can find the donation link (through PayPal) in the right section of this blog.

Thank you so much...

PowerShell Management Agent 5.5 refreshed

I'm happy to announce that I have released a refresh of the popular PowerShell Management Agent for FIM2010R2 (and yes, MIM2016).

This version is a code-refresh with a few bug fixes and a few additional minor features and I'll try to list them below -

  1. The setup program is gone and has been replaced by a PowerShell script. This should allow you to better control updates. The steps performed by this installation script are exactly the same as the old setup program did
  2. The entire logging feature has been replace by tracing. This means that you can now use DebugView from SysInternals / Microsoft or similar to view actions from this MA. The old logging mechanism is no longer included and has been removed from the MA. The information logged by the MA has also been reviewed and extended to allow better debugging.
  3. All errors from the PSMA are now logged to the event log. This does, however, require that you create an explict event log source. You can see in the Installation documentation how to create this.
  4. A parameter called 'ExportType' is now available to your export scripts. This allows you to determine in the Export script, whether it is a normal (Delta) or a Full Export that is being performed.
  5. A potential, however unlikely, looping condition in the import function has been fixed and also better memory handling / cleanup has been introduced.
  6. General optimization of the code has been done.

This version should be directly compatible with the 5.5.0.1425 build that has been out for more than a year. To upgrade, you should be able to download and just replace the DLL in the Extensions folder of your FIM Synchronization Service installation.

As always, I'm very thrilled that this MA is so popular and I want to keep it as current as possible, so please send me information on any bugs that you may find. However, I ask you kindly to not expect free support. For support questions, please use the FIM2010 forum on TechNet where I know that a lot of experts are ready to help and, yes, I do answer questions there whenever time allows.

Thank you for your continued support.


Tuesday, August 4, 2015

Microsoft Identity Manager 2016 is out

It's all over the news on social media's but thought that I'd just write a quick note on it as well...

MIM 2016 is out!!!

You should be able to get it via MSDN or through your Volume Licensing access.

Looking forward to diving in to the released version.

See you out there...

Thursday, June 25, 2015

A hotfix rollup package (build 4.1.3646.0) is available for Forefront Identity Manager 2010 R2 SP1

Today, Microsoft released a hotfix for FIM2010 R2 SP1. The hotfix rollup package number is 4.1.3646.0)  and the build number for Microsoft BHOLD Suite components that are included in this release is 5.0.3079.0.

This hotfix rollup package resolves some issues and you can download and read more about it here - https://support.microsoft.com/en-us/kb/3054196

I wonder if this is gonna be the last before the release of MIM2016 !?

Enjoy patching....

Microsoft Azure Active Directory Connect is available

Microsoft annouced yesterday that Azure AD Connect is now generally available. AADConnect allows you to quickly onboard to Azure AD and Office 365.

You can download it here - https://www.microsoft.com/en-us/download/details.aspx?id=47594

I'm currently working on a version of my PowerShell MA that will work with AADConnect as I think this will make for a interesting way to do more with AADConnect than just synchronize to Azure AD.

Stay tuned here for more on that.

Happy sync'in....

Thursday, April 30, 2015

FIM2010 R2 hotfix rollup package (build 4.1.3634.0)

Just a quick note about Microsoft releasing a new hotfix today (https://support.microsoft.com/en-us/kb/3048056?wa=wsignin1.0).

It is very interesting to read that this hotfix adds support for Windows 2012 R2 Domain Controllers for PCNS. But please read the additional note carefully to make sure that you leave your environment in a supported state.

Looking forward to try this hotfix out soon.

Sunday, April 26, 2015

New version of FIM.MRE in the making. Help needed...

I need your help...

I'm working on a new major version of my Codeless Provisioning Framework for FIM2010, called the FIM Metaverse Rules Extension project that live on CodePlex.

This new version will among other things have new additional conditions and the option to use sub conditions as well. Also, it will have the option for you to help the clutter of rule by allowing you to have more as many rules files as you like and MRE will load rules from them all. Besides this, I'm also optimizing a lot of the code, adding a few more options to initial flow value construction and extending the tracing options. Also, the new version will be the one that I port to use with MIM when that is released.

Now, I would like to maintain backwards compatibility since I know that a lot of you guys and girls out there, make use of FIM.MRE.

So, I have a request....

Could you please send a copy of your rules file (FIM.MRE.xml) to me if you are able to disclose or maybe anonymize it? The reason for this is that I want to check the new version for any issues with backward compatibility for reading the rule files that live outthere in the real FIM world.

I really hope that you'll chip in and support the evolution of the framework. You can mail your rule files to soren@granfeldt.dk.

Thank you,
Soren

Thursday, February 26, 2015

Hotfix rollup (build 4.1.3627.0) is available

Just a quick note to you FIM'sters out there. Microsoft released a hotfoot for FIM2010 R2 today.

More information on the hotfoot can be found here - https://support.microsoft.com/kb/3022704?wa=wsignin1.0

As always, remember to test impact on your specific system, before applying. And oh, the backup, remember the backup, before applying.

Happy patching...

Tuesday, February 17, 2015

Lync sample scripts for PSMA 5.5

I've had more than a few requests for sample scripts for managing Lync 2010 for use with my Powershell MA.

Well, time finally allowed for me to anonymize some scripts from a recent project where I have set up management of Lync 2010 enabling/disabling for users. The scripts are very basic and only handles enabling and disabling of user for Lync. You may have to modify the scripts to fit your environment and, also, you have to do provisioning for the Lync PS MA for users that should be Lync-managed.

As a note on side, instead of using Synchronization Rules for provisioning, you could have a look at my provisioning framework as well which seems to be very popular for simple provisioning.

You can download the Lync scripts from the downloads page for my Powershell MA.

I'll be happy to get some feed back on the scripts but as always, please post in the FIM2010 forum for any assistance so that others may benefit.

Happy P'shellin...

Wednesday, February 4, 2015

FIM MA Rules framework released

I'm very happy to announce that I have released an initial version of my declarative rules extension framework for FIM2010 R2. It is called FIM.MARE (short for FIM Management Agent Rules Extension).

The framework enables FIM administrators to, declaratively, create advanced flow rules with a wast number of transform functions and even conditions for FIM2010 R2. This framework can be used as a replacement for Synchronization Rules (SR's) or as a supplement to this.

FIM.MARE reads declared flow rules from an XML configuration file , which contains information about the management agent rules available. Also, it allow you to use your old DLL's that you have written for advanced flow rules and have these called by the framework.

The plan is to extend on this framework to make it very versatile. So I'd very much like receive feedback from you for new functions, transforms or similar - and of course if you find any bugs in the code.

You can find the project on CodePlex here - https://fimmare.codeplex.com/

I want to thank my good colleague, Frederik Leed for sparring with me on this and of course for testing it in real life.

Enjoy the framework - and let me know if it is useful to you...

Thanks,
Soren

Wednesday, January 14, 2015

MA Rules Extension Framework project started

This is just a short post to let you know that I've started my CodePlex project for the Rules Extension framework that you may have heard about.

The FIM2010 R2 MA Rules Extension framework is a framework for use with Management Agents in FIM2010 R2. It enables FIM administrators to, declaratively, create advanced flow rules for Forefront Identity Manager 2010 R2 (FIM2010 R2). This framework can be used as a replacement for Synchronization Rules (SR's) or as a supplement to these.

There is no release just yet as I'm still finalizing it with a few developers, so please dont put this into any production environments as it may still change. You could, however, sign up on CodePlex to follow the project and get notified when the first version is released.

You can find it here ... enjoy!

Sunday, January 11, 2015

FIM2010 / R2 hotfix list

I constantly find myself answering the same question for customer: "Is there no list of hotfixes for FIM?". My answer is always 'yes' and the follow-up action is me sending this link to customers (http://social.technet.microsoft.com/wiki/contents/articles/2229.fim-2010-build-overview.aspx).

So now you know - just in case, you didn't already know.