As I was building some new customer FIM 2010 workflows for a customer, I ran into that little annoying feature called Blocked File Protection Control.
I had created my initial Workflow Activity Library for FIM and references the FIM binaries to get access to the FIM activities. As I build my project I received a compiler error saying "Compilation failed. Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information."; this had me for several hours.
It turned out that since I had copied the FIM binaries from the FIM server to the Windows 7 developer computer, the OS had detected these files as potential "harmful" (FIM 2010 harmful :-) ?) and blocked these files. The error message that I got from the compiler was very helpful, so it actually took me a few hours to realize what was going on. After unblocking the DLL's I was able to compile.
If you run into this problem, check if the DLL's are blocked; in Explorer, goto Properties on the file and check the general tab for the text "This file came from another computer and might be blocked to help protect this computer".
Wednesday, August 31, 2011
Monday, August 22, 2011
I love LINQ (even being a FIM guy)
Doing a FIM 2010 project for a customer, I had to crunch an LDIF file and convert some of the data in that file to a valid attribute-value pair file for use FIM 2010. I considered a lot of possibilities but ended up utilizing LINQ a lot throughout the code.
As an example I had to extract the parent department for a distinguished name coming from an X500 directory LDIF file. The distinguished name would be something like this -
cn=Willis Bruce, ou=TSX, ou=TS, ou=T, ou=MOX, l=Denmark, c=DK, o=customername, o=customer holding, cn=Main company
The parent department name is the second ou= element (in this case ou=TS) and to extract that I ended up using - what I think - is simple LINQ statement in a method on my user class -
public void GetParentDepartment()
{
string temp = this.dn.Split(',').Where(key => key.StartsWith("ou=")).Skip(1).FirstOrDefault();
this.parentDepartment = (temp != null) ? temp.Replace("ou=", "").ToUpper() : null;
}
Hope this will help someelse crunching data. I know that I will definitely try to use LINQ whereever possible as its is pretty nice and very elegant for many tasks.
As an example I had to extract the parent department for a distinguished name coming from an X500 directory LDIF file. The distinguished name would be something like this -
cn=Willis Bruce, ou=TSX, ou=TS, ou=T, ou=MOX, l=Denmark, c=DK, o=customername, o=customer holding, cn=Main company
The parent department name is the second ou= element (in this case ou=TS) and to extract that I ended up using - what I think - is simple LINQ statement in a method on my user class -
public void GetParentDepartment()
{
string temp = this.dn.Split(',').Where(key => key.StartsWith("ou=")).Skip(1).FirstOrDefault();
this.parentDepartment = (temp != null) ? temp.Replace("ou=", "").ToUpper() : null;
}
Hope this will help someelse crunching data. I know that I will definitely try to use LINQ whereever possible as its is pretty nice and very elegant for many tasks.
Monday, August 15, 2011
Refreshing the FIM portal
Carol Wapshere did a nice post on refreshing the FIM portal when you make changes to RCDC and such. I've taken this to heart and put together a small Powershell script to do the job.
You can use the script like this -
"AppPool name" | .\Recycle-IisAppPool.ps1
i.e. "Sharepoint - 80" | .\Recycle-IisAppPool.ps1
You could even send several AppPool names through the pipeline, i.e.
"SomeAppPool", "Another AppPool", "Sharepoint - 80" | .\Recycle-IisAppPool.ps1
Ooh, and the script; here it is (remember to save it with a .ps1 extension)
process
{
$_ | % { Invoke-WMIMethod -Name Recycle -Namespace "root\MicrosoftIISv2" -Path "IIsApplicationPool.Name='W3SVC/AppPools/$_'" }
}
You can use the script like this -
"AppPool name" | .\Recycle-IisAppPool.ps1
i.e. "Sharepoint - 80" | .\Recycle-IisAppPool.ps1
You could even send several AppPool names through the pipeline, i.e.
"SomeAppPool", "Another AppPool", "Sharepoint - 80" | .\Recycle-IisAppPool.ps1
Ooh, and the script; here it is (remember to save it with a .ps1 extension)
process
{
$_ | % { Invoke-WMIMethod -Name Recycle -Namespace "root\MicrosoftIISv2" -Path "IIsApplicationPool.Name='W3SVC/AppPools/$_'" }
}
Thursday, August 11, 2011
The death of hierarchical IdM systems?
Here is an interesting article with non-technical (directly anyway) stuff; looking at how you traditionally approach Identity Management in organizations, there may just be a point in the statement that hierarchical systems for identities might work for an organization but cannot be translated to "The Cloud".
Think about it - I know I will...
Think about it - I know I will...
Wednesday, August 10, 2011
Kerberos and FIM working together
Configuring Kerberos with FIM 2010 can be kind of tricky; however, a good guide and description (better than the installation guide or a good supplement) by Thomas Vuylsteke can be found here.
Subscribe to:
Posts (Atom)