This got me out of a pickle today. A slip-up in a join rule caused hundreds of bad joins to be made. There were far too many to un-do by hand, but then I figured out I could add a few lines to the Provisioning Sub of the MVExtension to remove all the joins made…
Category: ILM 2007
Account Deprovisioning Scenarios
I just posted this article in the Greatest Hits series of the ILM Technet forum. It describes some of the methods and considerations around disabling and deleting users accounts with ILM.
Group Management Comparison
Following on from my last post about the overlaps between FIM and Exchange 2010 I wanted to clarify for myself the group management capabilities in FIM, Exchange 2010 and ILM. Warning: I will have to revisit this post – as I haven’t yet installed Exchange 2010 in a production environment the Exchange comments are based…
Managing Exchange 2000/2003/2007 with ILM 2007
I have just posted this article in the Greatest Hits series on the ILM Technet forum. http://social.technet.microsoft.com/Forums/en-US/identitylifecyclemanager/thread/f8ad045d-7252-4cd1-a189-d704a8f99129 The article covers various management tasks you can acheive with the standard AD MA, including provisioning and updating of users, mailboxes, contacts and distribution groups. There are quite a few code samples as well.
Creating user home directories – Windows version
I last blogged about provisioning home directories such a long time ago that I talked about Netware. I also used a SQL table alongside to keep track of a status field as I was doing some end-of-life management – zipping up the folder and stowing it in an archive location. But we don’t need to…
ExternalEmailAddress is mandatory on MailUser
I just got this error while attempting to provision Exchange 2007 users with ILM 2007 FP1: Event Type:Ă‚Â Ă‚Â Ă‚Â Error Event Source:Ă‚Â Ă‚Â Ă‚Â MIIServer Event Category:Ă‚Â Ă‚Â Ă‚Â Server Event ID:Ă‚Â Ă‚Â Ă‚Â 6801 Date:Ă‚Â Ă‚Â Ă‚Â Ă‚Â Ă‚Â Ă‚Â 15.09.2009 Time:Ă‚Â Ă‚Â Ă‚Â Ă‚Â Ă‚Â Ă‚Â 10:14:02 User:Ă‚Â Ă‚Â Ă‚Â Ă‚Â Ă‚Â Ă‚Â N/A Computer:Ă‚Â Ă‚Â Ă‚Â ILMSERVER Description: The extensible extension returned an unsupported error in MIIS. The stack trace is: “Microsoft.MetadirectoryServices.ExtensionException: ****…
Adding Exchange 2007 mailboxes to existing users
A while back I proposedĂ‚Â a powershell XMA approach to the problem of adding Exchange 2007 mailboxes to existing AD users. This was because my old method of adding an Exchange 2003 mailbox by populating a couple of extra attributes did not seem to work with Exchange 2007. However, inĂ‚Â a recent thread on the…
Adding Exchange 2007 mailboxes to existing user accounts
The most popular post on this blog continues to be Adding Exchange 2003 Mailboxes to Existing AccountsĂ‚Â so I’m guessing this is something a lot of people need to do. ATTENTION: PLEASEĂ‚Â SEE this postĂ‚Â INSTEAD for the basic method. I hadn’t posted an Exchange 2007 method earlier becauseĂ‚Â I haven’t needed to do it inĂ‚Â production, and the ongoing…
More KISS tips
In this post I discussed some ways to simplify an MIIS/ILM installation, with a view to making it more efficient and easier to troubleshoot and maintain. I have a few more points for the list.
Minimum AD permissions needed by ILM
The AD management agent uses an account to connect to AD and, more often than not, this account is a member of Domain Admins. However in some organisations this is not acceptable. So what rights does it actually need?