MIIS 2003 – Page 2

More KISS tips

Posted on November 1, 2008November 18, 2009 by Carol

In this post I discussed some ways to simplify an MIIS/ILM installation, with a view to making it more efficient and easier to troubleshoot and maintain. I have a few more points for the list.

Minimum AD permissions needed by ILM

Posted on October 8, 2008November 18, 2009 by Carol

The AD management agent uses an account to connect to AD and, more often than not, this account is a member of Domain Admins.Â However in someÂ organisations this is not acceptable. So what rights does it actually need?

KISS your MIIS installation

Posted on September 15, 2008August 20, 2022 by Carol

Maybe it’s because MIIS is a sort of infrastructure thing, so is given to a time-pressed system administrator to set up; or because it’s a sort of programming thing, so is given to a .NET developer with no clue about the connected directories; or because there’s a lack of good training; or no clear guidance…

Disable – Delete

Posted on September 10, 2008November 18, 2009 by Carol

A common requirement is that user accounts should go through a disabled stage of some length before being deleted. This makes excellent sense, particularly in AD with its fastidiousness concerning SIDs. In this post I outline a way to achieve this in AD using a datestamped attribute, export flow rules and provisioning code.

Troubleshooting missing group member errors

Posted on September 4, 2008April 5, 2009 by Carol

In some implementations, it makes sense (usually by improving performance) to separate your user and group provisioning into seperate MAs. One downside of this approach, however, is that you can run into export errors when trying to update a group with a member who doesn’t exist in the external directory – and this includes delete…

The ILM_Scheduler is now available for download

Posted on August 30, 2008April 5, 2009 by Carol

As promised, I am now making my ILM_Scheduler service source code available for download. In brief, the notion is to optimise ILM/MIIS scheduling through the use of a queue. You add jobs to the queue and they are executed, one at a time, and in order of priority. You can schedule a job by adding…

Hacking the import/export logs

Posted on August 25, 2008April 5, 2009 by Carol

Here’s a trick that is worth knowing – though I’m only recommending it for TEST ENVIRONMENTS – consider yourself warned. You may haveÂ noticed theÂ “test only”Â log file options on the import and export run profiles. Being able to stop the run at the log file is incredibly useful for testing what would have been exported, without…

The Dreaded Transaction Log

Posted on August 18, 2008April 5, 2009 by Carol

Why oh why does MIIS have such an insatiable appetite for transaction log space? I’m afraid I can’t answer this, but I can share a few tips.

My ILM_Scheduler service

Posted on July 26, 2008January 16, 2023 by Carol

I’m working on a great project at the moment – basically ILM is the provisioning engine sitting behind a self-registration system written in Sharepoint and built on SQL. This has finally given me the opportunity to re-write my simple ILM scheduler as a windows service!

SQL 2005 MA: Export and Delta Import

Posted on July 14, 2008January 16, 2023 by Carol

I use a lot of SQL MAs. While ILM/MIIS is great at syncing data between directories, it really isn’t that great at calculating and comparing. As much as possible I like to do the data manipulation in SQL, and then keep ILM to what it’s best at – joins and syncs. After exporting data to…

← Newer posts Older posts →