FIM2010 Troubleshooting: Stopped extension dll load

Intro

When uploading a new extension to an existing deployment and trying to sync, the error "Stopped-extension-dll-load" was occurring. The deployment was already using rules extensions, so I did not expect any issues with .Net. After some basic troubleshooting steps, checking the .Net build version of the extensions, restarting services, checking the event viewer I found a hint to the solution.

MIM 2016: RCDC Management with PowerShell

Introduction

Editing the xml configuration of an RCDC can be time consuming if you have a lot of custom objects and or attributes in the portal schema. This article describes a way to automate this task completely. It also provides a start in implementing this approach in powershell using the System.Xml.Linq library.

MIM2016 Troubleshooting: MIM Portal Performance Issue

Issue

After experiencing a decrease in MIM portal responsiveness after installation, I checked the server resources to see following memory consumption:

FIM2010: Selective Import Attribute Flow

Intro

Although FIM allows you to filter objects on import in the connector configuration, it does not allow you to filter attribute values for a certain population. An example use case could be: "Import all mobile numbers from HR, but not the mobile numbers for person X, Y and Z". Reason for this could be that the X, Y and Z's numbers should not occur in the global address list or some other system where they can be viewed by others.

This problem can be solved by manipulating the import attribute flow. Simply block the value of the mobile number for these people to flow to the metaverse. To complete this solution, make sure "allow null on export" is enabled on all export attribute flows for mobile. Also, if it is possible for people to update their mobile number in data sources other than HR, make sure there is an import attribute flow from these sources to prevent data loss. Alternatively, it can be solved by manipulating all export attribute flows for mobile numbers. Because this would have an impact on possible future export attribute flows for mobile, the import approach seems the way to go.

FIM2010: Outbound System Scoping Filter Syntax

Intro

FIM 2010 R2 was the first version that brings outbound system scoping filters into the synchronization rule. I decided to use this feature during a migration from FIM 2010 to eliminate some worfklows, sets and policy rules. This would reduce complexity and make the synchronization configuration more comprehensible. Instead of searching for the workflow that adds the sync rule, the MPR that triggers the workflow and then going to the set definition of the target population of the MPR, you can just examine the outbound scoping filter of the sync rule itself.

FIM2010: Localize Self Service Password Reset

Intro

If you ever had the pleasure of installing one or multiple language packs in FIM, you know that not everything is covered. The question and answer gate is a good example and is very visible to the end user. This blog post discusses how you can localize such a configuration and shows how it is possible to automate this task using powershell.

FIM2010: Writing Advanced Attribute Flows

Intro

Once in a while you will come across very complex business requirements while implementing FIM in a large environment. These requirements often require a classic architecture (with VB or C# extensions), but can create very messy code that is hard to maintain. This article does not start another discussion on whether or not you should (try to) use 100% declarative (codeless) or a classic architecture when implementing such large scenarios. A good article on this topic: codeless architecture and when you are not able to use declarative configuration. Instead, this article will focus on how you should implement a proper classic architecture, in a way that is performant, readable, agile and easy to maintain.