Sign in
 
HomeLibraryWikiLearnGalleryDownloadsSupportForumsBlogs
Resources for IT Professionals >
Help trying to get FIM 2010 DL management to work

Discussion Help trying to get FIM 2010 DL management to work

  • Wednesday, February 29, 2012 2:36 PM
     
     
    Sign In to Vote
    0

    Hello,

    I am trying to get a basic demo of FIM doing Exchange self service DL management working and it's just not playing.

    I have built the servers as per the FIM instructions below, I have the FIM portal all working and can go in and now create a DL, but whilst it does say the DL has been completed groups are not getting created in AD, nor being stamped by Exchange (FIM has E2010 tools installed)

    I have the FIMMA and the ADMA in and the only error I am getting going through the sync is during the FIMMA export where I get this below:

    Is it this process when you export from FIM it then goes to create the group in AD and then then mail-enabled the object in Exchange?

    IS

    http://technet.microsoft.com/en-us/library/ee534915(v=ws.10).aspx

     

All Replies

  • Wednesday, February 29, 2012 4:39 PM
     
     
    Sign In to Vote
    0

    Confirm you have the Sync Rule, the group object has the ERE and the Enable Provision from Sync is enabled in Tools, Options. 

    Your screen shot was of a Export to the FIM MA.  A view of a Sync from the FIM MA would be better.  Also, an export on the AD MA. 

    Eric

    Eric

     
  • Thursday, March 01, 2012 10:36 AM
     
     
    Sign In to Vote
    0

    Hi Eric,

    Thanks,

    I only have inbound sync rule from AD in FIM Portal, there's nothing in the instructions about creating an export to AD? Here are some more screenshots though, but I do have the Enable Provision Sync in Tools/Options.

     
  • Thursday, March 01, 2012 11:01 AM
     
     
    Sign In to Vote
    0

    Can someone confirm that the instructions here: http://technet.microsoft.com/en-us/library/ee534915(v=ws.10).aspx are sufficient to set-up a self service DL management demo?

    It appears to be missing these export steps back to AD?

     
  • Thursday, March 01, 2012 11:21 AM
     
     
    Sign In to Vote
    0

    Hello,

    You don't seem to have any exports to ADDS in your run profiles, as you noticed yourself.

    Please follow the instructions found here to find out how to provision and synchronize the information back to ADDS http://technet.microsoft.com/en-us/library/ff686261(v=ws.10).aspx .


    • Edited by Mikko Hellstén Thursday, March 01, 2012 11:22 AM correct link
    •  
     
  • Thursday, March 01, 2012 11:27 AM
     
     
    Sign In to Vote
    0

    Thanks, I'm really surprised that this is not in the actual Technet article on how to do this.

    That link appears to be just for security groups, are there additional steps specifically relating to Distribution Lists?

    • Edited by SixFooter Thursday, March 01, 2012 11:29 AM
    •  
     
  • Thursday, March 01, 2012 1:26 PM
    Owner
     
     
    Sign In to Vote
    0

    A security group is a "distribution list + SID".
    There are no steps that are distribution list specific.

    Cheers,
    Markus

    Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation

     
  • Thursday, March 01, 2012 1:32 PM
    Owner
     
     
    Sign In to Vote
    0

    Regarding your error, have you looked at this article yet?

    Cheers,
    Markus

    Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation

     
  • Thursday, March 01, 2012 3:19 PM
     
     
    Sign In to Vote
    0
    Thanks Markus. I was thinking there needs to be a step/config that tells FIM to run the Exchange tools to mail-enable the group? Which accounts need which permissions etc..
     
  • Thursday, March 01, 2012 3:20 PM
     
     
    Sign In to Vote
    0
    No, thanks! Will look now.
     
  • Monday, March 05, 2012 10:11 AM
     
     
    Sign In to Vote
    0

    Right, following the above article I can now get FIM provisioning DL's to AD/Exchange. You do need to add the mailnickname as an additional attribute otherwise the update-recipient command wont work, but at least we're almost there.

    I now have 2 new issues:

    1.) FIM isn't adding anyone to the DL. Do I need to have inbound sync rule for FIM to be able to do this?

    2.) I get the following error when attempting to modify/delete the objects? failed-creation-via-web-services/MembershipLocked/An attribute is required to complete the operation.<


    • Edited by SixFooter Monday, March 05, 2012 5:39 PM cleaned up
    •  
     
  • Tuesday, March 06, 2012 11:56 AM
     
     
    Sign In to Vote
    0

    FIM is driving me nuts!

    Why can't there be a simple how to guide to get self service DL's working, you have to piece together 3 or 4 articles, all with some form typo or error with the end result that nothing works :(

    For something that is such a big selling point for FIM, a simple step by step procedure would surely be warranted? Has anybody seen one, I'd even buy it!

    This article purports to be a design and deployment guide, but really..honestly isn't: http://technet.microsoft.com/en-us/library/ff645313(WS.10).aspx