Wednesday, April 04, 2012 8:12 PM
This isn't so much a question as it is a note that the "Refresh Schema" action in Rollup 2 makes encrypted ConfigParameters unavailable. You can see that they are encrypted, access and decrypt the SecureValue property, etc., but the length of the decrypted string is 0. I suspect that, in keeping with the "Refresh Schema" action of all the other management agents, there ought to be a dialog to re-enter credentials as part of the refresh action.
As a workaround I've built my ECMA2 MA to read from a protected section of the registry when necessary (and I suppose DPAPI would work also), although this tends to increase the overhead for keeping a warm standby server ready / doesn't use the regular FIM encryption keys.
That said, I'm pleased to see the "Refresh Schema" button implemented and otherwise working in Rollup 2 compared to 2010R2 RC.
And one note for developers: The .IsEncrypted and .SecureValue properties are new with Rollup 2, but are not present or supported in R2 RC. I ended up using a little reflection to make a DLL that works on both versions of FIM.
Wednesday, May 16, 2012 2:39 PM
There was an update to the FIM Release Candidate on Connect that has it. Functionally, it is suppsed to be the same as Update 2.
My project was using an older copy of the DLL that had the same version number. Once I copied the newer DLL from the GAC and updated the reference in my project, it appeared.
Monday, May 21, 2012 9:04 PM
Are you guys currently doing an AD Extensible Connectivity 2.0 MA by chance? I have an issue where I use the below line in my project,
password = configParameters["Password"].Value;
I don't know how to pass the value to the DirectroyEntry method without the event viewer complaining that
"System.InvalidOperationException: Encrypted parameter should be retrieved using the SecureValue property."
Sunday, July 15, 2012 9:43 AM
When you use the encrypted parameter, you must decrypt it like this.using System.Security;
private string Decrypt(SecureString inStr)
IntPtr ptr = Marshal.SecureStringToBSTR(inStr);
string decrString = Marshal.PtrToStringUni(ptr);
param = Decrypt(configParameters["encrypted param name"].SecureValue);
Naohiro Fujie MVP for Forefront Identity Manager ( Jan 2010 - Dec 2012 )
Monday, July 16, 2012 2:54 PMThanks for the reply!!!!!