locked
FIM2010 Management page: Service not available RRS feed

  • Question

  • I've setup a test site to see if FIM2010 will suit our needs.  Sharepoint 2007 in standalone, server 2008 R2 enterprise.

    The "/IdentityManagement" page works for me (the installer) but all of my domain admins get an error when accessing the page "Service not available".  I've given 'domain admins' full access to the site.

    Any Ideas?

    Thanks in advance

    Monday, April 26, 2010 3:38 PM

Answers

  • FIM keeps track of its own permission system.

    u need to flow in all the other users' to FIM (displayname, domain, accountname and objectSid are required)

    Monday, April 26, 2010 4:57 PM

All replies

  • FIM keeps track of its own permission system.

    u need to flow in all the other users' to FIM (displayname, domain, accountname and objectSid are required)

    Monday, April 26, 2010 4:57 PM
  • Hi,

    I have the same problem. Unfortunately I don't understand your answer nTony Ho, how do we do that?

    Thanks

    Kieran

     

    Friday, May 21, 2010 11:35 AM
  • which part do u not understand?

     

    >>FIM keeps track of its own permission system.

    FIM uses Management Policy Rule to manage its own permission

    >>u need to flow in all the other users' to FIM (displayname, domain, accountname and objectSid are required)

    as admin, go to the portal, search for the user that can't access the portal. check if the user has displayname, domain, accountname and objectSi

    Friday, May 21, 2010 2:42 PM
  • We had a similar issue.

    I found this article quite useful => http://blog.studiographic.nl/?p=322

    For us it was a root problem with Kerberos and misconfiguration of SPN's, also you like nTony Ho said, you have to make sure your users are provisioned to the FIM portal.

    Friday, May 21, 2010 7:29 PM
  • Check my article: http://thuansoldier.net/?p=2445

    Thuan Soldier
    SharePoint Vietnam | Blog | Twitter

    Wednesday, August 29, 2012 12:53 PM
  • Thuan: your blog post should really incorporate the main reason for "Service is not available" errors from the FIM Portal, which is SPN misconfiguration / Kerberos authn / Kerberos delegation failure, either between the web client and the FIM Portal, or between the FIM Portal and FIM Service.  Also, people should know to check the "Forefront Identity Manager Service" Event Log category, rather than going on a wild goose chase with account lockout policy, which would yield an entirely different error (i.e., inability to authenticate with the FIM Portal whatsoever).
    Wednesday, August 29, 2012 3:56 PM