FIM 2010 R2 - Access denied issue RRS feed


  • If the error message is not masking another problem (which is possible), then my first thought was ObjectSID was probably missing for your user in the FIM Service.  As Soren Granfeldt and Jorge de Almeida Pinto explain in various several posts on this forum about your the requestor’s identity was not found exception:

    Make sure that the account that you're trying to access the FIM Portal/Service exists in the portal/service with has at least the following attributes:

    1. AccountName
    2. DomainName
    3. ObjectSID

    and preferrably also DisplayName. If not, you're unable to access the portal. Be default only the account used to install FIM Service has access permissions to the portal/service.

    If this is your problem then you need to look at your FIM Sync configuration between AD and FIM to make sure that sync and precedence rules are such that the above attributes are allowed to be imported from AD.  Follow the tips from Jorge and Markus on this page to test this theory.

    Incidentally, please advise which of the various FIM server topology/configuration options you have used if further assistance is required.

    Bob Bradley (FIMBob @ ... now using Event Broker 3.0 for just-in-time delivery of FIM 2010 policy via the sync engine, and continuous compliance for FIM

    Sunday, August 18, 2013 11:35 PM