locked
Email Notification in case of error occured in the synchronization process RRS feed

  • Question

  • Hi,

    Could any one please let me know is there any option to trigger an email notification in case of any issue/error occured in the synchronization of user information from FIM to AD and sql to FIM.

    Thanks

    Harry

    Monday, May 14, 2012 7:46 AM

Answers

  • Hi Harry,

    If a run profile terminates with an error, the event is logged to the event log. If you are using SCOM, you could configure it to raise an alert on those occasions.

    Otherwise, if you are running the synchronization profiles with a script, you could just check the return code, and send a mail with your script. Powershell example:

    $ma = get-wmiobject -class MIIS_ManagementAgent -namespace root\MicrosoftIdentityIntegrationServer -filter "name='AD'"
    $res = $agent.Execute("Export")
    if ($res.ReturnValue -ne "success") {
        Send-MailMessage -SmtpServer "your.smtp.server" -To "harry@something.com" `
            -Subject "Profile 'Export' of Management AD terminated with code $($res)" `
            -Body "Lorem ipsum..."
    }

    Cheers,

    Paolo


    Paolo Tedesco - http://cern.ch/idm

    Monday, May 14, 2012 9:41 AM

All replies

  • Hi Harry,

    If a run profile terminates with an error, the event is logged to the event log. If you are using SCOM, you could configure it to raise an alert on those occasions.

    Otherwise, if you are running the synchronization profiles with a script, you could just check the return code, and send a mail with your script. Powershell example:

    $ma = get-wmiobject -class MIIS_ManagementAgent -namespace root\MicrosoftIdentityIntegrationServer -filter "name='AD'"
    $res = $agent.Execute("Export")
    if ($res.ReturnValue -ne "success") {
        Send-MailMessage -SmtpServer "your.smtp.server" -To "harry@something.com" `
            -Subject "Profile 'Export' of Management AD terminated with code $($res)" `
            -Body "Lorem ipsum..."
    }

    Cheers,

    Paolo


    Paolo Tedesco - http://cern.ch/idm

    Monday, May 14, 2012 9:41 AM
  • The only problem with the above is that it won't give you the details of the specific account which has failed.  It only takes 1 failure/warning in a run profile execution (batch) to cause a return status other than "success", whereby the batch as a whole does not fail, only individual CS object flows.  Consequently the above may be of limited value ... and you may want to investigate more detailed options.  I find that the best results are achieved querying the FIM Sync SQL database (although this is not considered "best practice", there are ways to write queries which do not cause locking, which is the main reason why this is not encouraged).  This approach means you can use something like SQL Reporting Services to generate more specific email notifications.  There are many ways to approach this, and the above is definitely the simplest.

    Bob Bradley (FIMBob @ http://thefimteam.com/) ... now using Event Broker 3.0 @ http://www.fimeventbroker.com/ for just-in-time delivery of FIM 2010 policy via the sync engine

    Monday, May 14, 2012 3:52 PM