Blog roll

  • RSS David’s blog

    • Top 10 Lessons from Disasters in Identity Management March 30, 2018
      I will speak at Kuppinger Cole's European Identity Conference on Top 10 Lessons from Disasters in Identity Management in May in Munich.With great automation capability comes great responsibility! Come discuss and learn vital lessons gleaned from disasters in Identity Management.So if you would like your disaster story to be considered for inclusion let me know. I would love to […]
    • Identiverse, Cloud Identity Summit March 30, 2018
      Last summer I attended and spoke at the Cloud Identity Summit in Chicago. First big news: it was renamed to Identiverse and 2018 will be in Boston. As a consultant I have limited time to attend conferences and speak. So conferences have to be great. I do love this one, but in the interest of […]
    • To Farm or not to Farm Part 2 March 30, 2018
      In the original To Farm or Not to Farm post I discussed the pros and cons of setting up FIM on a SharePoint farm or using Stand Alone. Well we now have SharePoint 2016 and it isn't possible to install Stand Alone, although you can do a single server farm. Also, absolutely everything is virtualized […]
    • SQL Server Management Studio SQL 2016 March 29, 2018
      So I went to install SQL 2016 on a server (been using it for a while, I get vm's on CloudShare where SQL is preinstallled, so first time installing it for myself) -- no problem. Hey, where is SQL Management Studio (SSMS)? Well it isn't include in the 2.6  GB SQL Server ISO. You have […]
    • SharePoint Foundations 2013 -- Identity Extensions Installation error March 29, 2018
      As you install SharePoint 2013 Foundations pre-reqs if you encounter "Microsoft Identity Extensions Installation error"and then when you install it manually you might encounter"Installation of Microsoft Identity Extensions requires Windows Identity Foundation v1.0 to be installed"Then when you go to install WIF through the Server Manager you realize that it is WIF 3.5 rather than WIF […]
    • Finding my groove, again March 29, 2018
      In 2017 and the beginning of 2018 I have had some rough times. The Long and the Short of it is that late last year my mother passed away in the hospital. Then early this year, my father died, probably of a broken heart.Thanks to many friends from church, our neighborhood, professionally, other Microsoft MVP's, […]
    • SharePoint Foundation 2013 IIS Configuration Error March 29, 2018
      SharePoint is a great product but I wish that FIM and MIM did not use it. In my opinion, it adds unnecessary infrastructure and really complicates the setup, because SharePoint must be installed and configured (and maintained). Leaving that aside, allow me to point out some gotchas that might impede your ability to install this […]
    • Speaking at SQL Saturday Tomorrow March 16, 2018
      As most of you know I am regarded as one of the SQL gurus among the Microsoft Identity Management Gurus. For years, in my book and in speaking I have been recommending Ola Hallengren's SQL Maintenance Solution to help take care of your ILM/FIM/MIM databases. But the SQL Maintenance Plan Wizard has come a long way. […]
    • Kerberos, FIDO, what's next? March 6, 2018
      In the 1980's Steve Miller and Clifford Neuman published a new security protocol, called Kerberos, after the mythical three headed dog that guards the gates of Hades.In 2014 the alliance published the FIDO standard. This exciting standard is enabling a passwordless world (yet to come). For example you can use a small USB device with […]
    • Open Source: Review of MIMTools April 1, 2017
      JefTek created a niche hybrid tool that tackles a few pieces of the sync and service puzzle in a way that none of the others do.One noteable one for sync:Get and Export MIM Deltas to CSV (based on a drop file either stop and drop or the audit log dropped during the exportIt is great […]
  • RSS Joe’s blog

    • CodePlex says "Bye Felicia" April 4, 2017
      If you've visited CodePlex recently, you may have noticed a message at the top that reads:CodePlex is shutting down. Read about the shutdown plan, including archive and migration information, on Brian Harry's blog.Here's a summary of the timeline, according to the link above: March 31, 2017 Announcement of shutdown and disabled ability to create new CodePlex projects. […]
    • Function evaluator custom expression escape double quote January 4, 2017
      Curiously, there's no need to escape double quotes inside custom expressions!ReplaceString(    [//WorkflowData/XMLEncoded],    """,    """)
    • Unable To Create New WorkflowInstance For WorkflowDefinition August 30, 2016
      I discovered another variant that causes the titular error message.  I was copying the FIM policy config from one data source to another, and that meant making copies of a couple activities within the same workflow.  After some troubleshooting and head-scratching, I realized that FIM was choking on the duplicate activity names (see highlights below). […]
    • FIM Powershell Module: Remove/unset/clear a single-valued reference attribute June 13, 2016
      In the latest version of the FIM Powershell Module (2016-05-18), in order to remove/unset/clear a single-valued reference attribute, you're supposed to do this:New-FimImportChange -Operation 'Replace' -AttributeName "Manager"Note that you just don't supply the -AttributeValue paramter.  However, in my script, I don't want to perform the extra step of checking whether my value is present; so I'd like to do this:New-FimImportChange -Operation 'Replace' -AttributeName "Manager" -AttributeValue "$newManager"In order […]
    • MIM metaverse SQL query - manager contributing MA March 23, 2016
      This is a sequel (no pun intended) to my old post, FIM metaverse SQL query - employeeID contributing MA.  Since 'manager' is a reference attribute, you need a slightly different query than for scalar attributes.set transaction isolation level read uncommittedSELECT TOP 1000       mv.object_type       ,mv.accountName       ,mv.domain       ,l.attribute_name       ,ma_mgr.ma_name as [manager MA]FROM [FIMSynchronizationService].[dbo].[mms_mv_link] ljoin [FIMSynchronizationService].dbo.mms_metaverse mvon l.object_id = mv.object_idleft join [FIMSynchronizationService].[dbo].[mms_lineage_cross_reference] cr_mgron cr_mgr.lineage_id = l.lineage_idleft join [FIMSynchronizationService].[dbo].[mms_management_agent] ma_mgron ma_mgr.ma_id = cr_mgr.ma_idwhere object_type = 'person'and l.attribute_name = 'manager'