Tag Archives: Provisioning

Implementing Exchange Online with an existing on-premises identity management solution that provisions mailboxes

I’m going to start this post with a bold statement.  Implementing Exchange Hybrid in an enterprise environment that has an existing on-premises identity management (IdM) capability that provisions on-premises mailboxes is not easy.  Especially when that on-premises IdM solution is … Continue reading

Posted in FIM, FIM 2010 R2, Office 365 | Tagged , , , , , , , | 6 Comments

Delegating the minimum set of permissions for mailbox-enabled user and linked mailbox provisioning

In my previous post I described the minimum set of permissions required by the ADMA account to provision an AD DS user object.  In this post I’d like to expand on that and provide the minimum set of permissions required … Continue reading

Posted in Active Directory, FIM, FIM 2010, FIM 2010 R2 | Tagged , , , , , , , , , , , , , , , , , , , | 3 Comments

Delegating the minimum set of permissions for user provisioning

The purpose of this post is to provide information on the permissions required by the user account that the Active Directory Domain Services (AD DS) Management Agent (MA) or ADMA uses when it interfaces with an AD domain.  I’ve seen … Continue reading

Posted in Active Directory, FIM, FIM 2010, FIM 2010 R2 | Tagged , , , , , , , , , , , , , , , | 5 Comments

Exchange recipient administration overkill in ILM and FIM

You’ve probably all thought about this but might not have done anything about it.  That was true for me for three years too and then I finally had a customer goal that made me look into it properly (if a … Continue reading

Posted in FIM, FIM 2010, FIM 2010 R2 | Tagged , , , , , , , , , , | 4 Comments

Synchronization Service Manager: A directory service error has occurred. (Exception from HRESULT: 0x80072095)

When attempting to create an Active Directory Domain Services (AD DS) Management Agent (ADMA) in Forefront Identity Manager 2010 (FIM) you receive the following error when you click Finish. Repeated in textual format: Synchronization Service Manager A directory service error … Continue reading

Posted in FIM, FIM 2010, Troubleshooting | Tagged , , , , , , , , | 1 Comment

exported-change-not-reimported error when provisioning a linked mailbox

When provisioning a linked-mailbox using Forefront Identity Manager (FIM) 2010, Identity Lifecycle Manager (ILM) 2007 or Identity Integration Server (MIIS) 2003 the Active Directory Management Agent (ADMA) throws an exported-change-not-reimported error for each new mailbox-enabled user. Upon closer inspection you … Continue reading

Posted in Active Directory, FIM, FIM 2010 | Tagged , , , , , , , , , , , , , , , | 2 Comments

Synchronization Rule Workflow Parameters

You might have noticed that there’s a tab called Workflow Parameters (fig. 1) available during the creation or modification of an Outbound Synchronization Rule (OSR) or a bi-directional Synchronization Rule (SR).  You might also have wondered what this is and … Continue reading

Posted in FIM | Tagged , , , , , , , , | 9 Comments