SharePoint – Connecting MIM to SharePoint over HTTPS
Consider the following scenario: You set up Microsoft Identity Manager (MIM) 2016. You install the SharePoint Connector software and create a SharePoint Management Agent (MA). On the “Connectivity” page of the SharePoint MA, you attempt to create a connection to a SharePoint 2016 or 2019 farm using an HTTPS (SSL / TLS) address. The connection
SharePoint: Capture MIM traffic with Fiddler
Microsoft Identity manager (MIM) communicates with SharePoint via a web service, specifically, the “ProfileImportExportService” web service, located at http://YourCentralAdminSite/_vti_bin/ProfileImportExportService.asmx When there are problems with the synchronization, you should always look at what the MIM client (miisclient.exe) and the SharePoint ULS logs are saying, but sometimes there is a need to dig a little deeper
SharePoint: The complete guide to user profile cleanup – Part 5 – 2019
As far as I know, nothing much has changed regarding profile cleanup in SharePoint 2019 as compared to SharePoint 2016. See that post: SharePoint: The complete guide to user profile cleanup – Part 4 – 2016 This is part 5 in a series. You can find other parts here: SharePoint: The
SharePoint: Troubleshooting guide for importing groups and managers with MIM
Update 5/21/20: Added some PowerShell and SQL queries to help determine the state of managers and group memberships. Update 9/16/19: Updated some PowerShell and wording to also apply to SharePoint 2019. I’ve had a few posts in the past explaining various problems with importing Active Directory (AD) groups and managers. However, this post is designed
SharePoint: Profile Sync with MIM – Managers and Group memberships are not updated
Update 9/16/19: It has come to my attention that at the time of this update (9/16/19), we have a similar problem with SharePoint 2019 as we did in early SP 2016 builds. To get the timer job to process the staged manager and group membership entries, you will likely need to set the “NoILMUsed” flag
SharePoint: Cross-forest group memberships not reflected by Profile Import
Consider the following scenario: You have an Active Directory Forest trust between your local forest and a remote forest. You create a “domain local” type security group in Active Directory and add users from both the local forest and the remote trusted forest as members. You configure SharePoint Profile Synchronization to use Active Directory Import
SharePoint: FIM / MIM fails on Import with stopped-extension-dll-exception or read-error
Consider the following scenario: You have one of the following User Profile Synchronization configurations for SharePoint: SharePoint 2010, which utilizes Forefront Identity Manager (FIM) for User Profile Synchronization. SharePoint 2013, using the “Use SharePoint Profile Synchronization” option, which also uses FIM. SharePoint 2016 or 2019, using the “Enable External Identity Manager” option, which (typically)