Changing SailPoint IdentityNow Identity Profiles Priorities using PowerShell

13th of March, 2019 / / No Comments 
Update: Oct 2019. IdentityNow Profiles Priorities can be easily managed using the SailPoint IdentityNow PowerShell Module.

In SailPoint IdentityNow a single user is highly likely to be represented on multiple Sources, that in turn are likely to be authoritative for differing SailPoint IdentityNow Identity Profiles. Often the first or last Identity Profile you create isn’t the one you wish to have the highest or lowest profile and you therefore need to change an Identity Profiles precedence so that the correct Identity Profile is associated with your identities.… [Keep reading] “Changing SailPoint IdentityNow Identity Profiles Priorities using PowerShell”

SailPoint IdentityNow Identity Profiles Mapping Report

12th of March, 2019 / / No Comments

Last year I wrote this post here that detailed using the SailPoint IdentityNow API to generate an IdentityNow Sources HTML Report using PowerShell.
In a similar vein here is a post that does a similar function, but for the IdentityNow Identity Profiles. The example script below will connect to IdentityNow and extract all the Identity Profiles and pull out the details for the Mappings and create an HTML Report with a section for each Identity Profile.… [Keep reading] “SailPoint IdentityNow Identity Profiles Mapping Report”

Darren’s PowerShell Snippets Volume 1

8th of March, 2019 / / No Comments

I live in PowerShell and my memory is pretty good. There are a number of common PowerShell commands and one-liners or functions that I use a lot and I can remember them. However, then there are the ones I use less regularly and I often find myself trying to recall the last time I used them in a script, in order to locate that script just to get those couple of lines. So I’m posting a bunch of them in this post, if for nothing else to help me find them quickly.… [Keep reading] “Darren’s PowerShell Snippets Volume 1”

Aggregating SailPoint IdentityNow Sources via API with PowerShell

6th of March, 2019 / / No Comments 
Update: Oct 2019. Aggregating Sources can be easily managed using the SailPoint IdentityNow PowerShell Module.

Aggregating an IdentityNow Source can be achieved in a number of ways, but when you are in a development environment there will be times where you need to add additional attributes for a Source to load. If the additional attribute(s) is/are used for Correlation, it’s at this time you will need to perform a full aggregation from a Source to re-evaluate each object with the new Correlation rules and to bring in the additional attributes for each identity on the Source.… [Keep reading] “Aggregating SailPoint IdentityNow Sources via API with PowerShell”

Creating SailPoint IdentityNow Access Profiles via API and PowerShell

5th of March, 2019 / / No Comments 
Update: Oct 2019. Access Profiles can be easily managed using the SailPoint IdentityNow PowerShell Module.

Managing SailPoint IdentityNow Access Profiles is easy enough to do using the SailPoint IdentityNow Portal. But what if you have the requirement to update, report on, or create numerous Access Profiles? That’s where the SailPoint IdentityNow API comes into play. The Access Profiles API is documented here but doesn’t go into a lot of detail. In this post I’ll detail interfacing with it using PowerShell primarily to create and update Access Profiles.… [Keep reading] “Creating SailPoint IdentityNow Access Profiles via API and PowerShell”

Searching and Returning SailPoint IdentityNow Entitlements using the API and PowerShell

4th of March, 2019 / / 1 Comment 
Update: Oct 2019. Entitlements can be easily searched using the SailPoint IdentityNow PowerShell Module.

Entitlements on IdentityNow Sources can be leveraged for many purposes within IdentityNow. Recently I’ve been looking to automate some Access Profiles that will in-turn have entitlements associated with them.

This post details how to query for Entitlements in IdentityNow using the v3 API and PowerShell.

Prerequisites

You will need to Authenticate to the IdentityNow API. The v3 authentication method is required.… [Keep reading] “Searching and Returning SailPoint IdentityNow Entitlements using the API and PowerShell”

Azure AD/Active Directory User Security Evaluation Reporter

28th of February, 2019 / / 1 Comment

During December 2018 – February 2019 Microsoft have run an online Microsoft Graph Security Hackathon on Devpost.

The criteria of the hackathon was;

  • Build or update a functioning Microsoft Graph-powered solution that leverages the Microsoft Graph Security API

Following the announcement of the Hackathon I was encouraged by Kloud management to enter. During the busy month of December I started to formulate a concept for entry in the Hackathon taking learnings from the hackathon I entered in 2018.… [Keep reading] “Azure AD/Active Directory User Security Evaluation Reporter”

Configuring the Lithnet REST API for the FIM/MIM Service post MIM Version 4.4.x.x

20th of February, 2019 / / No Comments

Last year I wrote this post on installing and configuring the Lithnet REST API for the FIM/MIM Service and integrating it with Azure API Management.

This week on a fresh installation of Microsoft Identity Manager with SP1 I was installing the Lithnet REST API for the FIM/MIM Service and was getting errors from the WCF Web Service finding the correct version of the Microsoft.ResourceManagement.dll.

Error finding Microsoft.ResourceManagement DLL.PNG

After a little troubleshooting and no progress I recalled Kent Nordström posting the following tweet last month.… [Keep reading] “Configuring the Lithnet REST API for the FIM/MIM Service post MIM Version 4.4.x.x”

Error: Failed to connect to the specified database when creating a Microsoft Identity Manager Service MA

19th of February, 2019 / / 2 Comments

Last week I was installing Microsoft Identity Manager into a development environment. The install was using Microsoft Identity Manager 2016 with SP1 and was version 4.5.285.0. The install had gone well, SQL, Synchronisation Server, MIM Service and Portal etc. I had even created a couple of Management Agents. However when it came time to create the Microsoft Identity Manager Service MA, the Synchronisation Server returned the error “Failed to connect to the specified database”.

Failed to connect to the specified database.PNG

Jumping over to the Event Log I found the error below.… [Keep reading] “Error: Failed to connect to the specified database when creating a Microsoft Identity Manager Service MA”

Error 25009 HResult 0x80131700 when installing Microsoft Identity Manager

10th of February, 2019 / / No Comments

This week I was installing Microsoft Identity Manager in a new environment and wasn’t using my usual scripts that semi automate the process. During the installation of the Microsoft Identity Manager Synchronization Service I got the Error 25009 HResult 0x80131700 as shown below.

As mentioned above I normally do this semi-automated but this time I was updating a bunch of that so was starting with a fresh install on a Windows Server 2016 host.

Note: Windows Server 2019 isn’t an officially supported platform currently.… [Keep reading] “Error 25009 HResult 0x80131700 when installing Microsoft Identity Manager”