MIM LAB7: Testing Run profiles and populating data

This post is part of a series. The chapter index is located here.

In this post we will create run profiles and initialize the MAs.

Enable provisioning

In the Synchronization Service Manager, click Tools, Options to open the Options dialog. Then check Enable Synchronization Rule Provisioning to allow provisioning to take place.

image

About Run Profile step types

  • Delta import stage only (only imports changes): imports changes from the data source directory into the connector space. Not all Mas support delta imports
  • Full import stage only: imports information from the source into the connector space.
  • Delta synchronization: syncs changes in the connector space with the metaverse and vice versa.
  • Full synchronization: syncs everything in the connector space with everything the metaverse. Use this when you change the logic.
  • Export: used to send data from the connector space to the underlying data source directory. It is always delta, there is no full export.

MIM Service MA initialization

To initialize the MA we have to run the first sync manually. In a later chapter we will create a scheduled task to execute the run profiles automatically, but for now we will run them manually.

To execute them manually, launch the Synchronization Service Manager, go to management agents, right-click the MA and select Run.

image

Start a Full Import. Then, open the Operations tab to check the result. I got 3 Adds. You can drill down to see which objects where imported to the connector space. The important object is the Portal sync rule we created in LAB6.

image

 

Continue with a Full Sync, then Export and Delta import to do a full run.

 

AD MIM.local MA Initialization

Run a full import on the AD MIM.local MA. This will import existing objects from AD to the connector space.You should see the OU structure as imported objects if you drill down:

image

To synchronize the data with the Metaverse, run a full sync.

Import flow precedence

When you have multiple MAs flowing the same attribute to the Metaverse, you have to make a decision as to which one should take precedence when the attribute is populated in more than one connector space. You configure this in the Metaverse Designer.

  • Open the Metaverse Designer.
  • Select the person object type
  • Sort the attribute list on import flow, decending
  • We are looking for the attributes with 2 or more flows.

 

image

 

  • Select one of them, and click “Configure Attribute Flow Precedence”.
  • Configure the precedence according to your design or preference.

 

image

 

Automate Run Profile execution

It is a lot of hassle to run all the profiles manually each time we want to test something in the lab. At the same time, we want some sort of manual control. To achieve this, we create a .cmd file and a vbs script. First, the vbs script:

 

Fore each run profile on each MA, script the execution. You do this from the Run Profile configuration:

 

SNAGHTML1e72f4aa

 

Open the first one and delete everything above Set service.

image

Open the second file and extract the MASet section:

image

Insert this section at the end of the first file. Repeat for the AD MA until you have the following profiles in order:

  • MIM Portal Service Full import
  • MIM Portal Service Full Sync
  • MIM Portal Service Export
  • MIM Portal Service Delta Import
  • AD MIM.local Full Import
  • AD MIM.local AD MIM.local
  • AD MIM.local Export
  • AD MIM.local Delta Import

You may add some comments to clarify which section triggers which run profile.

image

 

Then comes the CMD file. It is a simple batch file that runs the script we created previously every x seconds. The default is 60, but you can change this at will.

 

 

 

@ECHO off

: Start
 
ECHO Running MIM Sync at %Date% %Time% 
ECHO. 
cscript //nologo c:\Scripts\Run-Profiles_Full-sync-cycle.vbs
ECHO.
ECHO Current time %Date% %Time%
ECHO Sleeping...
ECHO.
timeout /t 60
goto Start

 

The result should look something like this:

image

 

If you get impatient you can just press a key. You can also remove the timer and make it wait for a keypress. Just replace the timeout command with pause.

Unable to login to the portal?

If you experience trouble logging in to the MIM Portal after the first sync run, look at this post: https://lokna.no/?p=2285 .

The end of MIM LAB 7

This post is part of a series, and the chapter index is located here. This post is the last in the series. We now have a functional MIM 2016 LAB running on Windows Server 2016 and using SQL Server 2016. There will probably be additional MIM 2016 instructional posts made in the future based on this LAB (I made it to use it), but the series has already grown lengthy enough. I have ran most of the series through a secondary run to verify my findings, and updates to the chapters may occur still if additional errors or muddy instructions are found.

Last edit: Friday, September 8, 2017

Author: DizzyBadger

SQL Server DBA, Cluster expert, Principal Analyst

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.