microsoft / mimconfigdocumenter Goto Github PK

We have a setup with 14 separate import sync rules for Active Directory, all importing users with the same attribute flows (mostly), separated on OU filtering.

In the report, all the fields that are common between the 14 import sync rules appears 14 times PER rule, so I get 196 listings of AccountName, Email and so on.

Title is imported in 13 of the rules, and gives me 169 listings.. and so on and so on 👎

The sync rules have inbound system scoping filter on DN.

connectedSystemScope,"dnENDSWITHOU=Users,OU=_DK,DC=testlab,DC=local",FIM Service,string,16.11.2015 12:34:22

Here I have a duplicate export attribute flow one in a sync rule and one direct. But I have them in both environments and yet they both show up as different. So the sync rule flow from dev got compared to the direct flow in prod and the direct flow from dev got compared to the sync rule flow from prod

Data Source Attribute From Metaverse Attribute Mapping Type Allow Null Initial Flow Only
mailNickname ← type mailNickname </crossed out>mailNickname Sync Rule - Expression</crossed out> Direct

mailNickname ← mailNicknametype</crossed out>
mailNickname Direct Sync Rule - Expression</crossed out> Yes
MIM Document Tool_error.docx

From the error log:

MIMConfigDocumenterLog Warning: 30000 : MIMConfigDocumenter (1.17.0606.0): 06/08/2017 09:36:33.6754: Connector SubType: 'PowerShell'. ECMA2 Connector of subtype 'PowerShell' is currently not supported. The connector 'Powershell - Office 365' with be treated as a generic ECMA2 connector.
MIMConfigDocumenterLog Error: 40000 : MIMConfigDocumenter (1.17.0606.0): 06/08/2017 09:37:02.8896: Exception in 'MIMServicePolicyDocumenter : GetReport'. Details: System.Xml.XmlException: 'SuppressException' is an unexpected token. Expecting white space. Line 3, position 114.

at System.Xml.XmlTextReaderImpl.Throw(Exception e)
at System.Xml.XmlTextReaderImpl.Throw(String res, String arg)
at System.Xml.XmlTextReaderImpl.ThrowExpectingWhitespace(Int32 pos)
at System.Xml.XmlTextReaderImpl.ParseAttributes()
at System.Xml.XmlTextReaderImpl.ParseElement()
at System.Xml.XmlTextReaderImpl.ParseElementContent()
at System.Xml.XmlTextReaderImpl.Read()
at System.Xml.Linq.XContainer.ReadContentFrom(XmlReader r)
at System.Xml.Linq.XContainer.ReadContentFrom(XmlReader r, LoadOptions o)
at System.Xml.Linq.XElement.ReadElementFrom(XmlReader r, LoadOptions o)
at System.Xml.Linq.XElement.Load(XmlReader reader, LoadOptions options)
at System.Xml.Linq.XElement.Parse(String text, LoadOptions options)
at MIMConfigDocumenter.MIMServicePolicyDocumenter.FillWorkflowsSummaryDiffgramDataSet()
at MIMConfigDocumenter.MIMServicePolicyDocumenter.ProcessWorkflowsSummary()
at MIMConfigDocumenter.MIMServicePolicyDocumenter.GetReport().

Happens with the portal config. Sync engine config alone works fine. We've tried the scripts for several customers, same result. All use Soren Granfeldt's Powershell Management Agent. Not sure if that is related tho.

Hello,
MIMConfigDocumenter package doesn't include base XML for MIM 2010 R2 latest versions (4.5.286 or 4.6.421).
I have tried different base file but it provide me some error. what is the one I must use or should you provide an higher version?
Regards

I see flows on outbound sync rules with initial flow only and not allowing nulls instead showing up as allow nulls and not initial flow only
MIM Document Tool_error.docx

Synchronization Filter objects are not enumerated/included in report

The report says that I have no MV Object deletion rules configured when I have 7 setup for declared-any and 1 for declared-last

When comparing in SyncOnly mode between two MIM environments the "Metaverse Object Deletion Rules" section does not any Management Agents when Deletion Rule Type = "Delete the metaverse object when the last connector is disconnected. Ignore from the following list of management agents"

In my case there are two Management Agents Configured in the Pilot Config and one in the Production Config.

MIMConfigDocumenter version: v1.18.0921.0
Pilot MIM Version: 4.6.34
Production MIM Version: 4.6.34

Ps. Other object types are configured as "declared-last". Management agents are correctly listed there.

Attribute flows are shown on each attribute flow that have a mapping to that same specific mv-object-type attribute:

So for instance I have 3 cs-objecttypes in my MA that flows to mv-object-type account:

1. normalaccount
2. adminaccount
3. serviceaccount

There are 5 attribute flows configured:

1. normalaccount (cs-object-type) - dn (attribute) --> account (mv-object-type) - dn (attribute)
2. adminaccount (cs-object-type) - dn (attribute) --> account (mv-object-type) - dn (attribute)
3. serviceaccount (cs-object-type) - dn (attribute) --> account (mv-object-type) - dn (attribute)
4. normalaccount (cs-object-type) - mail (attribute) --> account (mv-object-type) - mail (attribute)
5. adminaccount (cs-object-type) - adminmail (attribute) --> account (mv-object-type) - mail (attribute)

The effect is that attribute flows 1 - 3 are documented as they were configured for each cs-object-type - mv-object-type mapping, but with a different precedence.
Attribute flows that are configured with different source attributes are also shown on each cs-object-type --> mv-object-type attribute flow that have a flow to the same mv-object-type.

When a flow exists for that cs-object-type it seems to gather all flows from all cs-object-types that are linked to the same mv-object-type and includes those in the list. It does not check if this specific flow is linked to that cs-object-type in specific. When a specific cs-object-type is not having a flow to that mv-object-type, it's not shown in the list.

I would expect that it takes the cd-object-type into account to determine if that flow must be included in this specific attribute flow list. See screenshot of the MV.XML export using Export Server Configuration option:

On a Sync Rule Activity in a WF it shows the Sync Rule ID as a difference even when the Sync Rule DisplayNames are the same (it shows the Sync Rule DisplayName). When comparing to a previous config of the same instance the sync rule ID's would match but when comparing between Prod and Dev they wouldn't. So you should considering doing this comparison on DisplayName rather than the Sync rule ID

P.S. This is a great tool!

Hi. I'd like a $ for every time I've struggled to locate these files. Nilesh - are you OK to change the 2 references in the README file to be links to https://github.com/microsoft/MIMConfigDocumenter/blob/master/src/MIMConfigDocumenterCmd/Scripts/ExportPolicy.ps1 and https://github.com/microsoft/MIMConfigDocumenter/blob/master/src/MIMConfigDocumenterCmd/Scripts/ExportSchema.ps1 respectively? Would have saved me 15 mins over a shared desktop with a tech just now :).
Thanks!

In my Pilot environment I have 35 workflows 24 of them custom. Only 5 of those show up in the MIM Config document. All five are action workflows. All five are custom, two use out of the box wf activities. None of the system workflows are showing up. I confirmed that the missing ones are in the policy.xml file so that isn't the issue.

Any chance of a version of this that outputs the existing configurations in the HTML format without having to compare to another version. Or is there a switch I can use for that result?

There are important files that Microsoft projects should all have that are not present in this repository. A pull request has been opened to add the missing file(s). When the pr is merged this issue will be closed automatically.

Microsoft teams can learn more about this effort and share feedback within the open source guidance available internally.

Merge this pull request

Hey, are you taking pull requests and is this still being actively developed?

Of course the MA I create in Dev and later import into Prod will have different Creation Times. You might want to ignore those in comparisons or give us the option to exclude those. The Modification Times would also be different

Having a MIM WAL Powershell Activitiy without input and output paramters crashes the MIMConfigDocumenterCmd.exe.

GetReport'. Details: System.NullReferenceException: Object reference not set to an instance of an object.
at
MIMConfigDocumenter.MIMServicePolicyDocumenter.FillWorkflowActivityValueExpressions
(DataTable activityValueExpressionsTable, XElement hashtable, Int32 activityIndex, Int32 sectionIndex)
at
MIMConfigDocumenter.MIMServicePolicyDocumenter.FillWorkflowActivityDetails
(Boolean pilotConfig)
at MIMConfigDocumenter.MIMServicePolicyDocumenter.ProcessWorkflow()
at MIMConfigDocumenter.MIMServicePolicyDocumenter.ProcessWorkflows()
at MIMConfigDocumenter.MIMServicePolicyDocumenter.GetReport().
MIMConfigDocumenterLog Error: 40000 : MIMConfigDocumenter (1.17.0522.0):
05/30/2017 15:59:31.9009: Exception in 'MIMServiceConfigDocumenter :
GetReport'. Details: System.NullReferenceException: Object reference not set to an instance of an object.
at MIMConfigDocumenter.MIMServicePolicyDocumenter.GetReport()
at
MIMConfigDocumenter.MIMServiceConfigDocumenter.ProcessServicePolicyConfiguration
()
at MIMConfigDocumenter.MIMServiceConfigDocumenter.GetReport().