Tag Archives: MIM

ECMA2: Unable to retrieve schema. Error: Exception from HRESULT

Developing a new ECMA2? Importing schema? Receiving “Unable to retrieve schema. Error: Excpetion from HRESULT:” message? Not seeing anything helpful in the event log?

Same here. It turns out it was a legitimate error, although it could be more usefully phrased. I had simply forgotten to specify an anchor attribute. You must make sure that there is at least one anchor attribute specified in your SchemaType. And also, of course, make sure to specify an object name for the SchemaType when calling SchemaType.Create()

Redirecting to the MIM site by default

When you start to install MIM, you first need to install SharePoint, which MIM runs on top of. As part of this, you set up a SharePoint website with a name, usually one that matches the domain name, e.g. mimportal.contoso.com

After MIM is installed, going to this root URL will confusingly just load a default Sharepoint site home page like this:

The MIM Portal site is viewed through an application on that site that has the address https://mimportal.contoso.com/IdentityManagement/default.aspx

Your users will have to either happen to know that it lives here, bookmark it, or get otherwise signposted to it, but whatever, it is not very user friendly.

It is actually fairly easy to just make the root URL of the site that the MIM portal lives on redirect to the actual MIM URL. The technique is to use Powershell to set the Sharepoint site root folder.

This works on at least SharePoint Foundation 2010 and 2013. I have heard it still works on SP2016, but have not tested it.

Run the following commands as the same user who you installed SharePoint as. Replace the website name for your own. You would have set this up during the SharePoint install.

The redirection is now set up. However, at this point it will only work for users who have permission to read the root site, which is probably only the administrator who isntalled it. To make it work for other users, do the following:

Grant authenticated users permissions to read root site

This allows all users to read the root site and get redirected to the IdentityManagement site.

Browse to: http://mimportal.comtoso.com/_layouts/user.aspx

Log in with the account you used to install Sharepoint

Click on Grant Permissions –> Browse. Search for “authenticated users” and select the entry for “NT AUTHORITY\Authenticated Users”. Grant them the “Read” permission.

Now, if you go to https://mimportal.contoso.com in a browser, you should get redirected to /Identitymanagement/default.aspx automatically.