Recently I did an upgrade of FIM 2010 to MIM2016 for a customer of mine. I’ve described that process here. We’ve only upgraded our lab environment and are now testing whether everything works as expected. Today I was testing the flow that is triggered by adding a new user to the HR source. One of the things that MIM is supposed to do is create an AD account and an Exchange mailbox. However when the export run profile was executed on the AD MA we saw the following error:
Status: no-start-ma
In the Application event log:
In words: The management agent controller encountered an unexpected error.
"ERR_: MMS(8228): ..\libutils.cpp(10186): Failed to start run because of undiagnosed MA error
Forefront Identity Manager 4.3.1935.0"
When troubleshooting an issue like this it’s important to narrow down the possible causes. Is there a connectivity issue with AD? Is there an issue with a rules extension? Is there an issue with the Exchange Provisioning component? The latter is quite easy to check. On the configure extensions we can simply set the Provision for to No Provisioning.
After disabling Exchange provisioning the MA seemed to be able to export just fine. So something was up with the Exchange provisioning. To be sure nothing was wrong with the remote PowerShell I tested the URL by opening a remote PowerShell connection to Exchange [technet]. That seemed to go fine. After looking some more in the Application event log I also noticed several Application Crash (event 1000) events whenever I was trying to run an export profile. The application was mmsscrpt.exe. I’m guessing that’s the utility being used to setup the remote PowerShell session and call the Update-Recipient cmdlet.
I found an older article (link) stating errors like this might occur whenever .NET 4.0 is missing. But in my case I was running on a Server 2012 R2 with .NET 4.5.2 installed on it. Either way, that article pushed me into suspecting .NET. We had installed .NET 4.5.2 using the Add-WindowsFeature cmdlet. This is the exact .NET version we had:
As you can see we were running 4.5.51650 which matches .NET4.5.2 (May 2014 Update) If I may believe: http://deletionpedia.org/en/List_of_.NET_Framework_versions I binged a bit to find out whether there were any updates available for .NET 4.5.2 but I couldn’t find any. Then a colleague of mine (Thanks Kevin!) reminded me that very recently .NET 4.6 became RTM. So I went ahead and downloaded it from here:
- Offline installer: http://www.microsoft.com/en-us/download/confirmation.aspx?id=48137
After installing the 4.6 package the .NET version showed us 4.6.00081 in the registry. After a reboot I performed the test again and now I could export to AD again while provisioning mailboxes on Exchange!
Conclusion:
Whenever you are preparing a Server 2012 R2 to host the FIM Synchronization Service, do not forget to download and install .NET 4.6 as the .NET 4.5.2 that comes out of the box is not sufficient.
9 Response to MIM 2016: no-start-ma when Exporting to Active Directory
Hi Thomas, thanks for the help above. Got my MIM up and running a few days ago and installed .NET 4.6 to get over the no-start-ma issue, however… the issue returned after installing Windows Updates this morning. Uninstalled KB3083185, a security update for .NET 4.6, to work around the issue.
Thanks a lot for taking the time to add feedback! Appreciate it a lot!
Installing all required and optional updates resolved the issue in my case
This is a great post and helped with my MIM install, but installing .NET 4.6 did end up breaking paging on list views and search results in the MIM portal (single server setup). So you'd click Next, the page number would show 2 but the results wouldn't refresh. It wouldn't show the page 2 results until you clicked Next again (the page number would then show 3) or go to the page number field and hit enter. In any event, installing the .NET 4.6.1 update that came out the other week fixed the paging issue and Exchange provisioning still worked.
It took a bit of troubleshooting to make the connection, so I thought I'd mention this for anyone else that might want to run the sync service and portal on the same server and needs Exchange provisioning.
As of 1/4/2016 ensure that KB3083185 is NOT Installed on your sync server. This update causes this issue even after the .NET v4X Framework version is 4.6.00081
THANK YOU JMANLEY!!!!!
I was wondering why the clients MIM was still showing this with the 4.6 Framework installed.
Client ran Automatic update son the Sync server and installed the KB3083185 patch.
This issue is now resolved in the latest hotfix: https://support.microsoft.com/en-us/kb/3134725
Thanks Jose! Which issue from the KB does it map to? I don't really find anything that seems to cover this issue
After installing the patch https://support.microsoft.com/en-us/kb/3134725 the error no-start-ma is resolved. However, I am getting errors below when running synchronization operations. Anyone knows how to fix this?
System.IO.FileLoadException: Could not load file or assembly 'Microsoft.MetadirectoryServices, Version=4.3.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)
Add Your Comment