Talk to an expert

Connect with a Ravenswood expert using the form below.

How To Get the MIM Synchronization Service Groups

When you install the Microsoft Identity Manager (MIM) Synchronization Service, you have to provide five security groups for privileged access. Once the installation has been completed there isn’t a simple way to find out what groups were configured. This can be an issue if you have inherited an installation or there is no documentation available for reference.

One way to find out what groups were configured is to run the MIM Synchronization Service installer and choose the Configure option. You’ll need to know the password for the service account to do this. Another way to get this information is to query the MIM Synchronization Service database.

The script included in this article will provide output similar to what’s shown below.

MIM Sync Security Groups

To run this script, run the following command:
.\GetMIMSyncGroups.ps1 -Server "&ltMIMSQLServerName&gt" -Database "FIMSynchronizationService"

You can download the script here. Don’t forget to unblock the file before you try to run it.

Partner with Microsoft experts you can trust

If it’s time to take that first step toward leveling up your organization’s security, get in touch with Ravenswood to start the conversation. 

Get in Touch
Picture of Adam Zucker

Adam Zucker

Adam Zucker specializes in enterprise mobility and identity management. He works with customers to develop strategic and long-term solutions, planning and implementing projects using Microsoft IAM and enterprise mobility tools. Adam’s well-rounded skill set allows him to recommend solutions that meet both big picture and day-to-day needs for businesses.
View All Posts

[RELEVANT BLOG CONTENT]

How to Defend Against Privilege Escalation Attacks

One of the most dangerous phases of a cyberattack is privilege escalation, which involves a bad actor getting access to network resources via compromised user accounts and then elevating the [...]

A Guide to Microsoft Office 365 Data Loss Prevention (DLP)

As organizations increasingly embrace digital transformation, electronically stored data is a company’s most valuable asset. Unfortunately, it’s also one of the most vulnerable. Whether it’s customer records, financial data, intellectual [...]

Leveraging Azure Blob Storage for Your PKI Needs, Part 2: Automation

This blog post is a follow up to my previous post on leveraging Azure Blob Storage to serve HTTP certificate revocation lists (CRLs). If you have not already done so, [...]

Common Active Directory Attacks (and How to Defend Against Them)

Microsoft’s Active Directory (AD)—released in 1999 as part of Windows 2000 Server Edition—is currently the most popular directory service for Windows domain networks. AD has evolved and matured over the [...]

Best Practices for Implementing Windows Security Baselines

Maintaining security in a Windows environment is important to reduce the risk of bad actors being able to cause harm to an organization. Although Windows is built to be secure [...]

Migrating from Remote Desktop Gateway to Microsoft Entra Private Access

Remote Desktop Gateway (RDG) is a widely deployed Windows Server Role that allows secure remote access to a protected resource (e.g. a Windows Server via Remote Desktop Protocol (RDP)). There [...]

Ravenswood Technology Group is based in Chicago, IL but with customers around the world. We help companies, universities, and other organizations with less than 100 employees to over 500,000 build secure, hybrid infrastructure that enable their users to work from anywhere. 

Linkedin Twitter

Expertise

Get in Touch

About Us

AD Health Check
Free Assessment

© Ravenswood Technology Group, LLC

Privacy Settings