Provisioning with the custom connectors
Microsoft Entra ID supports preintegrated connectors for applications that support the following protocols and standards:
For connectivity to applications that don't support the aforementioned protocols and standards, customers and partners have built custom ECMA 2.0 connectors for Microsoft Identity Manager (MIM) 2016. These same ECMA2 connectors can now be used with the Extensible Connectivity(ECMA) Connector host and the lightweight Microsoft Entra provisioning agent, without needing MIM sync deployed.
Exporting and importing a MIM connector
If you have a custom ECMA 2.0 connector in MIM, you can export it by following the instructions here. You need to save the XML file, the DLL, and related software for your connector.
To import your connector, you can use the instructions here. You will need to copy the DLL for your connector, and any of its prerequisite DLLs, to that same ECMA subdirectory of the Service directory. After the xml has been imported, continue through the wizard and ensure that all the required fields are populated.
Updating a custom connector dll
When updating a connector, ensure that the dll is updated in all required locations. Use the steps below to properly update your custom connector dll:
- Close the Microsoft ECMA2Host Configuration Wizard.
- Stop the Microsoft ECMA2Host service.
- Manually update the custom connector dll into the following folders.
- ECMA
- ECMA > Cache > {connector name}
- ECMA > Cache > {connector name} > AutosyncService
- Start the Microsoft ECMA2Host service.
Note
If multiple connectors are using the same custom dll, you will need to complete step 3.ii and 3.iii for each connector.
Requirements
Custom connectors built for MIM rely on the ECMA framework. Please ensure that you are following best practices such as:
- Ensuring that methods in your connector are declared as public
- Excluding prefixes from method names. For example:
- Correct: public Schema GetSchema (KeyedCollection<string, ConfigParameter> configParameters)
- Incorrect: Schema PrefixGetSchema.GetSchema (KeyedCollection<string, ConfigParameter> configParameters)
The following table includes capabilities of the ECMA framework that are either partially supported or not supported by the Microsoft Entra provisioning agent. For a list of known limitations for the Microsoft Entra provisioning service and on-premises application provisioning, see here.
| Capability / feature | Support | Comments |
|---|---|---|
| Object type | Partially supported | Supports one object type |
| Partitions | Partially supported | Supports one partition |
| Hierarchies | Not supported | |
| Full export | Not supported | |
| ExportPasswordInFirstPass | Not supported | |
| Normalizations | Not supported | |
| Concurrent operations | Ignored | |
| DeleteAddAsReplace | Ignored |
Next steps
Feedback
Submit and view feedback for