Additional PowerShell Required for Microsoft Identity Manager

EDIT: This has been resolved in the February 2017 Public Update. Please review Microsoft Identity Manager NoILMUsed Bug Fixed for further information to enable the fix.

There is additional PowerShell required for Microsoft Identity Manager when using it as the identity manager for SharePoint Server 2016. Create your User Profile Service Application and enable the External Identity Manager. Once completed, run the following PowerShell from the SharePoint Management Shell.

The User Profile Service Application UI to Enable External Identity Manager does not fully work correctly (aka it’s a bug). So in order to pull various properties, such as Manager, or create Audiences, make sure this is enabled. If this bug is resolved, I will update this post to reflect as such, and at that point, the additional PowerShell is not required, although you do not want to revert this setting as long as you continue to use Microsoft Identity Manager.


  1. Hi Trevor,

    if i run this script the synchronization sources changes back to AD Import in the Central Administration. I think it should be NOILMUsed $false?!


  2. I am facing the similar situation . I changed UPA setting to $sa.NoILMUsed = $true since audience targeting Member of wasn’t working as per your post but now Synchronization settings changes back to Ad import . Should I change it back to External identity after running NoILMUsed = $true ? will it break anything ?

  3. What about this MSKB advising NOT to change that property.

  4. Hello Trevor! What if this doesn’t help when trying to update the Manager field in SharePoint User Profile? I’m trying to update this with MIM 2016 and everything seems to be fine, but finally the attribut is not populated in the profile. How can I get around this?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.