Operational Assessment - Microsoft€¦ · Web viewIn January 2013, Forefront Identity Manager 2010...

Upgrading FIM 2010 R2 to SP1

Anthony Marsiglia & Kristopher TackettMicrosoft Premier Field Engineering

Forefront Identity Manager 2010 Installation & Configuration


MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, our provision of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. The descriptions of other companies’ products in this document, if any, are provided only as a convenience to you. Any such references should not be considered an endorsement or support by Microsoft. Microsoft cannot guarantee their accuracy, and the products may change over time. Also, the descriptions are intended as brief highlights to aid understanding, rather than as thorough coverage. For authoritative descriptions of these products, please consult their respective manufacturers.© 2013 Microsoft Corporation. All rights reserved. Any use or distribution of these materials without express authorization of Microsoft Corp. is strictly prohibited.Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

iiPrepared by Anthony Marsiglia & Kristopher TackettMicrosoft Premier Field Engineering


Upgrading FIM 2010 R2 to SP1

In January 2013, Forefront Identity Manager 2010 R2 Service Pack 1 was released. Currently, this is the latest release. As such, if you wish to upgrade from either FIM 2010 or FIM 2010 R2, the following upgrade procedures will apply. In most cases an upgrade requires the current version of the product to be uninstalled which than requires the installation of the new software version that points to the Existing SQL databases that the FIM Synchronization Service and the FIM Service was using. In the case of a HOTFIX that is to be applied an in place install can be applied without the need to uninstall the current version of the product that the Hotfix is being applied to. It is also important to note that when installing hotfixes or upgrading a newer version of FIM it is imperative that the same hotfix is applied to all installed components of FIM as well as if you are upgrading your FIM environment all installed components of the FIM environment must be upgraded so that the entire FIM environment is at the same version.

To begin, on the Synchronization Engine Server, open “Control Panel”, navigate to “Programs”, right-click on “Forefront Identity manager Synchronization Service” and select “Uninstall”

Prepared by Anthony Marsiglia & Kristopher TackettMicrosoft Premier Field Engineering


You will be prompted for confirmation to continue with the uninstall. Select “Yes” to continue.

After the uninstallation completes, navigate to the location of the FIM install media and double-click “FIMSplash.htm” to open it, then click on “Install Synchronization Service”



Click “Run” to continue.

And click on “Run” again.

On the “Welcome” screen, click “Next” to continue.



Read and accept the “End User License Agreement”, then click “Next” to continue.



At the “Custom Setup” install screen, you may leave this option default and click “Next” to continue.



For the SQL configuration screen, specify the location of the SQL server and the instance name. In this case, SQL is hosted on the local server and using the default instance.



Enter the name of the FIMSync account, along with its password and the domain in which it resides, then click “Next” to continue.



You may leave these fields default and click “Next” to continue.



Click to “Enable firewall rules for inbound RPC communications”, then click “Next” to continue.



To begin the installation, click “Install”



You may receive “Warning 25051”. If so, click “OK” as we will be coming back to this later.



Since we are upgrading, we wish to re-use the existing SQL database. To do so, click “Yes”

You may receive “Warning 25008” with regard to upgrading the existing (re-used) SQL database. To do so, click “Yes”



To utilize the existing database, we must import the synchronization key which was created (and backed up) during the initial installation. Click “Yes”

Navigate to the location of the synchronization key backup, click to select it, then click “Open”



To complete the Synchronization Service upgrade, click “Finish”



On the server that the FIM Portal and Service is installed on navigate to Programs and Features.



Select Forefront Identity Manager Service and PortalA warning may appear The SharePoint 2010 Administration Service is not running.

Open “services.msc”



In the Services.msc console locate SharePoint 2010 Administration Service



Start the SharePoint 2010 Administration ServiceBack on the window with the SharePoint 2010 Administration Service in not running error click on Retry.

After you click on retry the Uninstall will continue.



The uninstall process will complete fairly quickly without an additional popup or any indication that that it has completed uninstalling other than the wizard will disappear. Once the Uninstall completes Reboot the server that the FIM Service and Portal was just uninstalled from.

After the Server successfully boot back up navigate to the location of the FIM Service and Portal Installation Files.You may need to run the installation file using the Run as Administrator option.



Click on Next

Click on the Box to Accept the terms in the License Agrreement.



Decide if you wish to join the customer experience



Select NextSelect All FIM Portal options that you wish to install.



Click on NextType in the name of the server that the FIMService Database is on.By default the local server is prepopulated in most cases this would not be the case, Type in the correct name of the server. Be sure to select the option Re-use the existing database.



Click on NextThe next window will display a Database Backup Warning, Click on Next



Enter the Mail Server Information



Click on NextDepending on your environment you may wish to select an existing certificate or generate a new self-issued certificate.



Click on NextEnter in Credentials



Click on NextYou may receive the Service Account is not Secure in its current configuration.



Click “Next”. See “Secure FIMService Account” section. Enter in the Server name where the Synchronization Engine is installed. Enter the name of the Management agent to connect the portal to the Sync engine.



Click on NextType the name of the server that the FIM service is installed on or is being installed on.



Click on NextType the registration portal url:



Click “Next”. Check the Box for Open Ports 5725 and 5726 in firewall. Check the Box for Grant authenticated users access to the FIM Portal site.



Click on NextType in the Account credentials that will control the FIM SSPR FunctionsType in the Host Name of the registration portal

Type in the Port information and check the open port in firewall.



Click on Next

You may get a password registration portal warning.



Click on NextType in the server name where the FIM Service is installed or will be installed on.

Select if the portal is hosted on an IIIS site which can be accessed by extranet or intranet users.



Click on NextType in the Account credentials that will control the FIM SSPR FunctionsType in the Host Name of the reset portal



Type in the Port information and check the open port in firewall.

Click on Next

You may receive the Password Reset Portal Warning



Click on Next

Type in the server name where the FIM Service is installed or will be installed on.Select if the portal is hosted on an IIIS site which can be accessed by extranet or intranet users.



Click on Next

Click on Install



During the install the status screen will be displayed.



A warning may appear The SharePoint 2010 Administration Service is not running.Do not click on Cancel



Open up services.msc

In the Services.msc console locate SharePoint 2010 Administration Service



Start the SharePoint 2010 Administration ServiceBack on the window with the SharePoint 2010 Administration Service in not running error click on Retry.

The Installation will continue



A CMD Window may pop up but this is normal let the process continue.

Once Complete click on Finish


Operational Assessment - Microsoft€¦ · Web viewIn January 2013, Forefront Identity Manager 2010...

Documents

Transcript of Operational Assessment - Microsoft€¦ · Web viewIn January 2013, Forefront Identity Manager 2010...