Forefront Identity Manager 2010 Installation & Configuration

Forefront Identity Manager 2010 Installation & Configuration

Upgrading ILM 2007 to FIM 2010 R2/SP1

Anthony Marsiglia & Kristopher Tackett

Microsoft Premier Field Engineering

MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT.

Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, our provision of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.

The descriptions of other companies’ products in this document, if any, are provided only as a convenience to you. Any such references should not be considered an endorsement or support by Microsoft. Microsoft cannot guarantee their accuracy, and the products may change over time. Also, the descriptions are intended as brief highlights to aid understanding, rather than as thorough coverage. For authoritative descriptions of these products, please consult their respective manufacturers.

© 2013 Microsoft Corporation. All rights reserved. Any use or distribution of these materials without express authorization of Microsoft Corp. is strictly prohibited.

Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

ii

Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering

Forefront Identity Manager 2010 Installation & Configuration

Upgrading ILM 2007 to FIM 2010 R2/SP1

In this section, we will cover upgrading ILM 2007 to FIM 2010 R2 or FIM 2010 R2 SP1.

To begin, restore the backed up “MicrosoftIdentityIntegrationServer” database on to the 64-bit server with the new SQL Server Instance that Forefront Identity Manager will point to.

On the instance that you want to restore the database to, right click on “Databases”. Select “Restore Database…” and then choose, “From Device”

Click on the 3 dot Ellipsis in the box adjacent to “From device:”

Click “Add”

Locate the database you wish to restore, as shown below:

In the “Restore Database” window, under “Select”, type the name of a new or existing database for your restore operation. For “To database”, Select “MicrosoftIdentityIntegrationServer”. Under “Select the backup sets to restore”, click on the Check Box for Restore

Click “OK”

Click “Ok”

After the restore is, complete click “Ok”.

Now, check the instance of the SQL Server that you restored the database to and verify that “MicrosoftIdentityIntegrationServer” has been restored to the correct instance.

Right click on the “MicrosoftIdentityIntegrationServer” database:

Select “Rename”

Rename “MicrosoftIdentityIntegrationServer” to “FIMSynchronizationService”

We are now ready to install the new version of the Synchronization Service that replaces 2007. Navigate to the Install media and install the Forefront Identity Manager Synchronization Service. Right click on setup and “Run as Administrator”

Click “Next”

Read and accept the “End User License Agreement”, then click “Next” to continue.

You may accept the defaults (or change the default installation path) here and click “Next” to continue.

On the Configure Forefront Identity Manager Synchronization Service Window under the Specify the SQL Server Location and Instance.

SQL Server is located on:

If you are installing the Synchronization Service on the same server as the SQL Server click on This Computer. If the SQL Server is a Remote Machine type in the netbios name of the server that SQL is installed on.

Note: In a LAB Environment installing the Synchronization Service on the same server as the SQL Server may be ideal depending on your environment and available resources.

Under “The SQL Server instance is:” select “The default Instance” if the default instance is the instance that you restored the database to. If you restored the database to a specified instance, click on “A named instance” and type the name of the instance.

For Service account: type in the name of the Sync Service account that was created. For this document I have suggested to use FIMSync.

Type in the password for the Service Account

For the Service Account Domain or local computer name: Type in the name of your Domain

The following groups will be created on the local server that the synchronization service will be installed on. We may leave these default. Click “Next” to continue.

Click on “Enable Firewall rules inbound RPC communications” then click “Next” to continue

Click “Install” to begin.

If the following popup is displayed click “OK” to acknowledge, this can be prevented by following the Secure FIM Service Accounts section in this Doc.

The install will continue

At this point The Synchronization Service sees that a DB are exist called FIMSynchronizationService . Do you want to use the existing database Click on Yes (DO NOT CLICK “NO”)

The install will continue

At this point in the Installation of the Synchronization Service you are presented with an option to restore the configuration and a warning is presented stating that the encryption key will need to be provided. Click on Yes

Locate the Encryption Key in this example we named the ILM Encryption Key ILM2007. Click on the ILM2007.bin file and click on Open

The Installation will continue

When complete, click “Finish”

Page 21

Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering