operational assessment - microsoft web viewmicrosoft cannot guarantee their accuracy, ... on server...

Installing the Service Portal Server (Server 2012)

Anthony Marsiglia & Kristopher TackettMicrosoft Premier Field Engineering

Forefront Identity Manager 2010 Installation & Configuration


MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, our provision of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. The descriptions of other companies’ products in this document, if any, are provided only as a convenience to you. Any such references should not be considered an endorsement or support by Microsoft. Microsoft cannot guarantee their accuracy, and the products may change over time. Also, the descriptions are intended as brief highlights to aid understanding, rather than as thorough coverage. For authoritative descriptions of these products, please consult their respective manufacturers.© 2013 Microsoft Corporation. All rights reserved. Any use or distribution of these materials without express authorization of Microsoft Corp. is strictly prohibited.Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

iiPrepared by Anthony Marsiglia & Kristopher TackettMicrosoft Premier Field Engineering


Installing the Service Portal Server (Server 2012)

It is now time to install the Forefront Identity Manager 2010 R2 Service and Portal on Server running 2012 with Sharepoint Foundations 2013. Please note that, at this stage, you may choose to install only the FIM Service Portal, or the FIM Service Portal and the Self-Service Password Registration and Reset Portals. In this scenario, we will be installing the Service Portal and SSPR. To begin, navigate to the install media and double-click “FIMSplash” to open the FIM 2010 R2 install window, you could also browse the folder Service and Portal by clicking on that folder and than you could select the setup application to begin installation.

Prepared by Anthony Marsiglia & Kristopher TackettMicrosoft Premier Field Engineering


From here, under “Identity Manager Service and Portal”, select “Install Service and Portal”. And a Popup at the Bottom of the screen will appear. Click on Run to run the installation via the Prompt.

After you select Run you will begin the installation of the Service and Portal.This will open the Forefront Identity Manager Service and Portal Setup Wizard. To continue, click “Next”

After reading and accepting the End User License Agreement, click “Next” to continue



Make a decision about whether or not to participate in the Microsoft FIM Customer Experience Imporvement Program, and click “Next” to continue

At the “Custom Setup” window, deselect “FIM Reporting” (we will come back to this later). Again, please note, in this scenario, we are also installing SSPR. If you do not wish to install SSPR, also deselect “FIM Password Registration Portal” and “FIM Password Reset Portal”. To continue, click “Next”



Installation with out SSPR or Registration

Installation with SSPR and Registration

Enter the name of the SQL database server to be used, as well as the name of the database. In this scenario, we will be creating a new database. However, in cases of disaster recovery, you may instead choose “Re-use the existing database”. Click “Next” to continue.



If you are installing a new Server to host the FIM Service and Portal and there is already a FIMService DB than select Re-use the existing database.

Enter the name of the mail server (or relay) you wish to use, then click “Next”



When prompted, select “Generate a new self-issued certificate” and click “Next”

Enter the name of the service account created earlier, as well as the password and domain in which it resides, along with the mail address you wish for it to use, then click “Next” to continue.



If you receive the following warning, this is due to not having the necersary accounts configured in a secure manor. Please note that we will be returning to this later, so you may click “Next” to continue.

Enter the name of the Synchronization Engine server, as well as the domain and FIM Management Agent service account, then click “Next”



Enter the name of Service Portal Server in the box, then click “Next” to continue.

If you don’t see this screen but instead are prompted with a message stating the the FIM Synchronization server you have entered does not exist or is not running.



If you receive this error you could continue but I would advise you to click on Back and fix the issue now as opposed to later, see trouble shooting guide on how to resolve this issue.

For the “Sharepoint site collection URL:”, you may leave this default and click “Next”

Now it is necessary to enter the URL for the Self-Service Password Registration Portal. As a best practice, you may want to create a DNS pointer (in this scenario, the pointer resolves to registration.lab.org). PLEASE NOTE that this step is only applicable if you are installing SSPR.



For the firewall configuration, please be sure to check the boxes next to “Open ports 5725 and 5726 in firewall” and “Grant authenticated users access to the FIM Portal site”, then click “Next” to continue.



Enter the previously created service account and password, as well as the URL for the registration portal and the port you wish to use, then click “Next”

If you did not Pre Select that you wish to install the SSPR function than this section would be blank.

If you are installing SSPR than enter the following



You may receive the following warning. If so, please click “Next” to continue, as we will return to this later.

Enter the FIM Service Server address, and select either internal only or internal/external access to the Password Registration Portal, then click “Next” to continue



For the Reset Portal configuration, enter the same previously created service account and password, as well as the DNS pointer and port, then click “Next” to continue

Again, you may receive a warning. If so, click “Next” to continue as we will be revisiting this at a later time.



As before, enter the FIM Service Server address, and choose either internal only or internal/external, then click “Next” to continue.

To begin the installation, click “Install”



If this was a Change install Click on Change

During the Installation and Configuration of the Forefront Identity Manager 2010 R2 Componets you may see the following error, please see trouble shooting guide to resolve this issue.



When the Forefront Identity Manager Service and Portal Setup Wizard completes successfully, click “Finish”

Open up Internet Explorer, Type the following URL http://portal/identitymanagement/default.aspx replace the word “portal” with the name of your portal server.

You should now be able to access the Forefront Identity Manager 2010 R2 Service Portal, as shown below:


http://portal/identitymanagement/default.aspx

operational assessment - microsoft web viewmicrosoft cannot guarantee their accuracy, ... on server...

Documents