Installing the Microsoft Identity Manager 2016 Service and Portal (With SSPR) – Clean Install

This post has been republished via RSS; it originally appeared at: Core Infrastructure and Security Blog articles.

First published on MSDN on Aug 26, 2015

As you may be aware, the new version of identity – Microsoft Identity Manager 2016 – has been released. While the in-place upgrade of the service and portal from FIM 2010 R2 to MIM 2016 is covered in great detail here , I would like to take some time and step through a brand new fresh install of the MIM 2016 service and portal server. This, of course, assumes the MIM 2016 sync service has already been installed. For a post covering that installation, please see here .

The environment I’m using is Windows Server 2012 with SQL Server 2012 SP1 and SharePoint Foundation 2013. To use SharePoint Foundation 2013 some additional configuration is necessary. Luckily, The Connector Space has your back and a configuration script to do the work for you can be found here . The remaining prerequisites (.Net, SQL Native Client if SQL is off-box, etc.) remain largely unchanged from FIM 2010.

To begin, navigate to the installation media and double-click on “FIMSplash” to run it. This will open the MIM installation menu:

clip_image002

Under “Identity Manager Service and Portal”, select “Install Service and Portal”, then click “Run”

clip_image004

This will launch the “Microsoft Identity Manager 2016 – Service and Portal” installation wizard. Click “Next” to continue.

clip_image006

Read and accept the EULA, then click “Next”

clip_image008

Choose whether or not to participate in the improvement program, then click “Next” to continue.

clip_image010

In this scenario, we will also be installing the Password Registration and Password Reset portals. If you do not wish to install these, deselect them here. Similarly, if you would like to install MIM Reporting or Privileged Access Management (PAM) select them here. For either of the above two scenarios, check back later as we will be documenting both in the near future. Click “Next” to continue.

clip_image012

Enter the Microsoft SQL database and instance name, as well as the database name (FIMService) and select “Create a new database”. Click “Next” to continue.

clip_image014

Enter a mail server or relay for MIM to use for mail notification, and select any appropriate checkboxes, then click “Next” to continue.

clip_image016

Select “Generate a new self-issued certificate”. Alternately, you may also choose to “Select a certificate in the local certificate store” if you have a CA. Either way, click “Next” to continue.

clip_image018

Enter the desired “Service Account Name”, as well as the “Service Account Password”, “Service Account Domain” and “Service Email Account”, then click “Next” to continue.

clip_image020

As with FIM 2010, you may receive a warning message here. Click “Next” as we will address this later.

clip_image022

Enter the name of the “Synchronization Server” (in this case, the localhost), as well as the “MIM Management Agent Account”, then click “Next”

clip_image024

Enter the “MIM Service Server Address”, then click “Next” to continue.

clip_image026

Enter the name of the “Sharepoint site collection URL:”. Please not that in FIM 2010, we typically left this as default ( http://localhost ). However, seeing as how SharePoint 2013 requires additional configuration (such as performed by the configuration script, courtesy of The Connector Space ), we need to be sure to enter this as configured. Click “Next” to continue.

clip_image028

Enter a “Registration Portal URL” to be used for password self-service. *Please Note* If you did not select “Password Registration Portal” earlier, you will not see this screen. Click “Next” to continue.

clip_image030

Check both boxes, then click “Next”. *Please Note* If you did not select “Password Registration Portal” earlier, you will not see this screen. Click “Next” to continue.

clip_image032

Enter an “Account Name” under which password registration should run, along with a “Password”, the “Host Name” and “Port”. Check the box to “Open port in firewall” then click “Next” to continue. *Please Note* If you did not select “Password Registration Portal” earlier, you will not see this screen. Click “Next” to continue.

clip_image034

As with FIM 2010, you may receive the following message. If so, click “Next” to continue.

clip_image036

Enter the “MIM Service Server Address”, and select either “Portal is hosted on an IIS site which can be accessed by extranet users” or “Portal is hosted on an IIS site which can be accessed only by intranet users”, then click “Next” to continue.

clip_image038

Enter an “Account Name” under which password reset should run, as well as a “Password”, “Host Name” and “Port”. Check the box to “Open port in firewall”, then click “Next” to continue.

clip_image040

As with FIM 2010, you may receive the below message. Click “Next”.

clip_image042

Enter the “MIM Service Server Address” and select either “Portal is hosted on an IIS site which can be accessed by extranet users” or “Portal is hosted on an IIS site which can be accessed only by intranet users”, then click “Next” to continue.

clip_image044

Click “Install” to begin the installation.

clip_image046

Depending on your environment, this may take several minutes. During this time, you may see several windows open and close. Fear not as this is expected behavior.

Click “Finish” to complete the installation.

clip_image048

Here we see the newly installed Microsoft Identity Manager 2016 Service Portal.

clip_image049

Clicking on “About Forefront Identity Manager” at the bottom of the list on the right-hand side shows:

clip_image051

This allows us to verify that it is in fact the correct version number.

Questions? Comments? Love FIM so much you can’t even stand it?

EMAIL US!

>WE WANT TO HEAR FROM YOU<

## https://blogs.msdn.microsoft.com/connector_space # #

REMEMBER: these articles are REPUBLISHED. Your best bet to get a reply is to follow the link at the top of the post to the ORIGINAL post! BUT you're more than welcome to start discussions here:

This site uses Akismet to reduce spam. Learn how your comment data is processed.