Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
Applying a Release Update to the MIM Service and Portal
Published Nov 01 2019 03:21 PM 2,451 Views
Microsoft

First published on MSDN on Jun 12, 2018

Using This Guide:

 

Introduction:

 

This document is intended to be used as an operational procedure document for updating the Microsoft Identity Management 2016 Service and Portal installations. You may perform search and replace on the variables listed below to create a detailed version update guide customized for your environment.

 

Document Variables:

 

Description

Search and Replace Variable

Common name of the first MIM Service and Portal Server (ex. Portal01)

[MIM SERVER 1]

Common name of the second MIM Service and Portal Server (ex. Portal02)

[MIM SERVER 2]

Primary Synchronization Server’s Common Name.

[Primary Sync Server]

The Installation account used to perform installation and updates of the MIM Synchronization Service Software.

[Install Account]

 

Procedure Summary for Updating FIM / MIM:

 

The update process consists of the following steps:

 

Identify the Current Version:

- Identify the current version of the Service and Portal.

 

Identify the Update Version:

- Identify the release appropriate for your environment.

- Download the selected update file.

 

Synchronization Service:

- Stop Scheduled Tasks associated with MIM Run Profiles

- Confirm all Synchronization jobs are completed.

- Validate Configuration of Off-line Spare

- Stop the Primary Server Synchronization Service

- Install the update on the Offline Spare

- Install the update on the Primary Sync Server

 

Service, Portal, Password Registration and Reset:

- If applicable, update the Portal and FIM Service to same release.

- If applicable, update the Password Reset and Registration Sites

 

Final wrap up:

- Enable Scheduled Tasks

 

Identify the Current Version:

 

Identify the current version of the FIM / MIM Portal:

Using a web browser, connect to the FIM / MIM Portal as an administrator. On the Home page, select About Microsoft Identity Manager .

 

The trademark is stamped Microsoft Forefront Identity Manager 2010 R2. 

The version number is the release number and is listed in the following format:  

MIM 2016 SP2 starts at 4.6.xxxx.x,

MIM 2016 SP1 starts at 4.5.xxxx.x,

MIM 2016 versions start at 4.4.xxxx.x,

FIM 2010 R2 begins at 4.1.xxxx version. 

 

Identify the Update Version:

 

Identify the update release appropriate for your environment :

The release version used for the sync engine should be the same release deployed to the Service and Portal.

You can find the latest update information for your release at the following URL:

 

Download the selected update file:

After reading the Release Notes and choosing an appropriate release for your environment, you can download the update by selecting the Microsoft Download Center link contained within the Release Note.

The update file for the Service and Portal is likely to have a file name format resembling MIMService_x64_KBxxxxxxx.msp . Download the file to the MIM Service and Portal Servers [MIM SERVER 1] and [MIM SERVER 2] .

 

Synchronization Service:

 

Stop scheduled Tasks associated with MIM Run Profiles :

 

The first step in the update process is to ensure all synchronization service scheduled tasks on the Primary Synchronization Server [Primary Sync Server] are completed or properly stopped before performing the update on the Service and Portal servers [MIM SERVER 1] and [MIM SERVER 2] . Stop, or allow to complete, any currently running tasks associated with the Synchronization Service and its associated run profiles. Note the name of each task that is disabled.

 

To Open Task Scheduler:

From the Server select Start

Type task scheduler and run the task scheduler utility.

To Disable a task:

Select the task, right click and select Disable

To Stop a running task:

Select the running task, Right Click and select End .

Note: Stopping a scheduled task does not stop an import, export or synchronization job that is currently running in the Synchronization Engine.

 

 

Confirm all Synchronization jobs are completed :

On the Primary Synchronization Server [Primary Sync Server]

Launch the Synchronization Service Manager

Select the Operations Tab

 

Confirm all import, export and synchronization jobs have completed.

For any running jobs, you can allow the job to complete, or manually stop the job, which ever approach may be appropriate to your environment and associated change policies and service level agreements.

The remaining procedures for updating the Synchronization Engine are located at the following link:

 

https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/applying-a-release-update-to...

 

 

Service, Portal, Password Registration and Reset:

 

Update the Portal and FIM Service to same release

On the Service and Portal servers [MIM SERVER 1] and [MIM SERVER 2], stop the Forefront Identity Manager Service.

Using the Install Account [Install Account],

Login to the Service and Portal Servers [MIM SERVER 1] and [MIM SERVER 2]

Launch Services management console by selecting Start and typing Services.msc

Double click the Forefront Identity Manager Service

Select the Stop button .

Exit the Services management console.

Once the Forefront Identity Manager Service is stopped on the Service and Portal Servers, perform the following actions on each server, completing [MIM SERVER 1] before updating [MIM SERVER 2].

From the server select Start

Type Command Prompt

Right Click Command Prompt and select Run as Administrator

If prompted to allow the program to make changes to the computer, select Yes .

Navigate to the directory location of the update file

Type the file name MIMService_x64_KBxxxxxxx.msp and press [Enter]

Welcome to the Update for MIM Service and Portal

Select Update

Once completed, select Finish

The Forefront Identity Manager Service is started upon selecting Finish

 

Update the Password Reset and Registration Sites:

The procedures for updating the Password Reset and Registration sites are located at the following link:

 

Final wrap up:

 

Enable Scheduled Tasks.

The final step in the update process is to ensure all synchronization service scheduled tasks are enabled on the Primary Synchronization Server [Primary Sync Server] after performing the update. Referring to the previously Noted disabled tasks, enable each of the scheduled tasks that were previously disabled.

Access the Primary Synchronization Server [Primary Sync Server]

Login using the Install Account [Install Account]

 

To Open Task Scheduler:

From the Server select Start

Type task scheduler and run the task scheduler utility.

 

To Enable a task:

Select the task, right click and select Enable

Co-Authors
Version history
Last update:
‎May 17 2021 01:27 PM
Updated by: