Accedi
 
HomeLibraryRisorseFormazioneDownloadSupportoCommunityForumBlog
Risorse per professionisti IT >
SSPR deploy

Domanda SSPR deploy

  • lunedì 18 marzo 2013 23:45
     
     
    Registrati per votare
    0

    I was following the instructions in FIM 2010 R2 Self-Service Password Reset Deployment Guide , currently trying to install FIM

    Password Registration portal and Password reset portal on the same box as FIM portal and service .

     

    On page 29, in the configuration window it asks me to enter a account name under which the FIM password reg. application pool will run in IIS.

    My question since I do not have different accounts for FIM Password Registration portal and Password

    Reset portal , should i be using the FIM service ; service account name?

    Thank you for helping out

     

Tutte le risposte

  • martedì 19 marzo 2013 06:44
     
     
    Registrati per votare
    0

    Hi

    Actually I wouldn't recommend you to do so, but you can. You can use one account to do everything :)

    I usually use a separate accounts for everything in my implementations.

    Regards Furqan Asghar

     
  • martedì 19 marzo 2013 07:02
     
     
    Registrati per votare
    0

    No please don't.

    There is certain logic in place to assume the AppPool accounts are different

     
  • martedì 19 marzo 2013 16:51
     
     
    Registrati per votare
    0

    we can create a new account but with what kind of permissions does this account need?

    FIM Password Registration portal and Password reset porta are on the same box as FIM portal and service; since this is our dev enviornment

    will the binding information be the host name where all these components resides

     
  • martedì 19 marzo 2013 18:05
     
     
    Registrati per votare
    0

    The "FIMPWPool" accoount does not need any permissions. It will be configured during setup to be used as the Application Pool identity for the PW Reset/Registration portals. I have seen situations where you need to manually configure IIS to use the Application Pool Identity for the PW Registration site.

    You do need to have separate hostnames for PW Reset and PW Registration portals that are different from the names used by the FIM Portal. Otherwise IIS will not be able to set unique bindings for each site.

    I usually configure this with a SAN certificate as well and use hostheader separation over SSL. If you are running on Server 2012 the ui in IIS manager can be used to configure the correct bindings once you have installed the PW portals.

    If running on 2008, check this out http://www.sslshopper.com/article-ssl-host-headers-in-iis-7.html