none
Install FIM SSPR Reset portal on a non domain joined machine RRS feed

  • Question

  • Hi everybody.

    I have a question about FIM 2010 R2 SP1 SSPR.

    We are currently installing a new FIM 2010 R2 SP1 environement at a customer and the architecture we wish to implement is as follows:

    - 1 Synchronization server

    - 1 Fim Portal Server hosting FIM Portal + registration portal

    - 1 Dataware House server for Reporting

    - 1 Server hosting FIM reset Portal

    We would like that the registration is only accessible from internal LAN and Reset portal accessible from Internet.

    These servers are hosted in different security zones separated by firewalls

    The Question is as follows: Can we install FIM reset portal on a workgroup machine or has it got to be in the same domain as the Registration portal? If it can be a workgroup machine what ports must be opened in the firewall in order to make it work.

    Thanks for your help.

    Sylvan

    Tuesday, March 31, 2015 11:00 AM

Answers

  • Sylvan,

    I believe, you are getting confused. What I mean to say is that you install both the services in a Domain and installing these will give you URL which can be mapped with external address so that these pages can be accessible over the web as well. Once, these are published from outside you can use the reset functionality for resetting the password. But not publishing the registration URL over the internet will not allow users to get registered from outside the domain and hence, completing your requirement.


    Regards,
    Manuj Khurana

    • Proposed as answer by Manuj Khurana Monday, April 6, 2015 10:41 AM
    • Marked as answer by Zoltar00 Tuesday, April 7, 2015 8:05 AM
    Monday, April 6, 2015 10:41 AM

All replies

  • Sylvan,

    My understanding says that you want to give the functionality to reset the password over the internet but not for the registration?

    You can achieve this by simply allowing the passord reset URL to be opened from the internet but you don't have to publish the registration URL in this way for registration the user has to login within the prescriobed network but for resetting the password, this can be done from the internet as well.


    Regards,
    Manuj Khurana

    • Proposed as answer by Manuj Khurana Monday, April 6, 2015 10:41 AM
    • Unproposed as answer by Manuj Khurana Tuesday, April 7, 2015 9:50 AM
    Tuesday, March 31, 2015 1:56 PM
  • Hi Manuj,

    Thanks for the reply. That is exactly what I want to do. In our architecture the serveurs that publish URL's on the Internet are in a workgroup, not joined to our main domain. So in this case the reset portal could be in a workgroup and the registration portal in our domain. Would that work or do the reset and registration portal joined to the domain?

    Thanks

    Regards,

    Sylvan.

    Thursday, April 2, 2015 9:42 AM
  • Sylvan,

    I believe, you are getting confused. What I mean to say is that you install both the services in a Domain and installing these will give you URL which can be mapped with external address so that these pages can be accessible over the web as well. Once, these are published from outside you can use the reset functionality for resetting the password. But not publishing the registration URL over the internet will not allow users to get registered from outside the domain and hence, completing your requirement.


    Regards,
    Manuj Khurana

    • Proposed as answer by Manuj Khurana Monday, April 6, 2015 10:41 AM
    • Marked as answer by Zoltar00 Tuesday, April 7, 2015 8:05 AM
    Monday, April 6, 2015 10:41 AM
  • Hi Manuj,

    Thanks for the answer. That confirms my thoughts. Thanks.

    Regards,

    Sylvan

    Tuesday, April 7, 2015 8:05 AM