none
FIM 2010, Sync, SSPR and Sharepoint RRS feed

  • Question

  • Hi gurus

    I have a couple of quick questions. I want to set up FIM sync to synchronize accounts to a webservice. I believe http://www.microsoft.com/en-us/download/details.aspx?id=29943 is the way to do it. However the documentation specifies the use of a wsconfig file to set up the synchronization. My first question is, where do I find the wsconfig file? I want to sync with an external webservice and the developers have provided me with a wsdl file. Can I create a wsconfig file from that? If I don't have a wsconfig file, how can I set up the synchronization?

    Also I have set up SSPR on another server. I have certain questions about that too. I have set up the SSPR on a separate server. I have a third party certificate, and when I point my browser to the URL, it gives me HTTP 403 Forbidden error. This is the URL that I specified as the Registration Portal URL and has the certificate associated with. I can go to https://<servername>/IdentityManagement.  I did observe that in the IIS the FIM Password Registration Site is in stopped state. There is another site that is called FIM Password Registration Site_5 and that is started. I don't know how the second site got there. Any ideas as to how to resolve this?

    Lastly, I wanted to know that for SSPR, can I use an existing SharePoint installation. MS documentation mentions that it is a pre-req for SSPR. However, if I have an existing SharePoint installation on a different server can I leverage that? Or does the SharePoint installation needs to be local? 

    Any help will be greatly appreciated.

    Regards,

    Monday, January 6, 2014 4:44 AM

All replies

  • Last paragraph of questions first. FIM 2010 R2 SSPR does not require SharePoint only IIS. FIM 2010 R2 Portal requires SharePoint but not SSPR.

    2nd to last paragraph of questions next. If your intent was to have only the FIM SSPR portals on this other server and not the FIM Portal, then it sounds like the wrong options were selected during installation. Best bet would be to uninstall FIM components from the server that is to host the SSPR portal and reinstall. I can recommend a great book to help you get through the installs ;) (see my signature). Kent Nordstrom has also authored a book on FIM.

    First paragraph: The documentation is a bit confusing -- you have to run the msi file to do the install first which will unpack the files. So run the install file first. Per the documentation (a little further on) you should find the wsconfig file in the Extensions folder (or wherever you told it to extract):

    Web Service Project file

    User can select any target folder to extract this file into but the extracted project (.wsconfig file) will be visible to FIM Sync UI only if it is extracted to FIM’s Extensions folder. The extracted project file will be visible to the Web Service Configuration tool in any location.


    David Lundell, Get your copy of FIM Best Practices Volume 1 http://blog.ilmbestpractices.com/2010/08/book-is-here-fim-best-practices-volume.html

    Tuesday, January 7, 2014 5:31 PM
  • Hi David

    Thank you so much for the response. I shall definitely look to invest in your book as this is one technology I am quite keen on :)

    Regarding the wsconfig file, after extraction I have seen the extraction folder and cannot see the .wsconfig file. Pardon my ignorance in this, but I was under the impression that if I need to synchronize with website http://xxx.com:8080, I shall need the wsconfig file from that webserver (xxx.com). I need to create a management agent for that webserver. If I then need to synchronize again to another website, say, http://abc.com:8080, I need a separate wsconfig file for the second site? Is that not a right assumption? Also from the wsdl file, how can I create the wsconfig file. 

    I have taken your advice and is re-installing the FIM SSPR. Thanks for that. So now I am planning to put the FIM Portal, the registration portal and SSPR portal on one server. I was wondering about two things. First, can the password portal and the registration portal be internet facing. I believe I need a certificate for that. Is that correct? Also can I put the registration and SSPR portal on the same URL but different virtual directory such as abc.com/registration and abc.com/sspr. I am just trying to re-use the certificate for both the URLs.

    Thanks again, I much appreciate your help in taking time out to assist a newbie like me. I look forward to receiving any response from you.

    Regards,

    Wednesday, January 8, 2014 12:02 AM