none
FIM 2010 R2 architecture across 2 data centers RRS feed

  • Question

  • Currently looking to define a FIM 2010 R2 archirecture. User objects about 15000

    Have 2 data centers - failover capability offered between the 2.

    Plan is to house the FIM Synchronization and Service databases on  HA SQL cluster that resides between the 2 databases, (Physical hardware). This HA environment is already there and I can re-use it.

    The service level defined for FIM is 72 hours to return to operation.

    Am looking to house FIM Portal, FIM Service and FIM Synch on VM's at primary data center.  Can I implement an active / passive architecture? i.e. if FIM 2010 fails at primary data center - SQL databases can be brought up at other data center and FIM portal , service and synch on VM's in pasive state can be made active at second data center. Is this recovery process fairly straightforward. Also if I have FIM services in a passive state - what are the licencing implications?

    Monday, August 13, 2012 8:01 AM

All replies

  • I think the bottom line in your case is the High Availability of FIM services rather than looking at SQL failover clustering FIM Service database.

    Thuan Soldier
    SharePoint Vietnam | Blog | Twitter

    Monday, August 20, 2012 11:18 AM
  • here is some more information about how to achieve high availability:

    http://technet.microsoft.com/en-us/library/ff602886(WS.10).aspx

    When the data is stored within a sql cluster I think it is possible to have a passive server for FIM portal, FIM service. FIM can only be configured to be passive (and needs to manually activated) however are you also considering a load balancer to redirect the traffic to another server or how will you handle this when datacenter 1 fails?


    Need realtime FIM synchronization and advanced reporting? check out the new http://www.imsequencer.com that supports FIM 2010, Omada Identity Manager, SQL, File, AD or Powershell real time synchronization!

    Tuesday, August 21, 2012 6:30 AM
  • Hi There,

    I've implemented a similar model where a primary data center has been operating on a SQL Database that was asynchronously mirrored to a secondary site. The infrastructure for the FIM services and FIM Synchronization server were also in the warm environment. The key was to make sure the rules in the sync engine were setup such that the rules could import the data that may have changed between the last asynchronous update and the failure time. The site is able to come back online and back in operation within a couple hours at most.

    With a service level of 72 hours, you will most likely be able to completely rebuild the hardware in the secondary environment and attach to a restored instance of the database.

    In either case, make sure you have your synchronization engine encryption keys so that the MIIS Activate is successful.

    The FIM Services are load balanced such that it only requires an update to the DNS entries for the servers in the pool to move to the alternate site. The same is for the database instance as well.

    Hope that helps.

    B


    http://identityminded.wordpress.com

    Tuesday, August 21, 2012 8:12 PM