none
FIMSynchronizationservice database encryption RRS feed

  • Question

  • Hi,

    Is this correct about MIM 2016:

    The FIMSynchronizationservice database is encrypted by default, and the encryption key is only accessible to the MIM Sync Service account?

    What encryption is this? AES256?

    Thanks,

    SK

    Wednesday, March 29, 2017 2:22 AM

Answers

  • The entire DB is not encrypted, just individual items - namely service account passwords used by the various MAs. Couldn't tell you what type of encryption though.

    Keith

    • Marked as answer by Shim Kwan Thursday, April 13, 2017 1:12 AM
    Friday, March 31, 2017 4:02 PM
  • If you do SQL TDE , then by definition it will be transparent to the application and all will be well. But "official" support on this is a grey area. MIM Product team has not documented it as supported :( but SQL Product team obviously will support you :)
    • Marked as answer by Shim Kwan Thursday, April 13, 2017 1:12 AM
    Saturday, April 1, 2017 6:18 AM

All replies

  • The entire DB is not encrypted, just individual items - namely service account passwords used by the various MAs. Couldn't tell you what type of encryption though.

    Keith

    • Marked as answer by Shim Kwan Thursday, April 13, 2017 1:12 AM
    Friday, March 31, 2017 4:02 PM
  • I see - so the database is NOT encrypted at all, been mistaken all these years...

    In that case, what would happen if the SQL admins did encrypt the MIMSync database...could MIM still use it, or would things break?

    Friday, March 31, 2017 11:25 PM
  • If you do SQL TDE , then by definition it will be transparent to the application and all will be well. But "official" support on this is a grey area. MIM Product team has not documented it as supported :( but SQL Product team obviously will support you :)
    • Marked as answer by Shim Kwan Thursday, April 13, 2017 1:12 AM
    Saturday, April 1, 2017 6:18 AM
  • thank you all
    Thursday, April 13, 2017 1:13 AM