none
Multiple Site FIM configuration RRS feed

  • Question

  • Hi,

    I'm looking into FIM2010r2 as a replacement for are current method of creating accounts for are college users.

    We have a windows 2008 domain enviroment across two sites. We currently use Powershell to create are accounts and depending on what site the user is always based at the profile and homedrive points to the file server on that site. The users can move between the sites as we have a 10GB link between are two sites.

    We currently create accounts at are main site but when we have to create a student or staff account for a secondary site there is always an issue when it comes to applying permissions to there home drive as the DC at are secondary site hasn't replicated to see the new account. I was looking at running a script at each site to resolve this but i thought FIM might be able to help.

    Which leads onto my question how does FIM work best across multiple sites? i'm currently working though a guide but i havent found an answer to my question yet unless i'm missing something.

    Thanks in advance for any help with this :)

    J

    Thursday, September 18, 2014 3:48 PM

Answers

  • I don't think you're missing anything Jake as FIM doesn't really help with this scenario. You can use FIM to create network accounts, but you'll still need AD DS to replicate the account to a DC at the secondary site - repadmin.exe /syncall should do the trick.

    Cheers,

    Tom Houston, UK Identity Management Practice

    • Edited by Thomas Houston Thursday, September 18, 2014 8:57 PM
    • Proposed as answer by Thomas Houston Sunday, September 21, 2014 8:56 AM
    • Marked as answer by Jake-ST Wednesday, February 24, 2016 10:49 AM
    Thursday, September 18, 2014 6:52 PM

All replies

  • I don't think you're missing anything Jake as FIM doesn't really help with this scenario. You can use FIM to create network accounts, but you'll still need AD DS to replicate the account to a DC at the secondary site - repadmin.exe /syncall should do the trick.

    Cheers,

    Tom Houston, UK Identity Management Practice

    • Edited by Thomas Houston Thursday, September 18, 2014 8:57 PM
    • Proposed as answer by Thomas Houston Sunday, September 21, 2014 8:56 AM
    • Marked as answer by Jake-ST Wednesday, February 24, 2016 10:49 AM
    Thursday, September 18, 2014 6:52 PM
  • I believe FIM can help you with this but please make sure what is your exact requirement. FIM can help you in giving group based access, User Provisioning, De-Provisioning, Password Reset, etc.

    If this is somewhat your need then it might help.


    Regards,
    Manuj Khurana

    • Proposed as answer by Manuj Khurana Monday, September 29, 2014 10:31 AM
    Friday, September 19, 2014 8:37 AM
  • Hi Tom and Manuj,

    Thought asmuch thanks for clarifying. I was thinking about using repadmin.exe within the script but wanted to hold fire until i could comfirm if FIM could help.

    I was looking at FIM to help the 1st line boys and girls in there jobs to easily manage Accounts and Groups but the main reason for it was to see if it could help with the replication. It would be nice to have FIM just need to work out the licencing.

    Cheers for your help.

    J

    Monday, September 22, 2014 9:12 AM