SSPR deploy


  • I was following the instructions in FIM 2010 R2 Self-Service Password Reset Deployment Guide , currently trying to install FIM

    Password Registration portal and Password reset portal on the same box as FIM portal and service .


    On page 29, in the configuration window it asks me to enter a account name under which the FIM password reg. application pool will run in IIS.

    My question since I do not have different accounts for FIM Password Registration portal and Password

    Reset portal , should i be using the FIM service ; service account name?

    Thank you for helping out

    lunedì 18 marzo 2013 23:45

Tutte le risposte

  • Hi

    Actually I wouldn't recommend you to do so, but you can. You can use one account to do everything :)

    I usually use a separate accounts for everything in my implementations.

    Regards Furqan Asghar

    martedì 19 marzo 2013 06:44
  • No please don't.

    There is certain logic in place to assume the AppPool accounts are different

    martedì 19 marzo 2013 07:02
  • we can create a new account but with what kind of permissions does this account need?

    FIM Password Registration portal and Password reset porta are on the same box as FIM portal and service; since this is our dev enviornment

    will the binding information be the host name where all these components resides

    martedì 19 marzo 2013 16:51
  • The "FIMPWPool" accoount does not need any permissions. It will be configured during setup to be used as the Application Pool identity for the PW Reset/Registration portals. I have seen situations where you need to manually configure IIS to use the Application Pool Identity for the PW Registration site.

    You do need to have separate hostnames for PW Reset and PW Registration portals that are different from the names used by the FIM Portal. Otherwise IIS will not be able to set unique bindings for each site.

    I usually configure this with a SAN certificate as well and use hostheader separation over SSL. If you are running on Server 2012 the ui in IIS manager can be used to configure the correct bindings once you have installed the PW portals.

    If running on 2008, check this out

    martedì 19 marzo 2013 18:05