I'm looking at a fim design for around 10,000 users with the following:
1 x sql server for fim portal DB
1 x fim server for fim service + fim portal
1 x fim sync server with sync service + sync DB
I need to incorporate FIM password registration and reset in as well. I'm unsure of whether to add the password reset and registration portal on the same server as the fim service and portal.
My understanding is that the main reason to separate the SSPR from the fim service and portal is due to external access for external users (i.e. security). However what I'm not sure about if external users are not relevant and if I'm to put SSPR and fim
portal on the same server, then how should the IIS sites and app pools be configured? Will 3 separate IPs, IIS sites and app pools be required?
OK - looking at your current setup you are not looking at fail-over, load balancing side of design. With this in mind - yes, you can put SSPR apps on the same box as FIM portal. Setup will create appropriate web sites and app pools for you.
you can host it all on single IP and use host headers - if you will look for putting SSL for protection of traffic just remember to use cert with subject alternative names of wildcard if you want to keep it all on single Up with host headers.
Tomek Onyszko, memberOf Predica FIM Team (http://www.predica.pl), IdAM knowledge provider @ http://blog.predica.pl
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.