I was advised to write to your email for an advice on this concern.
My overall goal is to migrate FIM 2010 R2 to MIM 2016, and to that effect I have tested a few aspects separately and I was able to figure out most of the parts.
One such test, I am getting stuck at is to deploy MIM 2016 SSPR portals (Pwd Reg and reset) on SPF 2013 Port 80, like it was done for FIM 2010 R2.
I was able to deploy Identity Management Portal, and also setup AAM for a userfirendly address (URL) rather than just hostname and that works fine, except the password registration and reset portals.
The environment:
Domain: Cloud.org
New MIM 2016 Deplyment
MIM2016/SQL2014/SPF2013SP1/IIS are installed on Windows Server 2012 R2, and the host name is -----SQL2014-2.
Sharepoint URL
AAM
MIM Portal (works fine with standard and AAM as weel)
SSPR URL (doesn't work- Page cannot be displayed/ Host A static record created in DNS)
Service Accounts (Names)
MIMService
MIMSync
MIMMA
SharePoint
The issue:
The MIM portal works fine and I am able to provision and sync users in AD, however the the SSPR portals end up in "Page cannot be displaied" error. There are Host A records created in DNS, pointing to same IP as the MIM Server (SQL2014-2). The
SPNs for http/pwdreg.cloud.org are also registered for Mimservice service account.
Also, Claims auth and auto upgrade are disabled for SPF2013 SP1.
The SSPR portals are set to operate on Port 80, unlike what's stated on MIM guide to use ports 8080 and 8088 respectively. This is a new install and I have followed the FIM guide where all the portals work fine together on 80/443.It as suggested in MIM formal
guide to use FIM guide when necessary.
Is this supposed to work or are we supposed to use ports other than Port 80 for MIM 2016 unlike FIM 2010 R2?
The only related error I could see in the eventlog:
Log Name: Forefront Identity Manager
Source: Microsoft.ResourceManagement
Date: 11/3/2016 7:37:36 AM
Event ID: 3
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Description:
Requestor: Internal Service
Correlation Identifier: 3204fa40-1d54-4a08-bbbe-a8a8e706a6ff
Microsoft.ResourceManagement.Service: Microsoft.ResourceManagement.WebServices.Exceptions.UnwillingToPerformException: IdentityIsNotFound
at Microsoft.ResourceManagement.WebServices.ResourceManagementService.GetUserFromSecurityIdentifier(SecurityIdentifier securityIdentifier)
at Microsoft.ResourceManagement.WebServices.ResourceManagementService.GetCurrentUser()
at Microsoft.ResourceManagement.WebServices.ResourceManagementService.Enumerate(Message request)
Event Xml:
<System>
<Provider Name="Microsoft.ResourceManagement" />
<EventID Qualifiers="0">3</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-11-03T02:07:36.000000000Z" />
<EventRecordID>22</EventRecordID>
<Channel>Forefront Identity Manager</Channel>
<Security />
</System>
<EventData>
<Data>Requestor: Internal Service
Correlation Identifier: 3204fa40-1d54-4a08-bbbe-a8a8e706a6ff
Microsoft.ResourceManagement.Service: Microsoft.ResourceManagement.WebServices.Exceptions.UnwillingToPerformException: IdentityIsNotFound
at Microsoft.ResourceManagement.WebServices.ResourceManagementService.GetUserFromSecurityIdentifier(SecurityIdentifier securityIdentifier)
at Microsoft.ResourceManagement.WebServices.ResourceManagementService.GetCurrentUser()
at Microsoft.ResourceManagement.WebServices.ResourceManagementService.Enumerate(Message request)</Data>
</EventData>
Also, following SPNs are registered for service accounts and host server (you may ignore MIM2016 and MIM2016-S2K8 as they were older installations and are shutoff):
CN=MIMService,OU=Service Accounts,DC=cloud,DC=org:
MIMService/SQL2014-2
CN=MIMSync,OU=Service Accounts,DC=cloud,DC=org:
MIMSync/SQL2014-2
No SPNS for MIMMA
CN=SharePoint,OU=Service Accounts,DC=cloud,DC=org:
http/mimportal
http/SQL2014-2
http/MIM2016
http/MIM2016-S2K8
CN=SqlServer,OU=Service Accounts,DC=cloud,DC=org:
MSSQLsvc/SQL2014-2:1433
CN=SQL2014-2,CN=Computers,DC=cloud,DC=org:
MIMSync/SQL2014-2 Cloud\MIMSync
MIMService/SQL2014-2 Cloud\MIMService
http/SQL2014-2 Cloud\Sharepoint
MSSQLSVC/SQL2014-2.cloud.org:SHAREPOINT
WSMAN/SQL2014-2
TERMSRV/SQL2014-2
RestrictedKrbHost/SQL2014-2
HOST/SQL2014-2
Any help would be greatly appreciated.
SG