Jorge's Quest For Knowledge!

All About Identity And Security On-Premises And In The Cloud – It's Just Like An Addiction, The More You Have, The More You Want To Have!

(2013-10-08) A Hotfix Rollup Package (Build 4.1.3469.0) Is Available for Forefront Identity Manager 2010 R2

Posted by Jorge on 2013-10-08

Microsoft released a new hotfix for FIM 2010 R2 with build 4.1.3469.0. What it fixes can be found in this blog post. For additional or detailed info see MS-KBQ2877254

Issues that are fixed or features that are added in this update
FIM Service
Issue 1

In some rare scenarios in which the Exchange server FIM Service tries to poll approval response email messages, an "ErrorInternalServerTransientError" error is returned. In these scenarios, the FIM Service throws an exception.
After you apply this update, you can configure a retry by setting the following values in the configuration file:

  • mailServerSendOperationMaximumRetryCount="3"
  • mailServerSendOperationRetryIntervalInMilliseconds="1000"

FIM Synchronization Service
Issue 1

An Active Directory Management Agent runs an export run profile that is configured to also log an audit file. When there are child objects such as Active Sync devices on the user, the export fails.

Issue 2

When an ECMA2 Connector runs an export run profile that is configured to also log an audit file, no objects are exported.

Issue 3

FIM synchronization cannot deprovision computer objects in Active Directory when there are other child objects, such as printers and file share objects, present on the computer object.

Issue 4

In ECMA2, when the NoAddAndDeleteConfirmation capability is set and an exception is thrown during object export, the exception is processed incorrectly. Additionally, failed objects are marked incorrectly as successful.

Issue 5

When an additional object type is added to an already configured ECMA2 Connector, an "Object Reference Not Set" exception is thrown.

Issue 6

When you try to stop a running ECMA2 Connector from the user interface (UI), the Sync Engine may crash.

Issue 7

A Delete-Add that is sent as a Replace in ECMA2 requires the anchor to be returned from the Connector. This causes issues with the Windows Azure Active Directory Connector when the object is deleted and reprovisioned.

Issue 8

When you use an attribute Replace during export to remove the last value from a multivalued attribute, an attribute Replace without values is sent to the Connector. This causes a "The server encountered an unexpected error in the synchronization engine" error to be thrown when the Windows Azure Active Directory Connector is used. After you apply this update, the new behavior is to send this as an attribute Delete to the Connector.

Issue 9

When the Set-MIISADMAConfiguration cmdlet is used in a multidomain environment, a corrupted configuration may occur.

Issue 10

In build 4.1.3461.0, a regression occurs that causes import-only attribute flows not to be honored by the UI.

* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
############### Jorge’s Quest For Knowledge #############
######### ########

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: