(2016-09-26) Upgrading To MIM 2016 SP1
Posted by Jorge on 2016-09-26
Microsoft has released Microsoft Identity Manager (MIM) 2016 Service Pack 1 (build 4.4.1237.0).
–
You are running FIM 2010 (R2) or MIM 2016 and you want to upgrade to MIM 2016 SP1? Then read all about it here!
–
First check if you can simply upgrade to the newer version. If you cannot upgrade, you will see the message as displayed in figure 1. If you see that message you will have to uninstall the current version before installing the newer version. However, before uninstalling create a backup using the scripts mentioned in this blog post to create a backup FIRST!!!!
After having created the backup, you can uninstall all components one by one and reinstall the new version. For the required values use the values in the backups/exports if you do not know them anymore.
Figure 1: Message To Uninstall The Current Version First
–
Upgrading to MIM PCNS
This must be executed on a per writable DC basis!
First uninstall PCNS through Programs and Features
Then install PCNS by executing the MSI (attend) or using the command line with all the options defined (unattended)
–
Upgrading to MIM SYNC
This must be executed on a per FIM/MIM Sync Server basis!
First uninstall MIM Sync through Programs and Features
Then install MIM Sync by executing the MSI (attend) or using the command line with all the options defined (unattended)
Figure 2: Welcome Screen
–
Figure 3: License Agreement
–
Figure 4: Component Selection
–
Figure 5: Specifying SQL Server And SQL Instance
–
Figure 6: Specifying FIM/MIM Sync Service Account Credentials
–
Figure 7: Specifying FIM/MIM Sync Service Security Groups
–
Figure 8: Enabling Firewall Rules For RPC Connections
–
Figure 9: Last Screen Before The Actual Installation
–
Figure 10: Message About Finding The Existing Database And The It Will Be Upgraded
–
Figure 11: Installation Completed
–
Figure 12: The Build Of The FIM/MIM Sync Service
–
Now after installing the product:
- Check and compare the config files and reconfigure as needed;
- Check and compare the registry settings and reconfigure as needed;
- Recompile any code you have (e.g. Rules Extensions) to use it in the new version;
–
Upgrading to MIM Service And Portal
REMARK: In my case as you can see below I had the MIM Service, the MIM Portal, the MIM Password Registration Portal and the MIM Password Reset Portal on one server running. If you have distributed the components amongst multiple servers, use the following order:
- MIM Service
- MIM Portal
- MIM Password Registration Portal
- MIM Password Reset Portal
This must be executed on a per FIM/MIM Server basis that hosts a specific component!
First uninstall MIM Service and Portal through Programs and Features
Then install MIM Service and Portal by executing the MSI (attend) or using the command line with all the options defined (unattended)
Figure 13: Welcome Screen
–
Figure 14: License Agreement
–
Figure 15: Joining CEIP
–
Figure 16: Component Selection
–
Figure 17: Specifying The SQL Server, The Database Name And Whether Or Not You Want To Reuse The Database
–
Figure 18: Warning About creating A Backup Before Continuing With The Upgrade
–
Figure 18: Specifying The Mail Server And Other Related Settings
–
REMARK: Have you noticed the option “Use Exchange Online”? As soon as you check that all the other options are greyed out.
Figure 19: Configuring The Service Certificate
–
Figure 20: Configuring The FIM/MIM Service Service Account Credentials And Mail Address
–
Figure 21: Specifying The FIM/MIM Sync Server And The Account For The FIM/MIM MA
–
Figure 22: Warning About Not Being Able To Contact The FIM/MIM Sync Service
–
Figure 23: Specifying The FIM/MIM Service FQDN
–
Figure 24: Specifying The Sharepoint Collection URL To Install The Portal In
–
Figure 25: Specifying The Password Registration Portal URL
–
Figure 26: Enabling Firewall Rules And Configuring Permissions
–
Figure 27: Specifying The Credentials, The Hostname And The Port For The Password Registration Portal
–
Figure 28: Warning About Not Using SSL Due To Custom Port
–
REMARK: SSL will be configured afterwards
Figure 29: Specifying The FIM/MIM Service FQDN And The Accessibility Of The Password Registration Portal
–
Figure 30: Specifying The Credentials, The Hostname And The Port For The Password Registration Portal
–
Figure 31: Warning About Not Using SSL Due To Custom Port
–
REMARK: SSL will be configured afterwards
Figure 32: Specifying The FIM/MIM Service FQDN And The Accessibility Of The Password Reset Portal
–
Figure 33: Last Screen Before The Actual Installation
–
Figure 34: Installation Completed
–
Now after installing the product:
- Check and compare the IIS configuration and reconfigure as needed;
- Check and compare the config files and reconfigure as needed;
- Check our customizations for the Password Registration and Reset Portal still exist;
- Check and compare the registry settings and reconfigure as needed;
- Recompile any code you have (e.g. Rules Extensions) to use it in the new version;
–
Upgrading to MIM Add-In Extensions
This must be executed on every client running the FIM/MIM Add-In Extensions!
First uninstall MIM Add-In Extensions through Programs and Features
Then install MIM Add-In Extensions by executing the MSI (attend) or using the command line with all the options defined (unattended)
Figure 35: Welcome Screen
–
Figure 36: License Agreement
–
Figure 37: Joining CEIP
–
Figure 38: Component Selection
–
Figure 39: Specifying The MIM Portal Server Address And The MIM Service E-mail Address
–
REMARK: The MIM Portal Server Address should be entered as <FQDN> or <FQDN>:<PORT> when in the last case the port is a custom port. The screenshot shows the MIM Portal URL but that is not correct
Figure 40: Specifying The FIM/MIM Service FQDN
–
Figure 41: Specifying The Password Registration URL
–
Figure 42: Last Screen Before The Actual Installation
–
Figure 43: Installation Completed
–
Now after installing the product:
- Check and compare the registry settings and reconfigure as needed;
–
Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————
Jorge's Quest For Knowledge! 
(2016-11-23) Microsoft Identity Manager (MIM) 2016 Service Pack 1 Packages « Jorge's Quest For Knowledge! said
[…] with MIM 2016 with SP1 included where you would reuse all DBs. This procedure is described here. However, for some customers uninstalling everything and reinstalling it is a little bit too much. […]
LikeLike
(2017-05-11) Updating MIM 2016 With Patches After Fresh MIM 2016 (SP1) Install « Jorge's Quest For Knowledge! said
[…] then install MIM 2016 SP1 (build 4.4.1237.0) and reuse existing DBs. That procedure is explained here. In November 2016 I blogged about 2 different SP1 packages here. The build 4.4.1302.0 is explained […]
LikeLike
marahulrahul said
Post upgrade,need to run full import,full sync for all MA?Also I would like to understand as per best practice in every 30 days full import and full sync should be execute.What will impact of this?Need to disable “enable synchronization rule provisioning” before execute full import full sync?
LikeLike