Article ID: 2737503 - View products that this article applies to.
A hotfix rollup package (build 4.0.3627.2) is available for Microsoft Forefront Identity Manager (FIM) 2010. This hotfix rollup package resolves some issues and adds some features that are described in the "More Information" section.
Update informationThis version of Forefront Identity Manager is affected by the issue that is described in Microsoft Security Advisory 2749655
(http://technet.microsoft.com/en-us/security/advisory/2749655). In this issue, the digital signature on files that are produced and signed by Microsoft will expire prematurely. To resolve the issue for Forefront Identity Manager, install hotfix 2750673
Component update packagesThe following table contains the component update packages that are available for download from Microsoft Support.
Collapse this tableExpand this table
PrerequisitesTo apply this update, you must have Forefront Identity Manager 2010 build 4.0.2592.0 or a later build installed.
Restart requirementYou must restart the computer after you apply this update. Additionally, you may have to restart the server components.
Replacement informationThis update replaces the following updates:
(http://support.microsoft.com/kb/2688078/ )A hotfix rollup package (build 4.0.3617.2) is available for Forefront Identity Manager 2010
(http://support.microsoft.com/kb/2635086/ )Update Rollup 2 (build 4.0.3606.2) is available for Forefront Identity Manager 2010
(http://support.microsoft.com/kb/2520954/ )A hotfix rollup package (build 4.0.3594.2) is available for Forefront Identity Manager 2010
(http://support.microsoft.com/kb/2502631/ )A hotfix rollup package (build 4.0.3576.2) is available for Forefront Identity Manager 2010
(http://support.microsoft.com/kb/2417774/ )A hotfix rollup package (build 4.0.3573.2) is available for Forefront Identity Manager 2010
(http://support.microsoft.com/kb/2272389/ )A hotfix rollup package (build 4.0.3558.2) is available for Microsoft Forefront Identity Manager (FIM) 2010
(http://support.microsoft.com/kb/2028634/ )A hotfix rollup package (build 4.0.3547.2) is available for Microsoft Forefront Identity Manager (FIM) 2010
(http://support.microsoft.com/kb/978864/ )Update Package 1 for Microsoft Forefront Identity Manager (FIM) 2010
File informationThe global version of this update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
Collapse this tableExpand this table
Issues that are fixed or features that are added in this update
Fixed issues in FIM Synchronization Service
Issue 1The ExchangeUtils:CreateMailbox method requires administrator permissions in Active Directory when the logon SID for an account is provided to the method.
Issue 2When equal precedence is set on an attribute and a management agent's delta import encounters changes for an object multiple times during the same run, the management agent incorrectly blocks synchronization of the combined changes to the metaverse.
Issue 3FIM synchronization cannot de-provision user objects in Active Directory when Microsoft Exchange Server has added Active Sync devices.
Issue 4A management agent that has a large dataset reports "0 is not a valid DN depth" at the end of a full import when the agent processes object obsoletion.
Fixed issues and new features in FIM Service MA
Issue 1When the Microsoft .NET Framework 4.0 is installed on a computer that is running FIM Sync Engine, FIM MA creation and configuration may fail.
Feature 1Additional logging is added to the Application log if a nonrecoverable exception is thrown in the FIM MA. This was done to provide better diagnostics for stopped-server errors.
New features in Sets and Query
Feature 1Adds support to configure the Query and Sets features to treat underscores as literals instead of as SQL wildcard characters.
To enable this feature, the site administrator has to change the Web.config file to include the TreatUnderscoresAsLiterals key at the following location:
<configuration> <appSettings> <add key="TreatUnderscoresAsLiterals" value="true"/> </appSettings> </configuration>
The site administrator must do this for each FIM portal that an organization may have configured.
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/824684/ )Description of the standard terminology that is used to describe Microsoft software updates