Update informationThis version of Forefront Identity Manager is affected by the issue that is described in Microsoft Security Advisory 2749655. In this issue, the digital signature on files that are produced and signed by Microsoft will expire prematurely. To resolve the issue for Forefront Identity Manager, install hotfix 2750673 .
Component update packagesThe following table contains the component update packages that are available for download from Microsoft Support.
|FIM 2010 Add-ins and Extensions||FIMAddinsExtensions_x86_KB2737503.msp FIMAddinsExtensions_x64_KB2737503.msp|
|FIM 2010 Add-ins and Extensions Language Pack||FIMAddinsExtensionsLP_x86_KB2737503.msp FIMAddinsExtensionsLP_x64_KB2737503.msp|
|FIM 2010 Certificate Management||FIMCM_x86_KB2737503.msp FIMCM_x64_KB2737503.msp|
|FIM 2010 Certificate Management Client||FIMCMClient_x86_KB2737503.msp FIMCMClient_x64_KB2737503.msp|
|FIM 2010 Certificate Management Bulk Issuance Client||FIMCMBulkClient_x86_KB2737503.msp|
|FIM 2010 Service and Portal||FIMService_x64_KB2737503.msp|
|FIM 2010 Service Portal Language Pack||FIMServiceLP_x64_KB2737503.msp|
|FIM 2010 Synchronization Service||FIMSyncService_x64_KB2737503.msp|
|FIM 2010 Password Change Notification Service||FIMPCNS_x86_KB2737503.msp|
PrerequisitesTo apply this update, you must have Forefront Identity Manager 2010 build 4.0.2592.0 or a later build installed.
Restart requirementYou must restart the computer after you apply this update. Additionally, you may have to restart the server components.
Replacement informationThis update replaces the following updates:
2635086 Update Rollup 2 (build 4.0.3606.2) is available for Forefront Identity Manager 2010
2520954 A hotfix rollup package (build 4.0.3594.2) is available for Forefront Identity Manager 2010
2502631 A hotfix rollup package (build 4.0.3576.2) is available for Forefront Identity Manager 2010
2417774 A hotfix rollup package (build 4.0.3573.2) is available for Forefront Identity Manager 2010
2272389 A hotfix rollup package (build 4.0.3558.2) is available for Microsoft Forefront Identity Manager (FIM) 2010
2028634 A hotfix rollup package (build 4.0.3547.2) is available for Microsoft Forefront Identity Manager (FIM) 2010
978864 Update Package 1 for Microsoft Forefront Identity Manager (FIM) 2010
File informationThe global version of this update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
|File name||File size||Date||Time|
Issues that are fixed or features that are added in this update
Fixed issues in FIM Synchronization Service
Issue 1The ExchangeUtils:CreateMailbox method requires administrator permissions in Active Directory when the logon SID for an account is provided to the method.
Issue 2When equal precedence is set on an attribute and a management agent's delta import encounters changes for an object multiple times during the same run, the management agent incorrectly blocks synchronization of the combined changes to the metaverse.
Issue 3FIM synchronization cannot de-provision user objects in Active Directory when Microsoft Exchange Server has added Active Sync devices.
Issue 4A management agent that has a large dataset reports "0 is not a valid DN depth" at the end of a full import when the agent processes object obsoletion.
Fixed issues and new features in FIM Service MA
Issue 1When the Microsoft .NET Framework 4.0 is installed on a computer that is running FIM Sync Engine, FIM MA creation and configuration may fail.
Feature 1Additional logging is added to the Application log if a nonrecoverable exception is thrown in the FIM MA. This was done to provide better diagnostics for stopped-server errors.
New features in Sets and Query
Feature 1Adds support to configure the Query and Sets features to treat underscores as literals instead of as SQL wildcard characters.
To enable this feature, the site administrator has to change the Web.config file to include the TreatUnderscoresAsLiterals key at the following location:
<add key="TreatUnderscoresAsLiterals" value="true"/>
The site administrator must do this for each FIM portal that an organization may have configured.
Article ID: 2737503 - Last Review: 7 Nov 2012 - Revision: 1