Content provided by Microsoft  

Applies to: Microsoft Identity Manager 2016 SP2   

Introduction  

A hotfix rollup package (build 4.6.531.0) is available for Microsoft Identity Manager (MIM) 2016 Service Pack 2 (SP2). This rollup package resolves some issues and adds some improvements that are described in the "Issues fixed and improvements added in this update" section.  This build replaces previously released 4.6.530.0 build to address MIM Service installer issues. 

Update information  

 Microsoft Download Center  

A supported update is available from the Microsoft Download Center. We recommend that all customers apply this update to their production systems.  

Download the update for Microsoft Identity Manager 2016 SP2 (KB5004861) now.  

Prerequisites  

To apply this update, you must have the following installed:  

Microsoft Identity Manager 2016 Service Pack 2 (SP2) build 4.6.34.0  or later 

Known Issues

MIM Service and Portal

MIM Service hotfix may fail to install with UpdateAppConfigSettingsInPatch custom action error reported if you have modified MIM Service configuration file and removed default sources from <diagnostics> section keeping <dynamicLogging mode="true"> enabled. Remove <dynamicLogging mode="true"> section from MIM Service configuration file if installer fails with this error and re-apply this hotfix.

Previously released MIM Service build 4.6.530.0 hotfix may fail to install when Group-Managed Service Account (gMSA) is used. To work around this issue, update the following registry key value to replace with "None" before running the update:  

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Forefront Identity Manager\2010\Service\MailServerType

After the update is successfully installed, change back to the original value.  

MIM Service and Portal Language Packs

When you install MIM Service and Portal language pack update, due to localization fixes, all default localized RCDC resource strings, constants, localized attribute names and localized binding names are overwritten with new values. Make sure to back up changes you made to default localized values before applying this hotfix and manually revert them back after the hotfix is installed, manually import them back and restart IIS.

Restart requirement  

You must restart the computer after you apply the add-ins and extensions package (Mimaddinsextensions_x(64/86)_ KB5004861.msp). You may also have to restart the server components. 

File information  

 The global version of this update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.  

File name

File size

Date

Time

MIMAddinsExtensions_x64_KB5004861.msp

11,767,808

01-October-2021

04:29

MIMAddinsExtensions_x86_KB5004861.msp

4,759,552

01-October-2021

03:56

MIMAddinsExtensionsLP_x64_KB5004861.msp

4,124,672

01-October-2021

04:41

MIMAddinsExtensionsLP_x86_KB5004861.msp

3,002,368

01-October-2021

03:58

MIMService_x64_KB5004861.msp

136,380,416

01-October-2021

04:34

MIMServiceLP_x64_KB5004861.msp

13,611,008

01-October-2021

04:53

MIMSyncService_x64_KB5004861.msp

27,889,664

01-October-2021

01:13

Issues fixed and improvements added in this update    

MIM Synchronization Service

  • Fixed an issue with Kerberos authentication by enabling 3-part SPN authentication for LDAP connections in Active Directory Management Agent

MIM Service and Portal 

  • Fixed an issue with Kerberos authentication by enabling 3-part SPN authentication for LDAP connections in MIM Service, MIM PAM components and workflows

  • Set membership transitions are optimized to improve MIM Service request processing performance

MIM Service and Portal Language Packs 

  • Localization updates

Note: In order to reconfigure the MIM service for Office 365 application context authentication, you need to apply this hotfix first, then run Create-MIMMailboxApp.ps1 script to register MIM Service application in Azure AD and run change mode installation. More details could be found in MIM Service for Azure AD Premium customers deployment guide: Install MIM 2016 with SP2: MIM Service and Portal for Azure AD Premium customers

References  

Microsoft Identity Manager release history  

Learn about the terminology that Microsoft uses to describe software updates.  

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Thank you for your feedback!

×