Export (0) Print
Expand All
Expand Minimize

FIM 2010 R2: FIMCM - Portal should be set to use only secure connections

This topic is intended to address a specific issue identified by a Best Practices Analyzer scan. You should apply the information in this topic only to computers that have had the Forefront Identity Manager 2010 R2 Best Practices Analyzer run against them and are experiencing the issue addressed by this topic. For more information about best practices and scans, see Best Practices Analyzer (http://go.microsoft.com/fwlink/?LinkId=122786).

 

Product

Forefront Identity Manager 2010 R2

Feature

FIM Certificate Management

Operating System

Windows Server 2008 R2

Severity

Error

Category

Security

Issue

FIMCM – Portal is set to allow non-secure connections

FIM CM https rule

Impact

FIMCM – User session information can be exposed.

Resolution

FIMCM – Portal should be set to accept only secure connections

Ensure that the enabled protocols for the IIS server is set to only allow https.

Additional references

For more information, see the FIM 2010 R2 Deployment Guide (http://technet.microsoft.com/en-us/library/jj134310(v=ws.10))

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft