FIM 2010 R2 Service and Portal Configuration Backup Tool

  • Article

The following section describes the new configuration backup tool.

FIM 2010 R2 Service and Portal Configuration Backup Tool

Prior to FIM 2010 R2, backing up the FIM Portal and Service configuration was a manual task. This involved backing up Configuration files, registry keys, and SQL Server Agent Jobs. FIM 2010 R2 introduces a new command line utility that does all this automatically and pre-packages everything into a folder with the date the utility was run.

Warning

This utility does not backup the whole FIM Service database.

This utility runs in the following two modes:

  1. Stand Alone – The utility can be manually invoked to create backups when needed.

  2. Automatically – The utility is automatically run as part of any major upgrade to FIM 2010 R2. This is done to backup pre-R2 configurations.

The utility is installed in %Program Files%\Microsoft Forefront Identity Manager\2010\Tools\Configuration Backup.

The utility stores the information in a folder called Previous Configuration which is created in Program Files\Microsoft Forefront Identity Manager\2010. Under that folder you will see a folder with the FIM Server name and under that folder there will be a folder with date and time or timestamp on which the utility was run. Inside that folder you will see a ConfigurationBackup.log file and a Portal and Service folder. Also, you will see a Portal and Service folder, indicating that the tool detected a FIM Service and FIM Portal deployment and backed up their configuration accordingly.”

Configuration Backup1

The Portal folder will contain Portal registry key entries and SharePoint config files, which follow the naming convention ‘SharePoint web_PORTNUMBER.config’.

Configuration Backup1

The Service folder will contain FIM Service registry key entries, FIM Service Database SQL Jobs Information, a backup of Microsoft.ResourceManagement.Service.exe configuration file.

Configuration Backup3

Be aware, prior to upgrading the FIM Service and Portal, this utility will run automatically and backup your FIM environment prior to the upgrade if it detects that it has not been run before.

The utility can be run from a command line or by simply double-clicking Microsoft.IdentityManagement.ConfigurationBackup.exe. Inside the Configuration Backup folder is a folder called DataSourceConfiguration. This folder has the following 3 XML files in it.

  • FIM2010_R2_RC

  • FIM2010_R2_RTM

  • FIM2010_RTM

When you initiate the utility, it determines what version of the product you currently have, then based on that, it selects the corresponding XML file and backups up what the file specifies. Editing the XML file is not supported.

The utility also uses the GetFIMJobScheduleInformation.sql script to determine what SQL Jobs to back up. This script is located in the SQLScripts folder of the Configuration Backup tool. Editing this script is unsupported.

This utility must be run locally on all servers that have FIM Service, FIM Portal, FIM Password Registration Portal and FIM Password Reset Portal deployments.

Configuration Backup XML Files and SQL Script

The following sections can be used as technical reference for determining what the Configuration Backup tool backs up. In this section the XML files and the SQL script will be laid out.

Configuration Backup File Examples

The following sections contain some examples of the files the configuration backup tool backs up. It includes an example ConfigurationBackup.log as well as examples of the registry key files and the SQL Jobs. The following configuration files are also backed up:

  1. SharePoint web_80.config

  2. SharePoint web_25049.config

  3. Microsoft.ResourceManagement.Service.exe.config

ConfigurationBackup.log

The following is an example of the ConfigurationBackup.log

4/30/2012 2:13:58 PM: Detected Forefront Identity Manager 2010 R2 RTM Portal feature.
4/30/2012 2:13:58 PM: Detected Forefront Identity Manager 2010 R2 RTM Service feature.
4/30/2012 2:13:58 PM: 
4/30/2012 2:13:58 PM: Backing up Portal in C:\Program Files\Microsoft Forefront Identity Manager\2010\Portal\
4/30/2012 2:13:58 PM: 
4/30/2012 2:13:58 PM: Initializing "FIMPortalRegistry" data source..
4/30/2012 2:13:58 PM: Backing up "FIMPortalRegistry" data source..
4/30/2012 2:13:58 PM: Executing reg.exe:
4/30/2012 2:13:58 PM: C:\Windows\system32\reg.exe EXPORT "HKLM\SOFTWARE\Microsoft\Forefront Identity Manager\2010\Portal" "C:\Program Files\Microsoft Forefront Identity Manager\2010\Previous Configuration\FIM1\2012-04-30-14-13-58\Portal\FIM Portal Registry Keys.reg"
4/30/2012 2:13:59 PM: Reg.exe exit code: 0
4/30/2012 2:13:59 PM: Backed up registry keys in "HKLM\SOFTWARE\Microsoft\Forefront Identity Manager\2010\Portal" to "C:\Program Files\Microsoft Forefront Identity Manager\2010\Previous Configuration\FIM1\2012-04-30-14-13-58\Portal".
4/30/2012 2:13:59 PM: Data source backup complete.
4/30/2012 2:13:59 PM: 
4/30/2012 2:13:59 PM: Initializing "SharePointWebConfig" data source..
4/30/2012 2:13:59 PM: Backing up "SharePointWebConfig" data source..
4/30/2012 2:13:59 PM: Backing up "C:\inetpub\wwwroot\wss\VirtualDirectories\25049\web.config" to "C:\Program Files\Microsoft Forefront Identity Manager\2010\Previous Configuration\FIM1\2012-04-30-14-13-58\Portal\SharePoint web_25049.config"
4/30/2012 2:13:59 PM: Backing up "C:\inetpub\wwwroot\wss\VirtualDirectories\80\web.config" to "C:\Program Files\Microsoft Forefront Identity Manager\2010\Previous Configuration\FIM1\2012-04-30-14-13-58\Portal\SharePoint web_80.config"
4/30/2012 2:13:59 PM: Data source backup complete.
4/30/2012 2:13:59 PM: 
4/30/2012 2:13:59 PM: Backing up Service in C:\Program Files\Microsoft Forefront Identity Manager\2010\Service\
4/30/2012 2:13:59 PM: 
4/30/2012 2:13:59 PM: Initializing "FIMServiceSettingsRegistry" data source..
4/30/2012 2:13:59 PM: Backing up "FIMServiceSettingsRegistry" data source..
4/30/2012 2:13:59 PM: Executing reg.exe:
4/30/2012 2:13:59 PM: C:\Windows\system32\reg.exe EXPORT "HKLM\SYSTEM\CurrentControlSet\services\FIMService" "C:\Program Files\Microsoft Forefront Identity Manager\2010\Previous Configuration\FIM1\2012-04-30-14-13-58\Service\FIM Service Settings Registry Keys.reg"
4/30/2012 2:13:59 PM: Reg.exe exit code: 0
4/30/2012 2:13:59 PM: Backed up registry keys in "HKLM\SYSTEM\CurrentControlSet\services\FIMService" to "C:\Program Files\Microsoft Forefront Identity Manager\2010\Previous Configuration\FIM1\2012-04-30-14-13-58\Service".
4/30/2012 2:13:59 PM: Data source backup complete.
4/30/2012 2:13:59 PM: 
4/30/2012 2:13:59 PM: Initializing "FIMServiceSetupRegistry" data source..
4/30/2012 2:13:59 PM: Backing up "FIMServiceSetupRegistry" data source..
4/30/2012 2:13:59 PM: Executing reg.exe:
4/30/2012 2:13:59 PM: C:\Windows\system32\reg.exe EXPORT "HKLM\SOFTWARE\Microsoft\Forefront Identity Manager\2010\Service" "C:\Program Files\Microsoft Forefront Identity Manager\2010\Previous Configuration\FIM1\2012-04-30-14-13-58\Service\FIM Service Setup Registry Keys.reg"
4/30/2012 2:13:59 PM: Reg.exe exit code: 0
4/30/2012 2:13:59 PM: Backed up registry keys in "HKLM\SOFTWARE\Microsoft\Forefront Identity Manager\2010\Service" to "C:\Program Files\Microsoft Forefront Identity Manager\2010\Previous Configuration\FIM1\2012-04-30-14-13-58\Service".
4/30/2012 2:13:59 PM: Data source backup complete.
4/30/2012 2:13:59 PM: 
4/30/2012 2:13:59 PM: Initializing "FIMServiceConfiguration" data source..
4/30/2012 2:13:59 PM: Backing up "FIMServiceConfiguration" data source..
4/30/2012 2:13:59 PM: Copied file "C:\Program Files\Microsoft Forefront Identity Manager\2010\Service\.\Microsoft.ResourceManagement.Service.exe.config" to "C:\Program Files\Microsoft Forefront Identity Manager\2010\Previous Configuration\FIM1\2012-04-30-14-13-58\Service".
4/30/2012 2:13:59 PM: Data source backup complete.
4/30/2012 2:13:59 PM: 
4/30/2012 2:13:59 PM: Initializing "FIMSqlJobScheduleInfo" data source..
4/30/2012 2:13:59 PM: Backing up "FIMSqlJobScheduleInfo" data source..
4/30/2012 2:13:59 PM: Connecting to the FIMService database on APP1..
4/30/2012 2:13:59 PM: Running "GetFIMJobScheduleInformation.sql" on "FIMService" database.
4/30/2012 2:13:59 PM: Backed up database rows in "C:\Program Files\Microsoft Forefront Identity Manager\2010\Previous Configuration\FIM1\2012-04-30-14-13-58\Service\FIM Service Database SQL Job Schedules.xml".
4/30/2012 2:13:59 PM: Closing database connection.
4/30/2012 2:13:59 PM: Data source backup complete.
4/30/2012 2:13:59 PM: 
4/30/2012 2:13:59 PM: Completed backing up previous configuration.

FIM Portal Registry Keys.reg

The following is an example of the FIM Portal Registry Keys.reg

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Forefront Identity Manager\2010\Portal]
"Location"="C:\\Program Files\\Microsoft Forefront Identity Manager\\2010\\Portal\\"
"BaseSiteCollectionURL"="https://localhost"
"RegistrationPortalUrl"="https://passwordregistration.corp.contoso.com"
"ServiceAddress"="FIM1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Forefront Identity Manager\2010\Portal\Registration]
"ProductID"="04783-270-0001260-04309"

FIM Service Database SQL Job Schedules.xml

The following is an example of the FIM Service Database SQL Job Schedules.xml

<Jobs>
  <Job>
    <JobName>FIM_TruncateExportLogJob</JobName>
    <JobStatus>Job is Enabled</JobStatus>
    <ScheduleName>FIM_TruncateExportLogJobSchedule_1</ScheduleName>
    <ScheduleStatus>Schedule is Enabled</ScheduleStatus>
    <FrequencyType>Daily</FrequencyType>
    <FrequencyInterval>1</FrequencyInterval>
    <SubdayFrequency>Once</SubdayFrequency>
    <freq_relative_interval>0</freq_relative_interval>
    <freq_recurrence_factor>0</freq_recurrence_factor>
    <ScheduleStartTime>05:30:00</ScheduleStartTime>
    <ScheduleEndTime>23:59:59</ScheduleEndTime>
    <date_created>2012-04-24T04:09:45.417</date_created>
    <date_modified>2012-04-24T04:09:45.417</date_modified>
  </Job>
  <Job>
    <JobName>FIM_CheckAndUpdateReportingJobStatusJob</JobName>
    <JobStatus>Job is Enabled</JobStatus>
    <ScheduleName>FIM_CheckAndUpdateReportingJobStatusJobSchedule_1</ScheduleName>
    <ScheduleStatus>Schedule is Enabled</ScheduleStatus>
    <FrequencyType>Daily</FrequencyType>
    <FrequencyInterval>1</FrequencyInterval>
    <SubdayFrequency>Every 35 Minutes</SubdayFrequency>
    <freq_relative_interval>0</freq_relative_interval>
    <freq_recurrence_factor>0</freq_recurrence_factor>
    <ScheduleStartTime>00:00:00</ScheduleStartTime>
    <ScheduleEndTime>23:59:59</ScheduleEndTime>
    <date_created>2012-04-24T04:09:45.433</date_created>
    <date_modified>2012-04-24T04:09:45.433</date_modified>
  </Job>
  <Job>
    <JobName>FIM_MaintainSetsJob</JobName>
    <JobStatus>Job is Disabled</JobStatus>
    <ScheduleName>FIM_SetMaintenanceJobSchedule_1</ScheduleName>
    <ScheduleStatus>Schedule is Enabled</ScheduleStatus>
    <FrequencyType>Daily</FrequencyType>
    <FrequencyInterval>1</FrequencyInterval>
    <SubdayFrequency>Every 1 Hours   </SubdayFrequency>
    <freq_relative_interval>0</freq_relative_interval>
    <freq_recurrence_factor>0</freq_recurrence_factor>
    <ScheduleStartTime>02:00:00</ScheduleStartTime>
    <ScheduleEndTime>08:30:00</ScheduleEndTime>
    <date_created>2012-04-24T04:09:45.150</date_created>
    <date_modified>2012-04-24T04:09:45.150</date_modified>
  </Job>
  <Job>
    <JobName>FIM_MaintainSetsJob</JobName>
    <JobStatus>Job is Disabled</JobStatus>
    <ScheduleName>FIM_SetMaintenanceJobSchedule_2</ScheduleName>
    <ScheduleStatus>Schedule is Enabled</ScheduleStatus>
    <FrequencyType>Daily</FrequencyType>
    <FrequencyInterval>1</FrequencyInterval>
    <SubdayFrequency>Every 1 Hours   </SubdayFrequency>
    <freq_relative_interval>0</freq_relative_interval>
    <freq_recurrence_factor>0</freq_recurrence_factor>
    <ScheduleStartTime>10:00:00</ScheduleStartTime>
    <ScheduleEndTime>16:30:00</ScheduleEndTime>
    <date_created>2012-04-24T04:09:45.153</date_created>
    <date_modified>2012-04-24T04:09:45.153</date_modified>
  </Job>
  <Job>
    <JobName>FIM_MaintainGroupsJob</JobName>
    <JobStatus>Job is Disabled</JobStatus>
    <ScheduleName>FIM_GroupMaintenanceJobSchedule_1</ScheduleName>
    <ScheduleStatus>Schedule is Enabled</ScheduleStatus>
    <FrequencyType>Daily</FrequencyType>
    <FrequencyInterval>1</FrequencyInterval>
    <SubdayFrequency>Once</SubdayFrequency>
    <freq_relative_interval>0</freq_relative_interval>
    <freq_recurrence_factor>0</freq_recurrence_factor>
    <ScheduleStartTime>09:00:00</ScheduleStartTime>
    <ScheduleEndTime>23:59:59</ScheduleEndTime>
    <date_created>2012-04-24T04:09:45.183</date_created>
    <date_modified>2012-04-24T04:09:45.183</date_modified>
  </Job>
  <Job>
    <JobName>FIM_MaintainGroupsJob</JobName>
    <JobStatus>Job is Disabled</JobStatus>
    <ScheduleName>FIM_GroupMaintenanceJobSchedule_2</ScheduleName>
    <ScheduleStatus>Schedule is Enabled</ScheduleStatus>
    <FrequencyType>Daily</FrequencyType>
    <FrequencyInterval>1</FrequencyInterval>
    <SubdayFrequency>Once</SubdayFrequency>
    <freq_relative_interval>0</freq_relative_interval>
    <freq_recurrence_factor>0</freq_recurrence_factor>
    <ScheduleStartTime>17:00:00</ScheduleStartTime>
    <ScheduleEndTime>23:59:59</ScheduleEndTime>
    <date_created>2012-04-24T04:09:45.187</date_created>
    <date_modified>2012-04-24T04:09:45.187</date_modified>
  </Job>
  <Job>
    <JobName>FIM_DeleteExpiredSystemObjectsJob</JobName>
    <JobStatus>Job is Enabled</JobStatus>
    <ScheduleName>FIM_DeleteExpiredSystemObjectsJobSchedule_1</ScheduleName>
    <ScheduleStatus>Schedule is Enabled</ScheduleStatus>
    <FrequencyType>Daily</FrequencyType>
    <FrequencyInterval>1</FrequencyInterval>
    <SubdayFrequency>Once</SubdayFrequency>
    <freq_relative_interval>0</freq_relative_interval>
    <freq_recurrence_factor>0</freq_recurrence_factor>
    <ScheduleStartTime>03:30:00</ScheduleStartTime>
    <ScheduleEndTime>23:59:59</ScheduleEndTime>
    <date_created>2012-04-24T04:09:45.393</date_created>
    <date_modified>2012-04-24T04:09:45.393</date_modified>
  </Job>
  <Job>
    <JobName>FIM_TemporalEventsJob</JobName>
    <JobStatus>Job is Enabled</JobStatus>
    <ScheduleName>FIM_TemporalEventsJobSchedule</ScheduleName>
    <ScheduleStatus>Schedule is Enabled</ScheduleStatus>
    <FrequencyType>Daily</FrequencyType>

FIM Service Settings Registry Keys.reg

The following is an example of the FIM Service Settings Registry Keys.reg

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FIMService]
"DelayedAutoStart"=dword:00000001
"CertificateThumbprint"="49B24EDEE73ADCE35A5EF33C5EA5541CAA93CFCB"
@=""
"SynchronizationAccountSid"="S-1-5-21-3056631083-14603757-3339682234-1135"
"PasswordRegistrationServiceAccountSID"="S-1-5-21-3056631083-14603757-3339682234-1137"
"PasswordResetServiceAccountSID"="S-1-5-21-3056631083-14603757-3339682234-1137"
"ReportingEnabled"=dword:00000000
"DatabaseServer"="APP1"
"DatabaseName"="FIMService"
"ResourceManagementServicePort"="5725"
"SecurityTokenServicePort"="5726"
"ServiceAccountSid"="S-1-5-21-3056631083-14603757-3339682234-1133"
"EnumerationEndpointAddress"="ResourceManagementService/Enumeration"
"PasswordResetEndpointAddress"="ResourceManagementService/Alternate"
"ResourceEndpointAddress"="ResourceManagementService/Resource"
"SecurityTokenServiceEndpointAddress"="ResourceManagementService/SecurityTokenService"
"MetadataEndpointAddress"="ResourceManagementService/MEX"
"SecurityTokenServiceBaseAddress"="https://localhost:5726"
"ResourceManagementServiceBaseAddress"="https://localhost:5725"
"WorkflowManagerEndpointBaseAddress"="ResourceManagementService/WorkflowManager"
"DefaultKeySize"=dword:00000100
"DefaultTokenLifetimeInMinutes"=dword:0000000a
"PollExchangeEnabled"=dword:00000001
"SynchronizationAccount"="CORP\\FIMMA"
"Type"=dword:00000010
"Start"=dword:00000002
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):22,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,\
  6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,4d,00,69,00,63,00,72,00,6f,\
  00,73,00,6f,00,66,00,74,00,20,00,46,00,6f,00,72,00,65,00,66,00,72,00,6f,00,\
  6e,00,74,00,20,00,49,00,64,00,65,00,6e,00,74,00,69,00,74,00,79,00,20,00,4d,\
  00,61,00,6e,00,61,00,67,00,65,00,72,00,5c,00,32,00,30,00,31,00,30,00,5c,00,\
  53,00,65,00,72,00,76,00,69,00,63,00,65,00,5c,00,4d,00,69,00,63,00,72,00,6f,\
  00,73,00,6f,00,66,00,74,00,2e,00,52,00,65,00,73,00,6f,00,75,00,72,00,63,00,\
  65,00,4d,00,61,00,6e,00,61,00,67,00,65,00,6d,00,65,00,6e,00,74,00,2e,00,53,\
  00,65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,22,00,00,00
"DisplayName"="Forefront Identity Manager Service"
"ObjectName"="CORP\\FIMService"
"Description"="Hosts web services and request processing for policy-based identity and access management."
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
  00,01,00,00,00,70,17,00,00,01,00,00,00,70,17,00,00,00,00,00,00,00,00,00,00

FIM Service Setup Registry Keys.reg

The following is an example of the FIM Service Setup Registry Keys.reg

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Forefront Identity Manager\2010\Service]
"Location"="C:\\Program Files\\Microsoft Forefront Identity Manager\\2010\\Service\\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Forefront Identity Manager\2010\Service\Registration]
"ProductID"="04783-270-0001260-04309"