Restoring Forefront Identity Manager 2010 R2

  • Article

If a server running Microsoft® Forefront Identity Manager (FIM) 2010 R2, SQL Server 2008, or Windows Server® 2008 operating system stops responding and becomes inoperable, you can restore your metadirectory to the state of your most recent backup. It is strongly recommended that you test your restore procedure before an emergency occurs.

To restore your metadirectory, you need some or all of the following:

  • Windows Server® 2008 operating system installation CD with a valid Product Identification Number.

  • SQL Server installation CD with a valid Product Identification Number.

  • FIM installation CD with a valid Product Identification Number.

  • A backup copy of your Windows Server® 2008 operating system local Security Accounts Manager (SAM) database.

  • A backup copy of the FIM Synchronization Service database, which is stored in SQL Server.

  • A backup copy of your FIM encryption keys.

  • A backup copy of the source files for your rules extensions.

  • A backup copy of any FIM log files or file-based management agent import and export files that are located in InstallationDirectory\Madata.

To restore the metadirectory

  1. If needed, install a fresh copy of Windows Server® 2008 operating system.

    • The server must be installed in the same role as the previous installation, either as a stand-alone server or as a member of an Active Directory domain. If the server is a stand-alone server, use the Windows Server® 2008 operating system Backup tool to restore the local SAM database.

    • The server can have the same name or a different name as the previous installation.

  2. If needed, install SQL Server with the same options as the previous installation.

  3. Install FIM on your server with the same options as the previous installation. If you are prompted during Setup, insert a floppy disk that contains your FIM encryption key.

  4. In SQL Server, restore the FIM Synchronization Service database.

  5. In Windows Server® 2008 operating system, use Backup to restore any FIM log files or file-based management agent import and export files located in InstallationDirectory\Madata.

  6. If password synchronization was previously enabled, there may be password changes remaining in the queue. You should clear the queue before enabling password synchronization again on the restored server. For more information about clearing the password queue, see the FIM Developer Reference.

  7. After performing the above steps, run a Full Synchronization to bring your metaverse up to date.

Note

For more information about restoring the FIM Synchronization Service database, see the FIM Technical Library on the Microsoft Web site or SQL Server Books Online. For more information about Windows Server® 2008 operating system Backup, see Help and Support Center in Windows Server® 2008 operating system.