Forefront Identity Manager
2010 Installation &
Configuration
Troubleshooting the FIM Service and Portal
Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under
copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or
transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for
any purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights
covering subject matter in this document. Except as expressly provided in any written license agreement from
Microsoft, our provision of this document does not give you any license to these patents, trademarks, copyrights,
or other intellectual property.
The descriptions of other companies’ products in this document, if any, are provided only as a convenience to
you. Any such references should not be considered an endorsement or support by Microsoft. Microsoft cannot
guarantee their accuracy, and the products may change over time. Also, the descriptions are intended as brief
highlights to aid understanding, rather than as thorough coverage. For authoritative descriptions of these
products, please consult their respective manufacturers.
© 2013 Microsoft Corporation. All rights reserved. Any use or distribution of these materials without express
authorization of Microsoft Corp. is strictly prohibited.
Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United
States and/or other countries.
The names of actual companies and products mentioned herein may be the trademarks of their respective
owners.
ii
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
Troubleshooting the FIM Service and Portal
Portal Setup Wizard ended prematurely
Issue:
When trying to upgrade an Existing FIM Portal to a newer version, or running the Change Install
for the FIM Service and Portal software the installation Ends almost immediately after
installation begins.
Cause:
At some time the Service account may have changed for the Forefront Identity Manager Service
and instead of using the Change Install feature by running the setup installation file to change
the Forefront Identity Manager Service service account it is changed directly on the service via
services.msc when searching for an account via the browse button, account is saved with the
UPN format on the service which will allow you to restart the service but prevent an upgrade or
reconfiguration.
Resolution:
Check Services.msc on the Server that host the FIM Service and Portal stop the Forefront
Identity Manager Service change the service account format from FIMService@marvel.universe
to Marvel\FIMservice
Page 3
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
Incorrect
Page 4
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
Correct
Click on OK
Restart the Service
Page 5
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
FIM Portal Service is not Available
Issue:
When trying to load the FIM Portal you receive Service not Available
Cause:
This error is due to the FIMService not being started.
Resolution:
On the Server that host the FIMService if Server 2008 Click on Start
And in the search bar type services.msc
Execute Services and verify status of the Forefront Identity Manager Service.
Page 6
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
If service is Stopped click on service to, either click on Start to the Left or right click on the highlighted
service and select Start to Start the Service
Page 7
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
FIMService will not start
Event ID 1053
Cause
When a service starts, the service communicates to the Service
Control Manager how long the service must have to start (the
time-out period for the service). If the Service Control Manager
does not receive a "service started" notice from the service within
this time-out period, the Service Control Manager terminates the
process that hosts the service. This time-out period is typically
less than 30 seconds.
Solution 1.Click Start> Run, then type regedit
2.Locate, and then right-click the following registry subkey:
KEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control
3.Point to New, and then click DWORD Value. In the right
pane of Registry Editor, notice that New Value #1(the name
of a new registry entry) is selected for editing.
4.Type ServicesPipeTimeout to replace New Value #1, and then
press ENTER.
5.Right-click the ServicesPipeTimeoutregistry entry that you
created in step 3, and then click Modify. The Edit DWORD
Valuedialog box appears.
6.In the Value datatext box, type 86400000, and then click
OK( It is the timeout period (in milliseconds) that you want
to set for the service. Setting time-out period to 86400000
will set it to 24 hours (86400000 milliseconds)
7. Restart the computer.
Note:
WARNING: Incorrect use of the Windows registry editor may prevent the
operating system from functioning properly. Great care should be taken when
making changes to a Windows registry. Registry modifications should only be
Page 8
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
carried-out by persons experienced in the use of the registry editor application. It
is recommended that a complete backup of the registry and workstation be made
prior to making any registry changes.
Unable to process your Request
Issue:
User trying to log into the portal is unable to access the FIM Portal.
Cause:
This error is due to the user trying to log into the portal does not have a User Account in the portal
Resolution: Log on to the FIM Synchronization Engine and Search Metaverse for the User account that is unable to log
into the portal.
If User account cannot be located verify that the OU that the User exist in AD is in scope on the ADMA.
See ADMA Scoping for verifying you have the correct OU's in Scope that contain the user that is unable
to log into the portal.
After you have confirmed the User account is in the Metaverse.
Review your Inbound Sync Rules in the FIM Portal, Review your Attribute Flows in the FIMMA
Page 9
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering
Forefront Identity Manager 2010 Installation & Configuration
18. Action fails to complete
19. Trouble Shooting Serlf Service Password Reset
a. Installation Errors
b. Unable to access the Password Registrtaion Page
c. Unable to access the Password Reset Page.
Page 10
Prepared by Anthony Marsiglia & Kristopher Tackett
Microsoft Premier Field Engineering