Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

A hotfix rollup package (build 4.00.3558.02) is available for Forefront Identity Manager 2010


View products that this article applies to.

Introduction

A hotfix rollup package (build 4.00.3558.02) is available for Microsoft Forefront Identity Manager (FIM) 2010.

This hotfix rollup package includes all the previous hotfixes that are described in the following Microsoft Knowledge Base (KB) articles:
978864 Update Package 1 for Microsoft Forefront Identity Manager (FIM) 2010

2028634 A hotfix rollup package (build 4.0.3547.2) is available for Microsoft Forefront Identity Manager (FIM) 2010

The hotfix rollup package also resolves some issues and provides features that were not previously documented in a Knowledge Base article. For more information about these issues and features, see the "More information" section.

↑ Back to the top


Resolution

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that described in this article. Apply this hotfix only to systems that are experiencing the problem described in this article. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft website: Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

Prerequisites

You must have Microsoft Forefront Identity Manager 2010 installed to apply this hotfix.

Restart information

You do not have to restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix rollup replaces the following hotfix rollup:
2028634 A hotfix rollup package (build 4.0.3547.2) is available for Microsoft Forefront Identity Manager (FIM) 2010

File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

File nameFile versionFile sizeDateTime
Fimaddinsextensionslp_x64_kb2272389.mspNot Applicable4,358,14409-Sep-201013:09
Fimaddinsextensionslp_x86_kb2272389.mspNot Applicable3,478,01609-Sep-201012:48
Fimaddinsextensions_x64_kb2272389.mspNot Applicable3,051,52009-Sep-201013:09
Fimaddinsextensions_x86_kb2272389.mspNot Applicable2,570,24009-Sep-201012:48
Fimcmbulkclient_x86_kb2272389.mspNot Applicable2,256,38409-Sep-201012:48
Fimcmclient_x64_kb2272389.mspNot Applicable5,793,28009-Sep-201013:09
Fimcmclient_x86_kb2272389.mspNot Applicable5,127,68009-Sep-201012:48
Fimcm_x64_kb2272389.mspNot Applicable10,140,16009-Sep-201013:09
Fimpcns_x64_kb2272389.mspNot Applicable182,78409-Sep-201013:09
Fimpcns_x86_kb2272389.mspNot Applicable142,84809-Sep-201012:48
Fimservicelp_x64_kb2272389.mspNot Applicable4,605,44009-Sep-201013:09
Fimservice_x64_kb2272389.mspNot Applicable16,491,00809-Sep-201013:09
Fimsyncservice_x64_kb2272389.mspNot Applicable21,146,62409-Sep-201013:09


↑ Back to the top


More Information

Fixed issues that relate to Certificate Management

The following issue is fixed in this hotfix package:

Issue 1

The requests that are submitted by the Online Update Service cannot update the target attribute in Active Directory in Certificate Management of FIM 2010.

↑ Back to the top


Fixed feature and issues that relate to Credential Management

The following feature and issues are fixed in this hotfix package:

Feature

Feature 1

The Password Reset registration wizard does not let organizations provide a link to their data policy. This hotfix adds a fix to provide a feature by which you can insert a link to an organization’s data policy and display that link in the Password Reset registration wizard. To enable this feature, you must set the PrivacyLink (REG_SZ) registry value after you apply this hotfix. This fix is available in the Identity Manager 2010 Group Policy Templates. To obtain the Group Policy templates, visit the following Microsoft Download Center website:

Issues

Issue 1

This hotfix enables the self-service password reset registration cache feature to work correctly.

When the registration cache feature is enabled, users who are registered for password reset will have their registration checked periodically to make sure that it is up to date. Users who are not registered will continue to be prompted to register for password reset every time that they log on to Windows.


Issue 2

The type for the CacheInterval and MaxOffset registry values is set to REG_SZ in the Group Policy Templates. This hotfix corrects the type to REG_DWORD. This fix is available in the Identity Manager 2010 Group Policy Templates. To obtain the Group Policy templates, visit the following Microsoft Download Center website:


Issue 3

The password reset portal returns the following error message after an IIS Reset:
An unexpected error has occurred.

Added feature that relates to Declarative Provisioning

The following feature is added in this hotfix package:

Feature 1

This hotfix enables an outgoing synchronization rule to use a flow scope that accommodates more than two resource types.

Fixed issue that relates to Common UI

The following issue is fixed in this hotfix package:

Issue 1

When there are more than seven UocListViews in a single Resource Control Display Configuration (RCDC), the UocListView is rendered in the wireframe view instead of in the graphical view.

Fixed issues and features that relate to Sync Engine

The following features and issues are fixed in this hotfix package:

Features

Feature 1

The hotfix introduces a new registry key, MinimalObjectLogging. This lets less information be logged if an error has occurred during a run. 

For more information about this registry key, visit the following Microsoft TechNet website: 

Feature 2

This hotfix writes an error message to the event log when a management agent run encounters staging errors.


Feature 3

A management agent can have several partitions. For example, the management agent for Active Directory can have several partitions where every domain in a forest is a partition. When a whole partition is unselected, all previously imported objects are kept in the connector space. Then, a full import on any other partitions removes all objects that are in an unselected partition.

Issues

Issue 1

In rare circumstances when the recycle bin is enabled on Windows Server 2008 R2, you receive error code 0x80230309. Also, you receive the following error message on the management agent for Active Directory:
The dimage indicates an update or replace operation. But the image does not exist.


Issue 2

A WMI query for MIIS_RunHistory returns no result.


Issue 3

The Extensible Connectivity Management Agent (ECMA) has a CustomData property that is used to store the watermark for delta. When the MA encounters an export-not-reimported error, the watermark is not committed. 

The hotfix commits the CustomData property even if the error occurs.


Issue 4

When the last member is staged to be exported, a multi-mastered attribute generates the error “attribute not found.” This error occurs when the synchronization engine runs an import that brings in a new member instead of running an export as expected.


Issue 5

The attribute precedence does not work as expected with Declarative Provisioning and the FIM Service Management Agent.

To resolve the issue, perform one of the following operations after you apply this hotfix:

  • Only run full synchronization on the Active Directory Management Agent (MA), which has higher precedence than the FIM MA.
  • Only run the preview commit for the linked CS objects of the bad Metaverse objects on the MA, which has higher precedence than the FIM MA.



Issue 6

If you create a new mailbox by using the CreateMailbox method in ExchangeUtils, you may encounter an export-change-not-reimported on the nTSecurityDescriptor attribute. 

This hotfix corrects the normalization of this attribute.


Issue 7

In rare cases, the synchronization engine may crash with a multi-mastered member attribute.


Issue 8

When you change an object type during scripted provisioning, you receive the following error message:
The dimage has a different anchor or primary object class from what is shown on the hologram.


Issue 9

When you run MAs in an unexpected order and remove the very last member of a group, you see the error “0x80070057 (The parameter is incorrect.)” on a multi-mastered, multivalued reference attribute, such as a member of a group.


Issue 10

In rare cases, the sync engine may crash during a delta synchronization.

Fixed issues that relate to Workflow Engine

Issue 1

When you change dynamic groups in FIM 2010, it takes a long time for the changes to take effect. This hotfix improves the performance when you make these changes.

↑ Back to the top


Keywords: kb, kbbug, kbsurveynew, kbprb, kbexpertiseinter, kbhotfixdev, kbfix, kbhotfixserver, kbqfe, kbautohotfix

↑ Back to the top

Article Info
Article ID : 2272389
Revision : 3
Created on : 4/9/2020
Published on : 4/9/2020
Exists online : False
Views : 246