Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Hotfix rollup package (build 4.5.202.0) is available for Microsoft Identity Manager 2016 Service Pack 1


View products that this article applies to.

Introduction

A hotfix rollup package (build 4.5.202.0) is available for Microsoft Identity Manager (MIM) 2016 Service Pack 1 (SP1). This rollup package resolves some issues and adds some improvements that are described in the "Issues fixed and improvements added in this update" section.

↑ Back to the top


Known issues in this update

Synchronization Service

After you install this update, rules extensions and custom management agents (MAs) based on Extensible MA (ECMA1 or ECMA 2.0) may not run and may cause a run status of "stopped-extension-dll-load." This issue occurs when you run such rules extensions or custom MAs after you change the configuration file (.config) for one of the following processes:

  • MIIServer.exe
  • Mmsscrpt.exe
  • Dllhost.exe

For example, you edit the MIIServer.exe.config file to change the default batch size for processing sync entries for the Forefront Identity Manager (FIM) Service MA. In this situation, the synchronization engine installer for this update can't replace the configuration file to avoid deleting your previous changes. This is because if the configuration file isn't replaced, entries that are required by this update aren't present in the files. Therefore, the synchronization engine does not load any rules extension DLLs when the engine runs a Full Import or Delta Sync run profile.

To resolve this issue, follow these steps:

  1. Back up the MIIServer.exe.config file.
  2. Open the MIIServer.exe.config file in a text editor or in Microsoft Visual Studio.
  3. Find the <runtime> section in the MIIServer.exe.config file, and then replace the content of the <dependentAssembly> section with the following content:

<dependentAssembly>

<assemblyIdentity name="Microsoft.MetadirectoryServicesEx" publicKeyToken="31bf3856ad364e35" />

<bindingRedirect oldVersion="3.3.0.0-4.1.3.0" newVersion="4.1.4.0" />

</dependentAssembly>

  1. Save the changes to the file.
  2. Find the Mmsscrpt.exe.config file in the same directory and the Dllhost.exe.config in the parent directory. Repeat steps 1 through 4 for these two files.
  3. Restart the Forefront Identity Manager Synchronization Service (FIM Synchronization Service).
  4. Verify that the rules extensions and custom management agents now work as expected.

Service and Portal Setup

The 2013 x64 Visual C++ Redistributable Packages (vcresist_x64.exe) must be installed before you run MIM Service and Portal Setup.

Associated error:

 

To resolve this issue:

Download the Visual C++ Redistributable Package (vcredist_x64.exe) from the following Windows Download Center link.

Visual C++ Redistributable Package

Identity Management Portal

After you install this update, the Portal may not be displayed as expected in Internet Explorer. To fix this issue, follow these steps:

  1. Close all Internet Explorer instances.
  2. Open the Internet Options control panel.
  3. Delete all history and cached files.

If this issue persists, make sure that the version of Internet Explorer is 11 or a later version. If you are running versions that are earlier than 11, there may be display inconsistencies when you compare it to the Portal that is displayed in version 11.

↑ Back to the top


Update information

Microsoft Download Center

A supported update is available from the Microsoft Download Center. We recommend that all customers apply this update to their production systems.

Download the update for Microsoft Identity Manager 2016 SP1 (KB4346632) now

Prerequisites

To apply this update, you must have the following installed:

  • Microsoft Identity Manager 2016 build 4.4.1302.0
  • .NET Framework 4.6 for the following components:
    • MIM Service
    • MIM Portals (Identity Management, Password Reset, Password Registration)
    • MIM PAM
    • MIM add-ins and extensions

Restart requirement

You must restart the computer after you apply the add-ins and extensions package (Fimaddinsextensions_xnn_KB4073679.msp). You may also have to restart the server components.

Replacement information

This is a cumulative update that replaces all MIM 2016 SP1 updates, from 4.4.1302.0 up to build 4.5.26.0 for Microsoft Identity Manager 2016.

↑ Back to the top


File information

The global version of this update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

File name File version File size Date Time Platform
LANGUAGE Packs.zip Not applicable 118,185 31-Aug-2018 10:00 Not applicable
MIMAddinsExtensions_x64_KB4346632.msp Not applicable 7,436 29-Aug-2018 21:17 x64
MIMAddinsExtensions_x86_KB4346632.msp

Not applicable

3,212 29-Aug-2018 20:37 x64
MIMCMBulkClient_x86_KB4346632.msp Not applicable 7,220 29-Aug-2018 16:07 x86
MIMCMClient_x64_KB4346632.msp Not applicable 7,440 29-Aug-2018 17:09 x64
MIMCMClient_x86_KB4346632.msp Not applicable 7,076 29-Aug-2018 16:06 x86
MIMCM_x64_KB4346632.msp Not applicable 16,560 29-Aug-2018 17:37 x64
MIMService_x64_KB4346632.msp Not applicable 38,960 29-Aug-2018 21:20 x64
MIMSyncService_x64_KB4346632.msp Not applicable 21,764 29-Aug-2018 18:42 x64

↑ Back to the top


Issues fixed and improvements added in this update

This update makes the following fixes and improvements that were not previously documented in the Microsoft Knowledge Base.

Service and Portal

MIM Service

The MIM Service now supports the use of the Azure MFA Server for MIM Azure MFA integration. 

With the release of this update, it’s recommended that all new MIM MFA integrations be done by using the Azure MFA Server instead of the Azure Direct MFA SDK. Support for Azure MFA Server is added in this update release.

This applies to both MIM Privileged Access Management (PAM) MFA integration and MIM Self Service Password Reset (SSPR) MFA integration.

This also includes functionality update to enable you to create custom MFA servers and integrate them with MIM. 

Working with MFA Server in MIM

Working with a custom MFA server in MIM

Working with Self-Service Password Reset (Updated)

Privileged Access Management

When you use the REST API against Privileged Access Management (PAM), an exception is returned: 

PAM REST API could not be started because it could not load file or assembly System.Net.Http.Formatting, Version=5.2.2.0

After you install this update, this issue is resolved. 

MIM Identity Management Portal

Issue 1

With build 4.5.26.0, some popups in the MIM Portal are displayed with an incorrect table length.  The table seems to be truncated on the left side of the popup.

After you install this update, the tables in the popups are displayed as expected. 

Issue 2

In the Advanced Search dialog of the Portal, the scrollbars don’t display properly.

After you install this update, the Advanced Search dialog scrollbars are displayed as expected.

MIM Service and Portal Language Pack

When you install the MIM Service and Portal language pack in hotfix update 4.5.26.0, an exception is returned, preventing the installation to complete.

Assembly Error:  Strong name signature verification failed for assembly Microsoft.IdentityManagement.Logging.resources.dll.  The assembly may have been tampered with, or it was delay signed, but not fully signed with the correct private key.

This issue has been fixed in this new hotfix release, allowing the installation of the MIM Service and Portal language pack update. 

Certificate Management

Starting with the MIM update version 4.5.26.0, a binding redirect statement was required, for use of the REST API.  This redirected the 4.5.6 build of Newtonsoft.Json.dll to use version 9.0.0.0. 

After you install this new version, the MIM Certificate Management REST API will work with, or without, the binding redirect statement in the web.config file. 

Important:  If upgrading from build 4.5.26.0, the binding redirect statement should be also updated, as the Newtonsoft.Json.dll also has a new revision – 9.0.1.0.  Alternately, the binding redirect information for the Newtonsoft.Json can be removed.

<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="Newtonsoft.Json"
publicKeyToken="30AD4FE6B2A6AEED" culture="neutral"/>
<bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="9.0.1.0"/>
</dependentAssembly>
</assemblyBinding>
</runtime>

The web.config file for the Certificate Management Portal is located in the following path:

%programfiles%\Microsoft Forefront Identity Manager\2010\Certificate Management\web

↑ Back to the top


References

Microsoft Identity Manager release history

Learn about the terminology that Microsoft uses to describe software updates.

↑ Back to the top


Keywords: Hotfix rollup package for MIM, Hotfix rollup package, build 4.5.200.0, identity manager 2016 sp1, Microsoft Identity Manager 2016

↑ Back to the top

Article Info
Article ID : 4346632
Revision : 26
Created on : 5/25/2020
Published on : 5/25/2020
Exists online : False
Views : 384