Summary:
We have migrated from Exchange 2007 to Exchange 2010. We now have the need to provision users to Active Directory with a 2010 mailbox. In our Test enviornment we have found a confirmed bug in Exchange RPS that caused the Sync engine server to run at 100% utilization, even when there isn't a Sync being ran/performed. This has been identified as an issue and resolved in a FIM hotfix. We are currently unable to install the hotfix for FIMService successfully. It seems to get to the end and then perform a rollback which actually corrupts the database. We have tried searching these forums and google for an answer as to what went wrong but are not able to find a solution or the problem. The logging data from the patch seems very verbose and vague on any specific error other than returning error code 1603. We have followed guides on DCOM permissions and installing SQL Server native client on FIM box.
Test - Environment Setup:
2 Servers:
- A) FIM Box - has FIM Sync Engine and Portal installed (and local WSS instance). Running Windows 2008 R2 64-bit
- B) SQL Box - has SQL Server 2008 R2 hosting FIMService & FIMSynchronizationService (but not WSS). Running Windows 2008 R2 64-bit
Both servers are domain joined machines. The software was installed with the Poral FIM User who is an administrator on both boxes and DB_Owner on Databases.
Both servers have UAC off. Both have IPv6 turned off in network settings.
The software currently installed is FIM 2010 Version 4.0.2592.0
The patched file name is FIMService_x64_KB2502631.msp
If neccessary I can supply the verbose install log.
Questions
- Does the FIM Service patch require the web-services to be running?
- Does it matter what order we install the patches, Fim service than Sync engine?
- Any special configurations for FIMSync, FIMbrowse, etc.. groups?
- Any special configurations for WSS_ADmins group?
- Does it matter that the WSS database is local on FIM box and not on the SQL box?
- Are there any special configurations needed in WSS Admin in order to perform the patch (such as Alternate Access Mappings, or Application configurations)
- Is it possible to just revert the database after a failed installation? Or should the whole machine be reverted including SQL box (VM snap shot)
- Is it possible to just install the Sync Engine patch and not the hotfix? Is that supported?