Forefront Identity Manager 2010 R2 build 4.1.3469.0 released

Today, October 8th, saw Microsoft release a new hotfix rollup package (build 4.1.3469.0) for Forefront Identity Manager 2010 R2.  The official documentation for this build can be found on the Microsoft support website under knowledgebase (KB) article 2877254.  Download link is here.  This build supersedes 4.1.3461.0.

The hotfix contains one (1) FIM Service update and ten (10)FIM Synchronization Service updates, including a couple of fixes specific to the Azure Active Directory (AAD) connector.

Full details, duplicated from the KB, are:

FIM Service

Issue 1

In some rare scenarios in which the Exchange server FIM Service tries to poll approval response email messages, an “ErrorInternalServerTransientError” error is returned. In these scenarios, the FIM Service throws an exception.

After you apply this update, you can configure a retry by setting the following values in the configuration file:

  • mailServerSendOperationMaximumRetryCount=”3″
  • mailServerSendOperationRetryIntervalInMilliseconds=”1000″

FIM Synchronization Service

Issue 1

An Active Directory Management Agent runs an export run profile that is configured to also log an audit file. When there are child objects such as Active Sync devices on the user, the export fails.

Issue 2

When an ECMA2 Connector runs an export run profile that is configured to also log an audit file, no objects are exported.

Issue 3

FIM synchronization cannot deprovision computer objects in Active Directory when there are other child objects, such as printers and file share objects, present on the computer object.

Issue 4

In ECMA2, when the NoAddAndDeleteConfirmation capability is set and an exception is thrown during object export, the exception is processed incorrectly. Additionally, failed objects are marked incorrectly as successful.

Issue 5

When an additional object type is added to an already configured ECMA2 Connector, an “Object Reference Not Set” exception is thrown.

Issue 6

When you try to stop a running ECMA2 Connector from the user interface (UI), the Sync Engine may crash.

Issue 7

A Delete-Add that is sent as a Replace in ECMA2 requires the anchor to be returned from the Connector. This causes issues with the Windows Azure Active Directory Connector when the object is deleted and reprovisioned.

Issue 8

When you use an attribute Replace during export to remove the last value from a multivalued attribute, an attribute Replace without values is sent to the Connector. This causes a “The server encountered an unexpected error in the synchronization engine” error to be thrown when the Windows Azure Active Directory Connector is used. After you apply this update, the new behavior is to send this as an attribute Delete to the Connector.

Issue 9

When the Set-MIISADMAConfiguration cmdlet is used in a multidomain environment, a corrupted configuration may occur.

Issue 10

In build 4.1.3461.0, a regression occurs that causes import-only attribute flows not to be honoured by the UI.

Advertisements

About Paul Williams

IT consultant working for Microsoft specialising in Identity Management and Directory Services.
This entry was posted in FIM, FIM 2010 R2, Hotfix and tagged , , , , , , , . Bookmark the permalink.

One Response to Forefront Identity Manager 2010 R2 build 4.1.3469.0 released

  1. Pingback: Forefront Identity Manager 2010 R2 build 4.1.3479.0 released | Yet another identity management blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s