Today, October 16th, saw Microsoft release a new hotfix rollup package (build 4.1.3479.0) for Forefront Identity Manager 2010 R2. The official documentation for this build can be found on the Microsoft support website under knowledgebase (KB) article 2889529. Download link is here. This build supersedes 4.1.3469.0.
The hotfix contains one (1) FIM Service update, five (5) FIM Synchronization Service updates and three (3) BHold Suite updates.
Full details of each update, duplicated from the KB for posterity, are as follows. Hit the KB for the known issues and other details.
When you have very long XPath queries in the FIM Service, CPU usage may increase causing decrease in performance.
FIM Synchronization Service
The Synchronization Service may leak memory when you use an ECMA2 Connector.
When an existing ECMA2 Connector is updated when a server configuration is moved between servers, the update is unsuccessful. This problem occurs when the Connector requires access to the encrypted parameters such as a password to complete the operation.
When an import is confirmed, there is a rare case in which a staging error may occur. When this problem occurs, you receive the following error message:
- Cannot insert duplicate key row in object ‘dbo.mms_cs_link’
If during a full import on the Active Directory management agent there is a reference on an organizational unit (OU) to an OU two levels down, the sync engine will crash.
When you select to abandon the key set in the Synchronization Service Key Management Utility, the operation may be unsuccessful. Additionally, you receive the following error message:
- Value is not in the expected range.
The processing of BHOLD Queue entries takes a longer than expected time to complete after an earlier hotfix is applied.
You cannot add a permission to a user by using the BHOLD Connector if the permission has ever been denied for the user.
The removal of permissions from a personal role (prefixed with PR-) do not trigger the removal of those permissions from the user.