FIM 2010 CM and FIM CM 2010 R2 in the same Domain and connecting to the same PKI

Hi,
I have a requirement to upgrade my FIM CM setup from FIM 2010 to FIM 2010 R2 SP1. I am not looking for an in place upgrade, instead I would like to have a new parallel setup (new FIM 2010 R2 servers, new SQL 2012 servers), connecting to the same AD and PKI.
Thank You.

Hi JPM
Yes, you can do a parallel setup, but keep the following things in mind:
1) Do you plan to manage the existing certificates, if so, then you need to make a cut-off and migrate the FIMCM database to the new SQL server. If you keep two instances, you will have certs that cannot be managed in each.
2) You will need to migrate the clmKRAgent, clmAgent, and clmEnrollagent certs to the new FIM CM server
3) You should use the same SCP (to maintain permissions)
4) I would migrate any changes in web.config to the new server
I would not use the previous FIM CM setup after the migration is complete. Keep it for roll back during the upgrade. but do not allow connectivity afterwards
Brian

Similar Messages

  • Getting Error The trust relationship between the primary domain and the trusted domain failed in SharePoint 2010

    Hi,
    SharePoint 2010 Backup has been taken from production and restored through Semantic Tool in one of the server.The wepapplication of which the backup was taken is working fine.
    But the problem is that the SharePoint is not working correctly.We cannot create any new webapplication ,cannot navigate to the ServiceApplications.aspx page it shows error.Even the Search and UserProfile Services of the existing Web Application is not working.Checking
    the SharePoint Logs I found out the below exception
    11/30/2011 12:14:53.78  WebAnalyticsService.exe (0x06D4)         0x2D24 SharePoint Foundation          Database                     
     8u1d High     Flushing connection pool 'Data Source=urasvr139;Initial Catalog=SharePoint_Config;Integrated Security=True;Enlist=False;Connect Timeout=15' 
    11/30/2011 12:14:53.78  WebAnalyticsService.exe (0x06D4)         0x2D24 SharePoint Foundation          Topology                     
     2myf Medium   Enabling the configuration filesystem and memory caches. 
    11/30/2011 12:14:53.79  WebAnalyticsService.exe (0x06D4)         0x12AC SharePoint Foundation          Database                     
     8u1d High     Flushing connection pool 'Data Source=urasvr139;Initial Catalog=SharePoint_Config;Integrated Security=True;Enlist=False;Connect Timeout=15' 
    11/30/2011 12:14:53.79  WebAnalyticsService.exe (0x06D4)         0x12AC SharePoint Foundation          Topology                     
     2myf Medium   Enabling the configuration filesystem and memory caches. 
    11/30/2011 12:14:55.54  mssearch.exe (0x0864)                    0x2B24 SharePoint Server Search       Propagation Manager          
     fo2s Medium   [3b3-c-0 An] aborting all propagation tasks and propagation-owned transactions after waiting 300 seconds (0 indexes)  [indexpropagator.cxx:1607]  d:\office\source\search\native\ytrip\tripoli\propagation\indexpropagator.cxx 
    11/30/2011 12:14:55.99  OWSTIMER.EXE (0x1DF4)                    0x1994 SharePoint Foundation          Topology                     
     75dz High     The SPPersistedObject with
    Name User Profile Service Application, Id 9577a6aa-33ec-498e-b198-56651b53bf27, Parent 13e1ef7d-40c2-4bcb-906c-a080866ca9bd failed to initialize with the following error: System.SystemException: The trust relationship between the primary domain and the trusted
    domain failed.       at System.Security.Principal.SecurityIdentifier.TranslateToNTAccounts(IdentityReferenceCollection sourceSids, Boolean& someFailed)     at System.Security.Principal.SecurityIdentifier.Translate(IdentityReferenceCollection
    sourceSids, Type targetType, Boolean forceSuccess)     at System.Security.Principal.SecurityIdentifier.Translate(Type targetType)     at Microsoft.SharePoint.Administration.SPAce`1.get_PrincipalName()    
    at Microsoft.SharePoint.Administration.SPAcl`1.Add(String princip... 
    11/30/2011 12:14:55.99* OWSTIMER.EXE (0x1DF4)                    0x1994 SharePoint Foundation          Topology                     
     75dz High     ...alName, String displayName, Byte[] securityIdentifier, T grantRightsMask, T denyRightsMask)     at Microsoft.SharePoint.Administration.SPAcl`1..ctor(String persistedAcl)    
    at Microsoft.SharePoint.Administration.SPServiceApplication.OnDeserialization()     at Microsoft.SharePoint.Administration.SPIisWebServiceApplication.OnDeserialization()     at Microsoft.SharePoint.Administration.SPPersistedObject.Initialize(ISPPersistedStoreProvider
    persistedStoreProvider, Guid id, Guid parentId, String name, SPObjectStatus status, Int64 version, XmlDocument state) 
    11/30/2011 12:14:56.00  OWSTIMER.EXE (0x1DF4)                    0x1994 SharePoint Foundation          Topology                     
     8xqx High     Exception in RefreshCache. Exception message :The trust relationship between the primary domain and the trusted domain failed.   
    11/30/2011 12:14:56.00  OWSTIMER.EXE (0x1DF4)                    0x1994 SharePoint Foundation          Timer                        
     2n2p Monitorable The following error occured while trying to initialize the timer: System.SystemException: The trust relationship between the primary domain and the trusted domain failed.       at System.Security.Principal.SecurityIdentifier.TranslateToNTAccounts(IdentityReferenceCollection
    sourceSids, Boolean& someFailed)     at System.Security.Principal.SecurityIdentifier.Translate(IdentityReferenceCollection sourceSids, Type targetType, Boolean forceSuccess)     at System.Security.Principal.SecurityIdentifier.Translate(Type
    targetType)     at Microsoft.SharePoint.Administration.SPAce`1.get_PrincipalName()     at Microsoft.SharePoint.Administration.SPAcl`1.Add(String principalName, String displayName, Byte[] securityIdentifier, T grantRightsMask,
    T denyRightsMask)     at Microsoft.SharePoint.Administrati... 
    11/30/2011 12:14:56.00* OWSTIMER.EXE (0x1DF4)                    0x1994 SharePoint Foundation          Timer                        
     2n2p Monitorable ...on.SPAcl`1..ctor(String persistedAcl)     at Microsoft.SharePoint.Administration.SPServiceApplication.OnDeserialization()     at Microsoft.SharePoint.Administration.SPIisWebServiceApplication.OnDeserialization()    
    at Microsoft.SharePoint.Administration.SPPersistedObject.Initialize(ISPPersistedStoreProvider persistedStoreProvider, Guid id, Guid parentId, String name, SPObjectStatus status, Int64 version, XmlDocument state)     at Microsoft.SharePoint.Administration.SPConfigurationDatabase.GetObject(Guid
    id, Guid parentId, Guid type, String name, SPObjectStatus status, Byte[] versionBuffer, String xml)     at Microsoft.SharePoint.Administration.SPConfigurationDatabase.GetObject(SqlDataReader dr)     at Microsoft.SharePoint.Administration.SPConfigurationDatabase.RefreshCache(Int64
    currentVe...
    Please guide me on the above issue ,this will be of great help
    Thanks.

    I have same error. Verified for trust , ports , cleaned up cache.. nothing has helped. 
    The problem is caused by User profile Synch Service:
    UserProfileProperty_WCFLogging :: ProfilePropertyService.GetProfileProperties Exception: System.SystemException:
    The trust relationship between the primary domain and the trusted domain failed.       at System.Security.Principal.SecurityIdentifier.TranslateToNTAccounts(IdentityReferenceCollection sourceSids,
    Boolean& someFailed)     at System.Security.Principal.SecurityIdentifier.Translate(IdentityReferenceCollection sourceSids, Type targetType, Boolean forceSuccess)     at System.Security.Principal.SecurityIdentifier.Translate(Type
    targetType)     at Microsoft.SharePoint.Administration.SPAce`1.get_PrincipalName()     at Microsoft.SharePoint.Administration.SPAcl`1.Add(String principalName, String displayName, SPIdentifierType identifierType, Byte[]
    identifier, T grantRightsMask, T denyRigh...        
    08/23/2014 13:00:20.96*        w3wp.exe (0x2204)                      
            0x293C        SharePoint Portal Server              User Profiles                
            eh0u        Unexpected        ...tsMask)     at Microsoft.SharePoint.Administration.SPAcl`1..ctor(String persistedAcl)    
    at Microsoft.Office.Server.Administration.UserProfileApplication.get_SerializedAdministratorAcl()     at Microsoft.Office.Server.Administration.UserProfileApplication.GetProperties()     at Microsoft.Office.Server.UserProfiles.ProfilePropertyService.GetProfileProperties()
    Please let me know if you any solution found for this?
    Regards,
    Kunal  

  • "Setup encountered a problem while validating the state of Active Directory: Exchange organization-level objects have not been created, and setup cannot create them because the local computer is not in the same domain and site as the schema master. Run se

    Team,
    I am trying to Install Exchange on my Lab, getting below error
    message.
    The Schema Role is installed on Root Domain and trying to install
    exchange on Child domain.
    1 Root Domain - 1 Child domain. both are located on single site.
    “Setup encountered a problem while validating
    the state of Active Directory: Exchange organization-level objects have not been created, and setup cannot create them because the local computer is not in the same domain and site as the schema master. Run setup with the /prepareAD parameter and wait for
    replication to complete.”
    Followed below articles:
    http://support.risualblogs.com/blog/2012/02/21/exchange-2010-sp2-upgrade-issue-exchange-organization-level-objects-have-not-been-created-and-setup-cannot-create-them-because-the-local-computer-is-not-in-the-same-domain-and-site-as-the-sche/
    http://www.petenetlive.com/KB/Article/0000793.htm
    transferred the schema roles to different server on root domain, still no luck.
    can someone please help me.
    regards
    Srinivasa k
    Srinivasa K

    Hi Srinivasa,
    I guess, you didn't completed the initial setup schemaprep and adprep before starting the installation. You can do it as follows:
    1. Open command Prompt as administrator and browse to the root of installation cd and run Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms
    After finishing this,
    2. Setup.exe /PrepareAD /OrganizationName:"<organization name>" /IAcceptExchangeServerLicenseTerms
    3. To prepare all domains within the forest run Setup.exe /PrepareAllDomains /IAcceptExchangeServerLicenseTerms. If you want to prepare a specific domain run Setup.exe /PrepareDomain:<FQDN of the domain you want to prepare> /IAcceptExchangeServerLicenseTerms
    4. Once you complete all of the 3 steps, install the pre-requisities for Exchange 2013
    5. Finally, run the setup program
    Hope this will help you
    Regards from Visit ExchangeOnline |
    Visit WindowsAdmin

  • My iPod touch 4th gen. Keeps giving me the error message "cannot connect to the app store when I sign in. I can open the app store and browse it but I can't download anything. I have full signal strength with my wi-fi and safari is working perfect.

    My iPod touch 4th gen. Keeps giving me the error message "cannot connect to the app store when I sign in. I can open the app store and browse it but I can't download anything. I have full signal strength with my wi-fi and safari is working perfect. I turned it off and restarted it 3 times now. I have an iPad 2 and the app store works flawlessly with it. What is going on?

    Same here on my lpad2. Can access the web just fine from browsers but cannot install new apps or updates in appl store.  Seeing a few others reporting same issue tonight so likely an apple server issue and staff will notice it in network monitors and fix it...sometime this weekend.
    Rob

  • My parent's IPad is SUPER outdated and I'm trying to buy an app for my brother for Christmas. However, the computer that was connected to the IPAD, we no longer have. So is there any way I can update it on my mac without erasing all the photos and videos?

    My parent's IPad is SUPER outdated and I'm trying to buy an app for my brother for Christmas. However, I can't buy the app because it says we need to update the software. The thing is, the computer that was connected to the IPAD, we no longer have. So is there any way I can update it on my mac without erasing all the photos and videos?

    HELPPP ME BEFORE CHRISTMASS MORNING!!

  • I just got a new iphone 4 for att and my friend installed the sim card in it for me. the imessage function isnt connecting with the my cell number. a while back i had logged into my apple account on someone elses cell phone and their number keeps showing.

    i just got a new iphone 4 for att and my friend installed the sim card in it for me. the imessage function isnt connecting with the my cell number. a while back i had logged into my apple account on someone elses cell phone and their number keeps showing. when i try to just select my number to send and recieve imessages from it will not show up. i can send and recieve regular text but not pictures or imessage. i have tried logging off and restarting and nothing has worked.help please!!

    Did you remove your account information from the other person's iPhone?

  • I have 64 bit windows 7- and itunes version 10.6.1.7. yet i cannot connect to the store- anbody can help?

    i have 64 bit windows 7- and itunes version 10.6.1.7. yet i cannot connect to the itunes store.  do i need to download something additional?

    Close your iTunes,
    Go to command Prompt -
    (Win 7/Vista) - START/ALL PROGRAMS/ACCESSORIES, right mouse click "Command Prompt", choose "Run as Administrator".
    (Win XP SP2 &amp; above) - START/ALL PROGRAMS/ACCESSORIES/Command Prompt
    In the "Command Prompt" screen, type in
    netsh winsock reset
    Hit "ENTER" key
    Restart your computer.
    If you do get a prompt after restart windows to remap LSP, just click NO.
    Now launch your iTunes, Sync and see if it is working now.
    If you are still having these type of problems after trying the winsock reset, refer to this article to identify which software in your system is inserting LSP:
    iTunes 10.5 for Windows: May see performance issues and blank iTunes Store
    http://support.apple.com/kb/TS4123?viewlocale=en_US

  • Can't use my HP Deskjet F4580 Wireless Printer with the AirPort Extreme Base. The printer is NOT connected at the USB port of the AirPort Extreme, and is placed in another room. It worked just fine with my previous router (Linksys WRT54G). Help me!

    Hey Guys!
    I just got my AirPort Extreme Base, but I can't use my HP Deskjet F4580 wireless printer with it.
    The printer is not connected to the AirPort Extreme's USB port. It is placed in another room, and I'd like to use it (the printer) wirelessly (not connected to the USB port os the AirPort Extreme), as I used to. There is no place for the printer close the AirPort Extreme. It worked just fine with my previous wireless router (Linksys WRT54G). I'm very disappointed with the AirPort Extreme Base Station because of that!...
    Can you help me? Please?!
    Thanks Folks!

    This must be a tough one, no suggestions at all.

  • Not Connecting to Wired Network and Forcing the loss of all Connections on the Home Network

    Just got a new G550 laptop  w/Win 7 OS. Tried to connect to wired router and got message "network cable not connected". Recycled laptop and router and came up with router connected to the laptop. Same message after search and identify steps finished. I then noticed I lost connection to the net/router with my other home networked units as well! Tried another cable, same results along with losing the entire home network connection. Disconnected the G550 from home network, via the cable, and the home network reconnected without any intervention. Tried another reboot directly connected to the cable modem, no go there either!
      I also rebooted with the wireless search shutoff and got the same problems as on the wired attempt. Thought it might have been the NIC card so I exchanged the system back at the store.  Sorry, same problem!! 

    I have a very similar problem... New Lenovo G550, running Vista Home Premium 64-bit. Right from the start it causes my TrendNet TEW-432BRP router to crash every 10 seconds. I bought a new DLink WBR-1310 and experience the same problem. Connecting to either router through either a wireless connection or a LAN cable connection causes the router to crash every 10 seconds. The router crashes, reboots, establishes a connection with the laptop, communication starts and then the router crashes again.
    I am looking for help.

  • Time capsule first said the back up was delayed no it won't connect to my home network. my internet is working fine and so is everything else but when i try to connect to the time capsule it says to check my server and ip address help!

    time capsule first said the back up was delayed, now it won't connect to my home network. my internet is working fine and so is everything else but when i try to connect to the time capsule it says to check my server and ip address and if it continues to contact system administrator.. i didnt change anything, please help!

    Lion networking.. just need to reboot everything.. modem TC and the clients.. then it will work.. Sometimes just the TC is enough.. sometimes just the computer. .. Vista golden networking award.. did you turn it off and on again??

  • If I am connected to Wifi and send an iMessage to a party that is not connected to the Internet then he doesn't receive the message. How do I force my iPhone to send an SMS instead?

    If I am connected to Wifi and send an iMessage to a party that is not connected to the Internet then he doesn't receive the message. How do I force my iPhone to send an SMS instead?

    It is an interesting option but I am not sure how it works. I disconnected the other party Wifi and 3G on the iPhone, iPad and computer. I sent the iMessage 15 minutes ago and it doesn't give the small foot print "delivered" but equally said I didn't get the RED exclamation mark on the right hand side of the message in BLUE. So we know that the message was sent but not delivered. I don't seem to have the option of sending by SMS when I tap on the BLUE message and hold.

  • TS3297 I keep getting the error 306 cannot connect to the iTunes Network when downloading songs on iTunes. I've tried all the troubleshooting steps from the forums and my technical issues are still unresolved. I have Windows 7. Please help!!

    I keep getting the error 306 cannot connect to the iTunes Network when downloading songs on iTunes. I've tried all the troubleshooting steps from the forums and my technical issues are still unresolved. I have Windows 7. Please help!!

    iTunes Store loads partially or returns "Error 306" or "Error 10054"
    Proxies, parental control settings and software, security or filtering software, or a bad iTunes Store cache can cause this.
    To address proxies, Remove Internet Options proxy settings  ( http://support.apple.com/kb/TS1490 ) and connect to the Internet without a proxy.
    To reset iTunes Store cache:
    In iTunes, choose iTunes > Preferences (Mac) or Edit > Preferences (PC).
    Click the Advanced tab.
    Click the "Reset cache" button.
    Click OK and see if the issue is resolved.
    Adjust Parental Controls in iTunes:
    Open iTunes.
    Access iTunes preferences:
    On a Mac: From the iTunes menu, choose Preferences.
    On a Windows PC: From the Edit menu, choose Preferences.
    Click the Parental Controls tab.
    Remove restrictions on Parental Controls.
    For more information on parental controls or content filtering software, see iTunes 10.5 for Windows: May see performance issues and blank iTunes Store.
    http://support.apple.com/kb/TS4123?viewlocale=en_US

  • I just upgraded to a new iMac running OS X 10.8.2 and can't scan from by Brother MHC 7820N.  Printer works.  I reinstalled the scanner driver but when I try to scan, the scanner doesn't connect to the imac.  Image Capture says no scanner connected.

    I just upgraded to a new imac running OS X 10.8.2 and am having trouble scanning from my Brother MHC 7820N.  Printer works fine but the scanner won't connect to the imac.  I reinstalled the scanner driver from Brother.com but no luck.  When I go to Image Capture, it says no scanner connected.  Any suggestions?

    You might try a third party scanner software. Printer manufacturers are terrible about keeping their products updated. I'd recommend VueScan, you can get a trial version here and if it works and you like it you can purchase it.
    http://www.hamrick.com/

  • I have just bought an ipod classic, I already have an ipod nano.  The new ipod was connected to the computer to charge and it named itself with my name on the old nano, how do I get the computer to recognise the new one

    I have just bought an ipod classic, I already have an ipod nano.  The new ipod was connected to the computer to charge and it named itself with my name on the old nano, how do I get the computer to recognise the new one?

    My mistake, it was nothing to do with format.  It woldn't sync because my movies were HD.  HD movies won't sync to an iopd classic 160 GB but when you purchase a HD movie, itunes gives you a SD vervsion of the movie which is compatible with the ipod.  Just needed to go to store, click movies, click purchased and untick the HD box and there you have the SD versions.  Download the SD versions and then sync your ipod and bobs you uncle, movies are on the ipod

  • Hello! Just connected a used iPhone to iTunes for the first time. I'm trying to restore it to factory settings/default. The phone is connected via Wi-Fi and is updated to the most recent OS that the phone allows. The computer is also connected to the

    Hello! Just connected a used iPhone to iTunes for the first time. I'm trying to restore it to factory settings/default. The phone is connected via Wi-Fi and is updated to the most recent OS that the phone allows. The computer is also connected to the internet. But I still get the error: "itunes could not contact the iphone software update server because you are not connected to the internet." I also connected via iTunes and authorized the computer, but still have the same issue. Really, all I need to do is completely wipe the phone and start from scratch for safety's sake.
    Help?

    Did you check your security software settings?
    Third-party security software might conflict with iOS devices connecting to iTunes. Follow this article to troubleshoot issues that might be caused by your security software.

  • Common URL and not to use the hostname.domain to connect

    Hi All
    We are interested in geeting information regarding the iAS vs. load balancer our question is : we have one common URL but we need to configure iAS10g to use this common URL and not to use the hostname.domain to connect
    Can you please share some solutions ?
    Thanks

    Well, let me step back. I am not sure if I understand your question completely. Can you give me an example of what do you mean by "common url"?
    Also when you say you want to use a common url vs. hostname.domain to connect, what is this connection you are talking about? Is this the connection to EM (AS Control)? Your application? Or something else?
    Knowing this will help me suggest you the right/appropriate solution.
    Thanks
    Shail

Maybe you are looking for

  • How would I count items in DataSet2 and have them grouped by the column that is tied to DataSet1?

    Greetings! First, thank you for looking at my question. I am trying to count the number of items that = "True" in DataSet2 and display them in the "Week" column in a table who is pointed to DataSet1. I have a simple table that is set up something lik

  • Crypto failure when upgrading Windows 8.1 Pro install to Windows 10 Tech Preview 10041

    Has anybody experienced the following error when trying to upgrade a Windows 8.1 Pro install to Windows 10 Tech Preview 10041 crypto_self_test_failed The system reboots twice both times with the same error and then reverts back to Windows 8.1 Pro.  T

  • Document could not be printed

    Unable to print numerous different PDFs from a corporate website. Each file has similar header, images, length, appearance. Opening the files online I receive the message "Insufficient data for an image" but the images do appear after I scroll down a

  • How to create Listening Channel for XML/web services repsonse

    Hi , I am new to B2B 11g, wish to ask tht, I followed the B2B tutorial by using Generic File and it working fine. However, if I wish to receive XML from trading partner thought web server, how should i configure the listening channel, which protocol

  • Recurring Dialog Window Bug

    After upgrading my black macbook to lion I keep getting an anoying pop up window. ...text for searchability There was a problem connecting to the server. URLs with the type "file:" are not supported. I don't have any ideas how to make it go away.