Archive

Posts Tagged ‘SSPR’

Deploying the FIM Add-In components

January 21st, 2011 2 comments

DocumentOne of the components in the deployment of FIM 2010 SSPR is the client roll-out of the Add-ins and Extensions for FIM 2010. There are a few ways of achieving this but the following is a simple batch file that will detect the client OS version and deploy the appropriate components.

Thank you to Craig Eldridge for the script.

if %PROCESSOR_ARCHITECTURE% == AMD64 goto AMD64
if %PROCESSOR_ARCHITECTURE% == x86 goto x86
GOTO EXIT
:AMD64
msiexec /i \\servername\sharename\FIM\addins\x64\Add-insetc.msi /quiet ADDLOCAL=PasswordClient RMS_LOCATION=<portal server> PORTAL_LOCATION=<portal server> PORTAL_PREFIX=https SITELOCK_DOMAIN="<servername>/<FQDN Name>" /log fim.log goto EXIT
:x 86
msiexec /i \\servername\sharename\FIM\addins\x86\Add-insetc.msi /quiet ADDLOCAL=PasswordClient RMS_LOCATION=<portal server> PORTAL_LOCATION=<portal server> PORTAL_PREFIX=https SITELOCK_DOMAIN="<servername>/<FQDN Name>" /log fim.log
goto EXIT
:EXIT

Check out the following additional resource for more information on the options available with the unattended installation. TechNet – Unattended Installation of FIM 2010

To troubleshooting the client installation you can check the “fim.log” that was created and search for   “Return Value 3” which signifies a Windows Installer Error.

One last thing: The script above would install the client components and force a restart of the client machine. To ignore the restart you can add the “/norestart” option just before of after the “/quite” option.

Categories: FIM 2010 Tags:

Adding a Privacy Policy URL link to FIM 2010 SSPR

January 21st, 2011 1 comment

Preview DocmentThere has been a lot of discussion traffic relating to the branding and customization of the FIM 2010 Self Service Password Reset (SSPR) client components. Customer request the ability to change the picture, text and general branding. At present this is not possible, but we have discussed this with the product team and it has been logged as a request. In the meantime however Thomans Vuylsteke and Anthony Ho have highlighted a option that is currently available in any build higher than 4.0.3558.2.

By adding the registry key below to the client machine that has  the Add-ins and Extensions for Password Reset installed you can enable a message at the bottom of the client that can provide privacy policy information from a URL during the registration process.

    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Forefront Identity Manager\2010\Extensions\GatePlugins\45C4D8BB-D34C-453d-8346-C9061A2A1E4C
    • New String (Reg_SZ) with the following name: PrivacyLink
    • The value for the entry: http://webserver-name/policy
      image[10][3]
      I know this will not give you the logo you wanted, but it will assist certain customers with potential auditing requirements.
Categories: FIM 2010 Tags: