Note-to-self: Hotfix rollup package (build 4.4.1459.0) is available for #MIM2016 SP1

Microsoft has released an hotfix for MIM2016 SP, with an awful lot of updates and improvements.. to much to list… but more to read:

See here: Source: https://support.microsoft.com/en-us/help/4012498/hotfix-rollup-package-build-4-4-1459-0-is-available-for-microsoft-iden

 

Microsoft released #MIM2016 Service Pack 1 UPDATE package

Source: https://aka.ms/mim2016sp1upgrade

Since the release of MIM 2016 SP1 just a few weeks ago, Microsoft received significant feedback from the community, their partners and customers regarding the upgrade paths for the service pack.

8th of November, Microsoft announced the availability of the MIM 2016 SP1 Update MSP.

This MSP allows current customers on MIM 2016 RTM, or any hotfix build since 2016 RTM to perform an in-place upgrade to the current build of this MSP (4.4.1302.0).

The supported in-place upgrade scenarios are outlined in the table below. To obtain this update, please click here.

Please note, an updated MSI for new implementations is likely to be released soon.

Carefully check the upgrade paths, as this MSP cannot be applied to build 4.4.1296.0 (MIM 2016 SP1 RTM).

The download page explicitly mentions: “MIM 2016 RTM Versions to update their infrastructure to the latest SP1 Build without complete uninstall. Customers already on MIM 2016 SP1 (4.4.1237) can not install this patch. 

Supported Operating System

Windows Server 2012, Windows Server 2012 R2, Windows Server 2016

MIM 2016 RTM or one of the following hotfix builds: 4.3.2064.0 4.3.2195.0 4.3.2266.0″

 

Initial Build Hotfix Applied Build after SP1 Update
RTM None 4.4.1302.0
RTM 4.3.2064.0 4.4.1302.0
RTM 4.3.2064.0, 4.3.2195.0 4.4.1302.0
RTM 4.3.2195.0 4.4.1302.0
RTM 4.3.2266.0 4.4.1302.0

Additionally, for customers running Office 2010 needing the x86 Add-ins and Extensions, do not update using this MSP, a forthcoming hotfix will be made available in the coming months.

If you have any comments for the Product Group, please send us an email at: mim2016@microsoft.com

 

A hotfix rollup package (build 4.1.3765.0) is available for #FIM2010

Source: https://support.microsoft.com/en-us/kb/3171318

 

Issues that are fixed and features that are added in this update

This update fixes the following issues and adds the following features that were not previously documented in the Microsoft Knowledge Base.

FIM Certificate Management

  • Issue 1 A smart card search takes 3.5 minutes on an idle server. Additionally, the search never ends if the server is stressed.
  • Issue 2 The Duplicate Revocation Settings policy is replaced because some users could not set it.
  • Issue 3 There is a redundant space in the “Profile Summary” string on the Request Complete page for some languages.

FIM Synchronization Service

  • Issue 1 In a metaverse search and when you view the object, there is a Last Modified field. But when you sort that field, it sorts as a generic text field instead of as a date field.
  • Issue 2 Error messages (such as Event ID 6313) are logged in the event log. Additionally, performance counters don’t work.
  • Issue 3 The Sync Service crashes when you run a Full Synchronization process that has Equal Precedence set for attributes that exist in IAF or EAF.
  • Issue 4 When an incorrect page size (either less than the minimum or more than the maximum) is used for the run profile of the ECMA2 management agent, the size value quietly changes to the minimum or the maximum after you click Finish.
  • Issue 5 An error message from the Management Agent cannot be parsed if it contains some special symbols. Therefore, the error message doesn’t appear in the error list as expected, and a non-informative error window appears.
  • Issue 6 You receive a “Reference to undeclared entity ‘qt'” error message when you run the history process and the history text contains the “greater than” symbol (>).
  • Issue 7 Under certain conditions, the file selection dialog box does not appear on the MA configuration wizard pages.
  • Issue 8 A “MEMORY_ALLOCATION_FAILURE” error occurs in the Performance Monitoring tool when the performance data .dll file cannot open the process.

FIM Portal

  • Issue 1 Multivalued labels are displayed incorrectly in a single line in the UI.

FIM Service

  • Issue 1 During an Export process between the Synchronization and FIM Service, the msidmCompositeType request may fail if some multivalued string attribute value is changed in the scope of the Export session. This behavior affects performance.
  • Issue 2 In SharePoint Server 2013 and later versions, if you change a workflow or update an email template by using the FIM Portal, the version is automatically updated to 4.0.0.0. This causes a system error message during processing.

BHOLD

  • Issue 1 When you add a user to an organizational unit (OU) that has some incompatible permissions in the OUs role, all the incompatible permissions are assigned.
  • Issue 2 Some issues are fixed for attribute-based authorization (ABA) roles that are assigned to a user when the roles have incompatible permissions.
  • Issue 3 When you use the Access Management Connector to provision new OUs with a parent OU, all the parent OU roles are inherited but are also disabled.
  • Issue 4 An error occurs in BHOLD during installation in Internet Information Services (IIS) 10.
  • Issue 5 If two or more roles assigned to a user who has the same permissions as the roles, and the roles use the endDate attribute, you cannot extract a user permission that has the latest date.
  • Issue 6 An email alias is truncated if it is longer than 30 characters.

New hotfix rollup package (build 4.3.2266.0) is available for #MIM2016

Source: https://support.microsoft.com/en-us/kb/3171342

Quick overview below, full detail in KB article referenced.

Issues that are fixed and features that are added in this update

This update fixes the following issues and adds the following features that were not previously documented in the Microsoft Knowledge Base.

Privileged Access Management (PAM)

Issue 1: PAM monitor service error with PRIV only PAM USER

 

FIM add-ins and extensions

Issue 1: SSPR windows clients with high DPI have incorrect scaling of the final page

Issue 2: SSPR Windows client text message overlap

 

FIM Certificate Management

Issue 1: <span “text-base”=””>ExecuteOperations.Disable operation issue

Issue 2: Smart Card search issue

Issue 3: Profile summary issue

Issue 4: Duplicate revocation settings policy issue

Issue 5: Certificae Management portal issue with LDAP CN name

Issue 6: misplaced link in Certificate Management portal for certain languages

 

FIM Synchronization Service

Issue 1: MA config wizard issue

Issue 2: error messages logged in Event Viewer + Perf counter issue

Issue 3: Issue with Full sync vs Equal precedence

Issue 4: ECMA2 issue with incorrect page size

Issue 5 :error message from the Management Agent cannot be parsed if it contains some special symbols

Issue 6″Reference to undeclared entity ‘qt'” error message

Issue 7: <span “text-base”=””>New Functionality:/span> The ability to skip the Management Agent during the import of a server configuration is added.

Issue 8: A “MEMORY_ALLOCATION_FAILURE” error occurs in the Performance Monitoring tool.

 

FIM Portal

Issue 1: incorrect display of multivalue labels

Issue 2: RCDC update XML format not verified

Issue 3: cannot drag and drop user to remove box

Issue 4: Local date and time issue

Issue 5 RCDC additional attributed included

 

 

FIM Service

Issue 1: SharePoint Server 2013 and later , workflow issue, the version is automatically updated to 4.0.0.0. This causes a system error message during processing.

 

BHOLD

Issue 1: issue with incompatible permissions

Issue 2 attribute based AuthZ issues

Issue 3: Acces management connector issue

Issue 4: error during BHOLD installl in IIS

Issue 5: user role permission issue with extraction

Issue 6: email alias truncated if longer than 30 char.

Note-to-self: Hotfix rollup package (build 4.3.2124.0) is available for #MIM2016

Source: https://support.microsoft.com/en-us/kb/3134725

Initially posted by Jeff Ingalls at the FIM 2010 FB group: https://www.facebook.com/groups/155109068156/10153501281698157/?notif_t=group_activity

Except for an important set of fixed, there are some very interesting features added to MIM 2016

MIM Synchronization Service

This update adds the ability to override the default Synchronization engine behavior of changing run profile GUID after export and import of the server configuration.

This update extends the functionality of the AD MA configuration cmdlets to be able to handle multiple partitions.

This update adds a new cmdlet Add-MIISADMARunProfileStep.

MIM Portal

This update adds the ability to fully customize the portal header.

Privileged Access Management (PAM)

Some group memberships may not be removed by the MIM component service after the PAM request expiration period. This hotfix addresses removal of expired group memberships.

 

Check it out in the detailed content of the KB article (https://support.microsoft.com/en-us/kb/3134725)

 

 

Note-to-self: FIM/MIM hotfix download link failing

Some people reported that the download links to the recent hotfix failed…

The 4.3.2064.0 hotfix page is: https://support.microsoft.com/en-us/kb/3092179

MIMHotfixdownload

 

When you click the link, it forwards to

http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=3092179&kbln=en-us (or similar language)

You need to accept the EULA. (After reading it ! 😉 )

accept eula

Next you need to select the hotfix (only one to select).

Fill in your email and you’ll get the download link.

request mim hotfi

The link you receive in the mail should look like…

Package:

———————————————————–

———————————————————–

KB Article Number(s): 3092179

Language: All (Global)

Platform: x64

Location: (/<blah>/http%3a%2f%2fhotfixv4.microsoft.com%2fMicrosoft%2520Identity%2520Manager%2flatest%2fKB3092179%2f4.3.2064.0%2ffree%2f488603_intl_x64_zip.exe/<blah/)

 

But when you click that link, in some cases the encoded URL seems to fail, where the spaces, slashes, dashes and underscores weren’t decoded correctly.

By clicking the link the %2520 code is not correctly translated to a space…

To solve this, copy the URL text and paste the URL in your favorite browser.

 

It should guide you to: http://hotfixv4.microsoft.com/Microsoft%20Identity%20Manager/latest/KB3092179/4.3.2064.0/free/488603_intl_x64_zip.exe

Be prepared, this hotfix takes 213 MB of your bandwidth and disk…