A hotfix rollup package (build 4.0.3644.2) is available for Microsoft Forefront Identity Manager (FIM) 2010. This hotfix rollup package resolves the issues and adds the features that are described in the "More Information" section.
A supported update is available from Microsoft. We recommend that all customers apply this update to their production systems.
This update is available from the following Microsoft websites:
Microsoft Update Catalog
A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the issues that are described in this article. Apply this hotfix only to systems that are experiencing the issues that are described in this article. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.
If the hotfix is available for download, there is a "Hotfix Download Available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix. Note
If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft website: Note
The "Hotfix Download Available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.
Component update packages
The following table contains the component update packages that are available for download from Microsoft Support.
Collapse this tableExpand this table
|FIM 2010 Add-ins and Extensions||FIMAddinsExtensions_x86_KB2750673.msp FIMAddinsExtensions_x64_KB2750673.msp|
|FIM 2010 Add-ins and Extensions Language Pack||FIMAddinsExtensionsLP_x86_KB2750673.msp FIMAddinsExtensionsLP_x64_KB2750673.msp|
|FIM 2010 Certificate Management||FIMCM_x86_KB2750673.msp|
|FIM 2010 Certificate Management Client||FIMCMClient_x86_KB2750673.msp|
|FIM 2010 Certificate Management Bulk Issuance Client||FIMCMBulkClient_x86_KB2750673.msp|
|FIM 2010 Service and Portal||FIMService_x64_KB2750673.msp|
|FIM 2010 Service Portal Language Pack||FIMServiceLP_x64_KB2750673.msp|
|FIM 2010 Synchronization Service ||FIMSyncService_x64_KB2750673.msp|
|FIM 2010 Password Change Notification Service||FIMPCNS_x86_KB2750673.msp|
To apply this update, you must have Forefront Identity Manager 2010 build 4.0.2592.0 or a later build installed.
You must restart the computer after you apply this update. Additionally, you may have to restart the server components.
This update replaces the following updates:
A hotfix rollup package (build 4.0.3627.2) is available for Forefront Identity Manager 2010
A hotfix rollup package (build 4.0.3617.2) is available for Forefront Identity Manager 2010
Update Rollup 2 (build 4.0.3606.2) is available for Forefront Identity Manager 2010
A hotfix rollup package (build 4.0.3594.2) is available for Forefront Identity Manager 2010
A hotfix rollup package (build 4.0.3576.2) is available for Forefront Identity Manager 2010
A hotfix rollup package (build 4.0.3573.2) is available for Forefront Identity Manager 2010
A hotfix rollup package (build 4.0.3558.2) is available for Microsoft Forefront Identity Manager (FIM) 2010
A hotfix rollup package (build 4.0.3547.2) is available for Microsoft Forefront Identity Manager (FIM) 2010
Update Package 1 for Microsoft Forefront Identity Manager (FIM) 2010
The global version of this update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone
tab in the Date and Time
item in Control Panel.
Collapse this tableExpand this table
|File name||File size||Date||Time|
Issues that are fixed and features that are added by this update
This hotfix addresses an issue in which the digital signature on files that are produced and signed by Microsoft will expire prematurely, as described in Microsoft Security Advisory 2749655
FIM Synchronization Service
Assume that the DB2 Management Agent tries to connect to a DB2 server that is running on an IBM iSeries V6 server or a later version of an iSeries server. In this situation, theDB2 Management Agent does not connect to the DB2 server.
When the FIM password reset activity does not connect to the Active Directory, the WMI components returns a code. The code explains the reason for this failure.
Common Component (Microsoft.MetadirectoryServicesEx.dll)
Hotfix rollup build 4.0.3644.2 changed the version number of the Microsoft.MetadirectoryServicesEx.dll assembly file to 22.214.171.124. Then, hotfix rollup build 4.0.3617.2 made additional changes to the assembly file but did not change the file version number. Therefore, the file version numbers are mismatched when you try to update the file from version 4.0.3606.2 to later hotfix rollup builds.
When this issue occurs, you may experience the following symptoms:
- You cannot load and run a custom management agent.
- You cannot create a new FIM service management agent.
This assembly file is included in both the FIM Synchronization service and the FIM Service setup files.
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.