Good afternoon. There is a task to adjust Forefront Identity Manager 2010 on operation with indirect web-application. The web application is adjusted in such a manner that the registration data of users undertakes from the domain windows. The primary goal consists in the following: The user working by the machine in the domain in system (we will assume WinXP) having entered into the browser and having connected to the web application doesn't enter the data into the form (the User name and the Password) provides access to the web application under the registration data which it enters at an input in WinXP. How to adjust Forefront Identity Manager 2010 for the decision of the given task? The test server description: Windows 2008 R2 x64: - SQL 2008 R2 x64; - AD; - Exchange 2010; - The web application (authentification to which and It is necessary to adjust); - Share Point Services 3.0 x64; - Forefront Identity Manager 2010. The description of the client: Windows XP or Seven the machine entering into the domain windows: - Browser IE8 or another;

I need help.

Hi There, I have to admit, that I'd need you to restate the problem. I'm having a hard time interpreting it from your description. Sorry about that. Thanks. B

Hi, Sorry for bad description. I want to adjust web-application authentification through FIM2010. If I login WinXP or Seven, for web-application which I open in browser one should perform auto authentication (login and password = domain account). Thanks. p.s. Sorry, loose translation.

Hi There, A couple of questions then: 1. Are the XP boxes connected to the domain? 2. Have you flowed the ObjectSID from AD to the FIM portal for the user? (This is required for the login to work) 3. Have you set the "Domain" attribute for the users within the Portal as well? Check the administrator account for the domain value that is present and so long as all the users are in that domain, make it match it (flow it as a constant). Thanks B

Hi, 1) Are the XP boxes connected to the domain? Yes, PC WinXP connected to domain(FQDN=winxppc.mydomain.local). 2) Have you flowed the ObjectSID from AD to the FIM portal for the user? (This is required for the login to work) No. Service and Portal (FIM) is set up. You can detail, how make is this? 3) Have you set the "Domain" attribute for the users within the Portal as well? Check the administrator account for the domain value that is present and so long as all the users are in that domain, make it match it (flow it as a constant). No. Thanks!

Hi There, If you're not that familiar with the FIM service and the connectivity with the synchronization engine, I'm going to recommend that you look at the following step by step guide. It will help you with some of the basics and get you going in the right direction. The questions you're asking will take a really long time to explain and I think you'll be able to extract what you need for this document. http://technet.microsoft.com/en-us/library/ee621259(WS.10).aspx Don't forget to make sure your XP systems are at SP2 or higher with the .NET framework 3.5! Thanks! B

There is an opinion that given problem FIM 2010 can't solve. is that so? What do you think?

mstti, Is the following statement correct?: "The problem is whenever a user visits the FIM Portal, he is prompted for a username/password. After providing the username and password he succesfully sees the portal." If it is: Make sure the URL your users are using, http://fimportal.domain.com, is added to the local intranet sites in IE on their PC's. If it's detected as "Internet", they will have to enter credentials each time. (Some picture explaining "local intranet sites": http://autofeupdater.com/images/IEAddServerToLocalIntranetZone.jpg ) If it is not: Try again to explain, as clear as possible what you are trying to accomplish. P.S. what is your native language? Perhaps some of us speak it. http://setspn.blogspot.com