Branded Password Reset Portals
We have multiple domains; is it possible to have the password reset portal branded? Also the reminder emails need to originate from the right domain. Has anyone done such and implementation with FIM 2010?
"Introduction to Configuring and Customizing the FIM Portal" ( http://technet.microsoft.com/en-us/library/ee534913(WS.10).aspx ) has information on how to Brand the FIM Portal.
"Password Reset Deployment Guide" ( http://technet.microsoft.com/en-us/library/ee534892(WS.10).aspx ) has info on deployment. But I have not seen any references to Multiple domain deployment.
Thansk
December 20th, 2010 10:53am
If you have different domains and you want the reminder emails sent from different Exchange Orgs, you are going to have to have multiple instances of the Password site, with each one having the appropriate email configuration.
As for portal branding, you have the latest information that I know of...
Luck,Aaron Sankey, Avanade
Free Windows Admin Tool Kit Click here and download it now
December 20th, 2010 1:55pm
Thanks Aaron, the part I not now quite sure about is that since "FIM Service" service account is sending the notification emails, it seems to me that the emails will be sent from the same account regardless of the domain that the end user
belongs to. I wonder if I need to create e-mail aliases for this service account under each domain and tweak the workflow that sends the notification so that sender and reply to address are properly set.
December 20th, 2010 4:09pm
Aaron,
I might be mistaken on this subject as I have no experience with FIM in a multi-domain environment. But the reminder emails the OP is thinking about are probably sent from within the FIM Service service. And this sender address is configured in
the Microsoft.ResourceManagement.Service.exe configuration file below C:\Program Files\Microsoft Forefront Identity Manager\2010\Service in the following line: <add key="sendAsAddress" value="svcfimsvc@demo.local"
/>
So my guess is that the "sender address" is determined per FIM Service instance. I can imagine someone installing multiple Password Portals (on different servers), each branded. However, installing multiple FIM Services (with their own DB) seems an other
story.
However, I'm not entirely sure what the OP is meaning with reminder mails. I'm guessing some Portal/Service customization which mails the users when passwords are about the expire.
In short: I don't think it's realy easy to sent reminders originating from different e-mail addresses.
Regards,
Thomas
http://setspn.blogspot.com
Free Windows Admin Tool Kit Click here and download it now
December 20th, 2010 4:14pm
I was thinking about setting up multiple instances with multiple service accounts.
But, if you can figure out a way to work that trick in exchange without the complication, post it -- I would love to hear it.Aaron Sankey, Avanade
December 20th, 2010 4:17pm
FIM is a 2-tier application, the frontend portal talks ONLY to IFMService. FIMPortal or FIMPasswordPortal does NOT send email to user.
FIMPasswordPortal does honor those portal customization.
FIMPasswordPortal really doesn't do anything but invoke an ActiveX control.
Free Windows Admin Tool Kit Click here and download it now
December 20th, 2010 9:05pm