Not so much a FIM question but more of a SharePoint or IIS question, but I figured it was appropriate. How does everyone force redirection to: 1) HTTPS - not require https though. Still want to redirect those that use http. 2) https://fim.company.com/identitymanagement when fim.company.com is entered Trying to use the HTTP Redirect in IIS makes the page act all wonky and apparently a custom error page no longer works in IIS 7.5 for doing HTTP to HTTPS.

This might be a starting point for 2), however needs to be tested carefully as stated in the article FIM 2010 - Using IIS 7 HTTP Redirects to bypass the landing page

Tom, This worked for us in RTM and Update 1 but caused us problems in the later Hotfix Rollups. Josh, For #1, I've seen where the FIM Site (SharePoint 80) is only bound to HTTPS (443) and then an empty site with a redirect to the HTTPS address for the non-HTTP. DON'T change the site name of SharePoint - 80. That caused us problems in the hotfix roll-ups. Eric

Tom, This worked for us in RTM and Update 1 but caused us problems in the later Hotfix Rollups. Josh, For #1, I've seen where the FIM Site (SharePoint 80) is only bound to HTTPS (443) and then an empty site with a redirect to the HTTPS address for the non-HTTP. DON'T change the site name of SharePoint - 80. That caused us problems in the hotfix roll-ups. Eric

I tried a couple ways of doing the redirection but nothing worked with IIS7.5, including create a new site with a page that simply redirects like the steps detailed here http://blog.itpc.ca/?p=19. When going to http://fim.company.com after creating the site it would just give me a blank page in IE. I found a couple different strings to use for the actual page, but none worked. Something else I found talked about using URL Rewrite, but when I put the code into the web.config everything choked and the SharePoint pages wouldn't even load.

I tried a couple ways of doing the redirection but nothing worked with IIS7.5, including create a new site with a page that simply redirects like the steps detailed here http://blog.itpc.ca/?p=19. When going to http://fim.company.com after creating the site it would just give me a blank page in IE. I found a couple different strings to use for the actual page, but none worked. Something else I found talked about using URL Rewrite, but when I put the code into the web.config everything choked and the SharePoint pages wouldn't even load.

Anyone else have a suggestion? I can't be the only one who wants to do this.

Anyone else have a suggestion? I can't be the only one who wants to do this.

We had the same problem and was only able to get it to work by routing the traffic via an ISA server. I know an F5 would work just as well. we tried many things in IIS...but just couldn't get it to work.

Josh, I tried the exact the thing from http://blog.itpc.ca/?p=19 and also got a white page. However if you then add a HTTP redirect (as described in http://social.technet.microsoft.com/wiki/contents/articles/fim-2010-using-iis-7-http-redirects-to-bypass-the-landing-page.aspx) from the dummy HTTP site to the HTTPS site I get redirected succesfully. The layout is completely screwed though... Using FIM build 4.0.3561.2 for these tests.http://setspn.blogspot.com

Josh, I tried the exact the thing from http://blog.itpc.ca/?p=19 and also got a white page. However if you then add a HTTP redirect (as described in http://social.technet.microsoft.com/wiki/contents/articles/fim-2010-using-iis-7-http-redirects-to-bypass-the-landing-page.aspx) from the dummy HTTP site to the HTTPS site I get redirected succesfully. The layout is completely screwed though... Using FIM build 4.0.3561.2 for these tests.http://setspn.blogspot.com

Finally got it working. Do the following on your portal server: Edit your bindings on "SharePoint - 80" (the FIM site) so that it only uses 443. Start the Default Web Site and make sure it has a binding for 80. Create a new document in the default site's directory (should be c:\inetpub\wwwroot\) called "default.htm" and put the below in it: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <title>Redirecting...</title> <meta http-equiv="REFRESH" content="0;url=https://fim.yoursite.com/identitymanagement"></HEAD> <BODY> If you are not redirected to Forefront Identity Manager in just a moment <a href="https://fim.yoursite.com/identitymanagement">please click here</a>. </BODY> </HTML> Now when browsing to http://fim.yoursite.com your users will be redirected to https://fim.yoursite.com/identitymanagement. If you add https://fim.yoursite.com to the Intranet Zone in IE then they will not be prompted for credentials either.

As you say there are two issues here, but I'd rephrase them Helping the users who forget the "s" in https. Helping the users who forget the "/IdentityManagement" bit. This is slightly different to your stament above because your case 2 includes case 1. In my environment i have a loadbalancer and that can resolve the http => https issue before I hit the portal. But my users are dropped into a Sharepoint landing page (Sharepoint Site map?) if they forget the /IdentityManagement. THey get an error mesage because they have no access to that page. So my question is how do I help users who get it half right and go to https://fim.company.com/ ?

Hi, I too came across this problem, and managed to work out a solution. This is as follows: Temporarily reinstate the port 80 bind to your "Sharepoint - 80" website in IIS. Open your WSS teamsite page - http://localhost - using the account that your installed WSS under. Go to Site Actions (top right) --> Site Settings Open "People and groups" Click on "Site Visitors" group, and click New-->Add Users. Add in your "domain\domain users" group. Now download "Sharepoint Designer 2007" from here. Once installed, fire it up and go to File-->open site Enter the link to your WSS teamsite - http://fim.company.com Right click and select a new .aspx file. Copy and paste the code robbed from Josh FGCU's post: <%@ Page Language="C#" %> <html dir="ltr"> <head runat="server"> <META name="WebPartPageExpansion" content="full"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <meta http-equiv="REFRESH" content="0;url=https://fim.company.com/identitymanagement"> </HEAD> <title>Redirecting...</title> <BODY>If you are not redirected to Forefront Identity Manager in just a moment <a href="https://fim.company.com/identitymanagement">please click here</a>. </BODY> </HTML> Save the file and close it once you've amended it to your environment. Now, right click the file and choose "Set as homepage" Accept the warnings, however say "No" to the option to preserve Hyperlinks. Test your redirect by firing up your site from a non privilaged account http://fim.company.com Voila - you should be redirected to Identity Management portal. Don't forget to remove your port 80 binding from IIS after your done.