Install FIM SSPR Reset portal on a non domain joined machine

Hi everybody.

I have a question about FIM 2010 R2 SP1 SSPR.

We are currently installing a new FIM 2010 R2 SP1 environement at a customer and the architecture we wish to implement is as follows:

- 1 Synchronization server

- 1 Fim Portal Server hosting FIM Portal + registration portal

- 1 Dataware House server for Reporting

- 1 Server hosting FIM reset Portal

We would like that the registration is only accessible from internal LAN and Reset portal accessible from Internet.

These servers are hosted in different security zones separated by firewalls

The Question is as follows: Can we install FIM reset portal on a workgroup machine or has it got to be in the same domain as the Registration portal? If it can be a workgroup machine what ports must be opened in the firewall in order to make it work.

Thanks for your help.

Sylvan

March 31st, 2015 7:02am

Sylvan,

My understanding says that you want to give the functionality to reset the password over the internet but not for the registration?

You can achieve this by simply allowing the passord reset URL to be opened from the internet but you don't have to publish the registration URL in this way for registration the user has to login within the prescriobed network but for resetting the password, this can be done from the internet as well.

Free Windows Admin Tool Kit Click here and download it now
March 31st, 2015 9:59am

Hi Manuj,

Thanks for the reply. That is exactly what I want to do. In our architecture the serveurs that publish URL's on the Internet are in a workgroup, not joined to our main domain. So in this case the reset portal could be in a workgroup and the registration portal in our domain. Would that work or do the reset and registration portal joined to the domain?

Thanks

Regards,

Sylvan.

April 2nd, 2015 5:44am

Sylvan,

I believe, you are getting confused. What I mean to say is that you install both the services in a Domain and installing these will give you URL which can be mapped with external address so that these pages can be accessible over the web as well. Once, these are published from outside you can use the reset functionality for resetting the password. But not publishing the registration URL over the internet will not allow users to get registered from outside the domain and hence, completing your requirement.

Free Windows Admin Tool Kit Click here and download it now
April 6th, 2015 6:41am

Hi Manuj,

Thanks for the answer. That confirms my thoughts. Thanks.

Regards,

Sylvan

April 7th, 2015 4:06am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics