Hi All,

I'm new to FIM and Active Directory/PKI in general.

I'm doing a project where my FIM 2010 R2 Sync Engine server is joined to a Forest called Prod.NET

But I'm creating 2x management agents to import AD data from the following forests.

Prod.NET

Dev.NET

There is no trust relationship set between the two forests. However, there is also no firewall between these FIM and the domain controllers of these forests. My requirement is to select this option:

When I click on NEXT, I'm presented with this error:

I only get this error for DEV.NET. When I do this for Prod.NET, it works fine.

What is required so I can get the DEV.NET management agent working for the SSL option?

• Edited by gtrivedi1980 21 hours 2 minutes ago Image upload problem

Hello,

Screenshots are still broken on my site, but I would assume Problem is because of certificate trust.

Since the FIM Server don't trusts certs of Dev.Net the SSL Connection is refused.

You can Export the certificate of the Destination DC an Import (and) trust them in your FIM Server.
If you have an CA installed in DEV.Net you could also Import the CA cert to trust all certs from that forest.

/Peter

Although I cannot see the images, I assume you are trying to create the MA using the FQDN Dev.net? If so, you cannot do that.  You would have to use its IP address instead, provided you can ping it, and then it will be fine.