Requirements

The following are the software requirements for the MIM Event Broker service:

  • Microsoft Windows Server (2008 R2 SP1 or later);
  • Microsoft .NET 4.5.1 Framework (external download);
  • Microsoft Identity Lifecycle Manager 2007 or Microsoft Forefront Identity Manager 2010;

The following are the recommended minimum hardware requirements for the MIM Event Broker service:

  • Approximately 20MB on the nominated server for installation of executables and documentation, with at least 15MB available for logging (configurable)

The following are the recommend minimum software requirements for accessing MIM Event Broker Management Studio:

  • A JavaScript-enabled modern desktop web browser (Microsoft Internet Explorer 8+2, Mozilla Firefox 30+, Google Chrome™ browser, etc.)

Topology

The MIM Event Broker service can be installed wherever it is deemed most appropriate. The options are limited only by the access and permissions that the service account holds, along with those required by each of the Agents. See the MIM Event Broker service account section below for details on these permissions and requirements.

For environments requiring the use of the MIM Event Broker Web Component, this should be installed separately from the MIM Event Broker service environment. It must be able to be accessed by the users of MIM Event Broker over HTTP(S) using the configured port, and be able to make web service calls on another configured port to the machine running the MIM Event Broker service.

Some environments may require the MIM Event Broker web address being added to the list of intranet sites, as well as about:blank.

Firewall

The firewall should be configured to allow communication between between components. The following default exceptions should be made:

Service
Protocol
Ranges
FIM WMI (RPC) TCP 135, 49152-65535
MIM Event Broker TCP 59990
SQL Server TCP 1433

Configuration

The following information will need to be retained by the administrator in order to install and maintain MIM Event Broker:

  • MIM Event Broker service account

MIM Event Broker service account

This is the Windows account the MIM Event Broker service will operate. The service account must have the following:

  • Log on as a service. For details see here;
  • Access to write to its Logs directory. Defaults to: C:\Program Files\UNIFY Solutions\Event Broker\Services\Logs
  • Ability to create the Logs file directory;
  • Full update access to the Extensibility directory. Defaults to: C:\Program Files\UNIFY Solutions\Event Broker\Services\Extensibility
  • Permission to create a WCF end-point (see The service will not start due to a lack of permissions to create a WCF end-point);
  • Permission to write to C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files;
  • Correct rights for any connected system that Windows authentication is to be used for (see Agents).
  • Membership in the FIMSyncAdmins group.
  • Read permission (db_datareader) to the FIMSynchronizationService database, either for the service account, or a separate SQL authentication login.

If installed on the same machine as Microsoft Identity Lifecycle Manager or Microsoft Forefront Identity Manager, the service account also requires the following:

If installed on a different machine from Microsoft Identity Lifecycle Manager or Microsoft Forefront Identity Manager, the service account also requires the following:

  • Rights to launch DCOM applications on the remote computer (overview)

NB. Compatibility with emulation frameworks including Mono is untested and unsupported.

  1. Microsoft Forefront Identity Manager 2010 requires Microsoft Windows Server 2008 R2. Microsoft Identity Lifecycle Manager 2007 requires Microsoft Windows Server 2003 Service Pack 2. Please refer to Microsoft documentation for exact specifications.
  2. Older versions of Microsoft Internet Explorer are supported with some limitations.
Service Installation Configuration

Is this article helpful for you?