Before we can start to use our new FIM environment, we need to perform some post-installation tasks.
In order for the
FIM Service to manage the FIM Synchronization Service, we need to add the FIM Service service account to the FIMSyncAdmins
group. If you are implementing Password Reset, you also need to add the FIM Service service account to the FIMSyncPasswordSet
group.
After adding the FIM Service service account to the new groups, you need to restart the FIM Service service in order for the new group membership to take effect.
In the example of The Company, this means that the FIM Service account on the Dev-FIM server should be a member of the FIMSyncAdmins
group on the Dev-FIM server and the
FIM Service account on the FIM-Service server should be a member of FIMSyncAdmins
on the FIM-Sync server.