Image from: https://learn.microsoft.com/en-us/azure/azure-sql/virtual-machines/windows/availability-group-overview Edited July 2 2022 after reviewing my Facebook discussion with Eugene Sergeev on Microsoft’s product team. MIM 2016 SP2 (and 4.4.1459.0 or later supports SQL Server Always On Availability Groups (AG))! Yeah! Ok let’s implement it! But wait! It won’t give us all we hope for! Up to the moment distributed backup of the data – yes! Automatic instant failover – not without a huge caveat! What do you mean it won’t give us Automatic Instant Failover?
Back in 2013 I published 5 posts about the Secrets of the Metaverse: Parts 1-5: What is the Metaverse? How is the Metaverse data stored? Is there a limit to how many Metaverse attributes I can have? Has access to the metaverse gotten faster with recent releases? How do I safely query the metaverse? Added (Aug 5 2015): How Many Metaverse Attributes can I have? The third post was about how many attributes you can have in the Metaverse in which I said that the mms_metaverse_lineageguid table limits us to 502 single valued non-reference attributes in the Metaverse.
An easy way to take care for your FIM databases is to “use Ola Hallengren’s script (http://ola.hallengren.com/scripts/MaintenanceSolution.sql). Download the script, adjust the backup paths and run the script on each instance of SQL Server. It will automatically create several jobs some for maintaining the system databases and some for maintain the user databases. You will need to create schedules for each of the jobs.” – FIM Best Practices Volume 1
Recently, a reader reached out to me for advice on learning FIM, SQL and IIS. As well as guidance on setting up a lab (more advice on that part in a later post). First think for a moment about your best learning styles for technology. Do you need to read the concepts and architecture first and then do it? Do you need to watch a video and then read, and then do it?
Craig’s session is on how to get data out from the FIM Service and FIM Sync with PowerShell and displaying it with SSRS, which he has dubbed Scissors! Ok Craig we get it! You have even persuaded me that PowerShell is important! I have started writing scripts. SQL Server of course is still important. Key is to hook up a pipeline from PowerShell to pass into his custom SSRS PowerShell Data Processing Extension (DPE).
FIM has two databases (well three if we count the FIM Certificate Management service): FIMService FIMSynchronizationService Here is a calculator in excel that you can download and use to calculate how big to make your databases. In my experience the FIMService database size depends mostly on how many request objects are in the database. The FIM Sync Database depends mostly on how much run history details (step object details) you generate and keep.
After you have setup your SQL Attribute Claims Store in ADFS. If you want to use it and in fact test it you must set up a claims rule that makes use of it. To do this you must create a claim using a custom rule, which allows you to employ the claims rule language. The following technet entry is a good start as it illustrates how to enter a SQL Query and even a stored procedure.
Several others have showed how to define SQL attribute stores with ADFS. Note that when entering the connection string there is no validation or feedback to the administrator. If there is a problem you usually won’t see it until you setup a claims rule that uses it and you get an error. So make certain to carefully build and test your connection string. Remember that if you use integrated authentication to connect to the SQL Server that it will run under the context of your ADFS Service account so you will need to grant your ADFS service account permissions to the SQL Server and Database.