Powershell script to install forefront identity manager (FIM) 2012 r2

Powershell script to install forefront identity manager (FIM) 2012 r2, Unattended installation of FIM

The following is an example of installing the FIM 2010 R2 Synchronization Service:

$FimSyncMsi = ‘”D:Synchronization ServiceSynchronization service.msi”‘
# SQL Server configuration
#
$StoreServer = “FIMR2M” # the SQL hostname/alias
$SqlInstance = “” # the SQL instance (leave blank if its the default instance)
$SqlDB = “FIMSynchronization” # this is a default setting
# Sync Service AD Service account details
#
$ServiceAccount = “fimsyncservice” # the username of the service account (sAMAccountName)
$ServicePassword = “changeme” # the password of the service account
$ServiceDomain = “MYTESTDOMAIN” # the domain of the service account (NetBios Name)
# Sync Service Groups
# – assumed to be in the same domain as the service account
#
$GroupAdmins = $ServiceDomain+”FimSyncAdmins”
$GroupOperators = $ServiceDomain+”FimSyncOperators”
$GroupAccountJoiners = $ServiceDomain+”FimSyncJoiners”
$GroupBrowse = $ServiceDomain+”FimSyncBrowse”
$GroupPasswordSet = $ServiceDomain+”FimSyncPasswordSet”
# Firewall configuration
#
$FirewallConf = 1 # 0 don’t configure the firewall, 1 to configure the firewall
#
########################################################################################################
# build the argument list
#
$ArgumentList = New-Object System.Collections.ArrayList
$ArgumentList.Add(“/quiet”)
$ArgumentList.Add(“/i $FimSyncMsi”)
$ArgumentList.Add(“STORESERVER=$StoreServer”)
if ($SqlInstance -ne “”)
{
$ArgumentList.Add(“SQLINSTANCE=$SqlInstance”)
}
$ArgumentList.Add(“SQLDB=$SqlDB”)
$ArgumentList.Add(“SERVICEACCOUNT=$ServiceAccount”)
$ArgumentList.Add(“SERVICEPASSWORD=$ServicePassword”)
$ArgumentList.Add(“SERVICEDOMAIN=$ServiceDomain”)
$ArgumentList.Add(“GROUPADMINS=$GroupAdmins”)
$ArgumentList.Add(“GROUPOPERATORS=$GroupOperators”)
$ArgumentList.Add(“GROUPACCOUNJOINERS=$GroupAccountJoiners”)
$ArgumentList.Add(“GROUPBROWSE=$GroupBrowse”)
$ArgumentList.Add(“GROUPPASSWORDSET=$GroupPasswordSet”)
$ArgumentList.Add(“FIREWALL_CONF=$FirewallConf”)
Clear-Host
“Installing FIM Synchronization Service…. ”
$InstallExitCode = (Start-Process -FilePath “msiexec.exe” -ArgumentList $ArgumentList -Wait -Passthru).ExitCode
if ($InstallExitCode -eq 0)
{
“Installation Successful – ensure you now perform a backup of the Synchronization Service encryption key.”
}
else
{
“Installation Failed with code $InstallExitCode – check Windows Event Viewer for errors”
}

Unattended installation of FIM 2010 R2

All components of the FIM 2010 R2 accept properties that allow unattended and silent installation. Those properties can either be set in a Windows Installer Transform (MST) file or specified at the command line during installation.
The FIM 2010 R2 installation packages do not support advertisement (msiexec /j) or administrative (msiexec /a) installations.
msiexec /q /i “D:Synchronization ServiceSynchronization Service.msi" STORESERVER=LocalMachine SQLDB=FIMSynchronization SERVICEACCOUNT=FimSynchService SERVICEPASSWORD=Pass1word! SERVICEDOMAIN=CORP GROUPADMINS=FIMSyncAdmins GROUPOPERATORS=FIMSyncOperators GROUPACCOUNTJOINERS=FIMSyncJoiners GROUPBROWSE=FIMSyncBrowse GROUPPASSWORDSET=FIMSyncPasswordSet FIREWALL_CONF=1   /L*v C:mylogfile.txt
The following is an example of installing the FIM 2010 R2 Service and Portal:
msiexec /q /i "D:Service and PortalService and Portal.msi" ADDLOCAL=CommonServices,WebPortals SQMOPTINSETTING=0 SQLSERVER_SERVER=APP1 SQLSERVER_DATABASE=FIMService EXISTINGDATABASE=0 MAIL_SERVER=EX1.corp.contoso.com MAIL_SERVER_USE_SSL=0 MAIL_SERVER_IS_EXCHANGE=1 POLL_EXCHANGE_ENABLED=1 CERTIFICATE_NAME=ForefrontIdentityManager SERVICE_ACCOUNT_NAME=FIMService SERVICE_ACCOUNT_PASSWORD=abc123*2k SERVICE_ACCOUNT_DOMAIN=CORP SERVICE_ACCOUNT_EMAIL=FIMService@corp.contoso.com SERVICE_MANAGER_SERVER=APP2 SYNCHRONIZATION_SERVER=FIM1 SYNCHRONIZATION_SERVER_ACCOUNT=CORPFIMMA SERVICEADDRESS=FIM1 SHAREPOINT_URL=http://localhost REGISTRATION_PORTAL_URL=https://passwordregistration.corp.contoso.com FIREWALL_CONF=1 SHAREPOINTUSERS_CONF=1 REQUIRE_REGISTRATION_INFO=1 REGISTRATION_ACCOUNT_NAME=FIMPassword REGISTRATION_ACCOUNT_DOMAIN=CORP REQUIRE_RESET_INFO=1 RESET_ACCOUNT_NAME=FIMPassword RESET_ACCOUNT_DOMAIN=CORP  /L*v C:fimservicelog.txt
The following is an example of a command-line installation for the Password Reset and Registration Portal.
msiexec /q /i “D:Service and PortalService and Portal.msi"  ADDLOCAL=RegistrationPortal,ResetPortal REGISTRATION_ACCOUNT=CORPFIMPassword REGISTRATION_ACCOUNT_PASSWORD=Pass1word$ REGISTRATION_HOSTNAME=passwordregistration.corp.contoso.com REGISTRATION_PORT=80 REGISTRATION_FIREWALL_CONFIG=1 REGISTRATION_SERVERNAME=FIM1 IS_REGISTRATION_EXTRANET=Extranet RESET_ACCOUNT=CORPFIMPassword RESET_ACCOUNT_PASSWORD=Pass1word$ RESET_HOSTNAME=passwordreset.corp.contoso.com RESET_PORT=81 RESET_FIREWALL_CONF=1  RESET_SERVERNAME=FIM1 IS_RESET_EXTRANET=Extranet /L*v C:mylogfile.txt
The following is an example of a command-line installation for the FIM CM Web Portal and FIM CM Update Service of FIM 2010 Certificate Management
msiexec /q /i “D:Certificate Managementx64Certificate Management.msi"  ADDLOCAL=CLM_Service,Web_Files WEBAPPNAME=CertificateManagement /L*v C:mylogfile.txt
The following is an example of a command-line installation for the FIM CM CA Modules of FIM 2010 Certificate Management
msiexec /q /i “D:Certificate Managementx64Certificate Management.msi"  ADDLOCAL=CA_Modules /L*v C:mylogfile.txt
The following is an example of a command-line installation for the FIM CM Client of FIM 2010 Certificate Management
msiexec /q /i “D:CM Clientx64CM Client.msi"  ADDLOCAL=CMClient,ChangePin,AppletManagement,SelfServiceControl,ProfileUpdateControl /L*v C:mylogfile.txt
The following is an example of installing the Add-ins and Extensions:
msiexec /q /i “D:Add-ins and extesnisonsx64Add-ins and extensions.msi" ADDLOCAL=OfficeClient,PasswordClient PORTAL_LOCATION=FIM1 PORTAL_PREFIX=http RMS_LOCATION=FIM1 MONITORED_EMAIL=FIMService@corp.contoso.com REGISTRATION_PORTAL_URL=https://passwordregistratio.corp.contoso.com /L*v C:mylogfile.txt
The following is an example of installing the Service and Portal Language Pack. It shows how to install the Japanese language pack for all of the components
msiexec /q /i “D:Service and Portal Language PackService and Portal Language Pack.msi" ADDLOCAL=FIMPortalLP,PortaljaJP,FIMServiceLP,MTjaJP, FIMResetPortalLP,ResetjaJP,FIMRegistrationPortalLP,RegistrationjaJP /L*v C:mylogfile.txt
The following is an example of installing the Add-ins and Extensions Language Pack. It shows how to install the Japanese language.
msiexec /q /i “D:Add-ins and Extensions Language PackAdd-ins and Extensions Language Pack.msi" ADDLOCAL=FIMALP,jaJP /L*v C:mylogfile.txt
(Visited 228 times, 1 visits today)
One Comment

Add a Comment

Facebook