Install MIM 2016: MIM Synchronization Service

To install Microsoft Identity Manager 2016 components, first set up the installation package.

1. Sign in as contoso\miminstall to the server you're using for identity management synchronization server corpsync.

2. Unpack the MIM installation package or mount the MIM image DVD. If you don't have this DVD, see Microsoft Identity Manager licensing and downloads.

Install MIM 2016 SP3 or later Synchronization Service

1. In the unpacked MIM installation folder, navigate to the Synchronization Service folder.

2. Run the MIM Synchronization Service installer. Follow the guidelines of the installer and complete the installation.

3. In the welcome screen – select Next.

   

4. Review the license terms, check I accept the terms in the License Agreement to accept them, then select Next.

   

5. On the Custom Setup screen, select Next.

   

6. In the Sync Service database configuration screen, select:

   1. The SQL Server is located on:

      1. Local SQL Server for installations with local SQL servers
      2. Remote SQL Server for installations with remote SQL servers and enter the SQL Server Name, for example corpsql.contoso.com
      3. Azure SQL Server for installations with Azure SQL servers and enter the SQL Server Name, for example azuresqlserver.database.windows.net

   2. The SQL Server instance is: The default instance

      

      Skip to step 9 for Local SQL Server and Remote SQL Server

   3. MIM 2016 SP3 and later: Configure the MIM Synchronization Service Database name

7. Select the Azure SQL authentication type:

   

   Skip to step 9 for System-assigned Managed Identity

8. Enter the Principal ID of the User-Assigned Managed Identity

   

9. Set the database name for synchronization service and select Next:

   

10. Configure the Sync Service Account according to the account you created earlier:

    1. Service account: MIMSync

    2. Password: Pass@word1

    3. Service Account Domain or local computer name: contoso

    Note

    MIM 2016 SP3 and later: for Group Managed Service Accounts, ensure the $ character is at the end of the Service Account Name, e.g. MIMSync$, and leave the Password field empty.

    

11. Provide MIM Sync Service installer with the relevant security groups:

    1. Administrator = contoso\MIMSyncAdmins

    2. Operator = contoso\MIMSyncOperators

    3. Joiner = contoso\MIMSyncJoiners

    4. Connector Browse = contoso\MIMSyncBrowse

    5. WMI Password Management = contoso\MIMSyncPasswordReset

    

12. In the security settings screen, check Enable firewall rules for inbound RPC communications, and select Next.

    

13. Select Install to begin the installation of MIM Sync Service.

    1. A warning concerning the MIM Sync service account may appear – select OK.

    2. MIM Sync Service installs.

    3. A notice on creating a backup for the encryption key appears – select OK, then select a folder to store the encryption key backup.

       

    4. When the installer successfully completes the installation, select Finish.

    5. You need to sign out and sign in for the group membership changes to take effect. Select Yes to sign out.