Hello!
I am implementing a new installation of FIM 2010 R2 CM in a test environment.
The test environment is "half-production", as it was built to be as close as possible to the active production environment.
I have 2 DC servers (2008r2 sp1), a CA server, an MSSQL 2008 R2 server, and an application server for the FIM installation.
I have done everything that's written in the "Test Lab Guide" document (blogs.technet.com/b/tlgs/archive/2010/11/04/test-lab-guide-demonstrate-fim-cm-2010.aspx), and when I reached the part of "Perform FIM CM subscriber tasks", and needed to "Request a new set of certificates", I get the following error: "Current user does not have access to any profile templates". I then went on to check my FIM CM installation, thinking something must be wrong here, as this should have gone without any problems.
I used this document (technet.microsoft.com/en-us/library/hh230252(v=ws.10).aspx) to verify my installation, and when arriving to the part called "To verify the CA is in the CertificateAuthority SQL Table", and ran the "Select Top 1000 Rows" command from right clicking on the dbo.CertificateAuthority table, in the FIMCertificateManagement DB, in my SQL server.
The query was successful, but returned 0 rows (meaning there's a missing link between the DB and the CA server).
I tried the suggested steps from the previous link (and everything was OK and according to the recommendations):
check your connection string on the Exit Module. See: Configure FIM CM Exit Module on DC1. Also verify that the permissions for DC1 are set correctly on the SQL Server. See: Allow DC1 to access the FIM CM database on APP1. Another thing, if you see an Event ID 0 in the Event Viewer, reboot DC1 and then stop and start the CA, then check the table again.
Therefore, I cannot locate any reference to the CA server in the Profile Template. I mean: when I edit the copied Sample profile template, as instructed, and want to edit it, I cannot choose the CA server, since it is not there.
FIM portal home page -> Manage profile templates-> <ORG>Smartcard user profile-> clicking on the certificate template->under "Certificate Authorities", there are no lines.
Please advise, since I have researched this issue extensively, and could not find any "workaround" or a direct solution to this problem.
The customer is eager to proceed to installing this environment in their PROD environment, and this cannot happen when the testing environment isn't working :(
Kind Regards,
Marom.