Moving database and restoring encryption key

Paolo Tedesco 21 Reputation points
2021-08-10T13:48:38.293+00:00

I want to move the DB of a MIM installation I have.
I've read that the supported way to do this is to reinstall MIM.
After I reinstall, the service does not start, and I need to abandond the installed key. At that point, the encrypted configuration (passwords used by management agents) are lost, and I need to re-insert them.
How am I supposed to reuse the previous encryption key, which I had backed up?
All the guides I've found explain how to backup the key, but I couldn't find anything on how to restore it.

Microsoft Identity Manager
Microsoft Identity Manager
A family of Microsoft products that manage a user's digital identity using identity synchronization, certificate management, and user provisioning.
706 questions
0 comments No comments
{count} votes

Accepted answer
  1. SteinIP 271 Reputation points
    2021-08-11T11:11:47.273+00:00

    When installing the synchronization engine, if it detects an existing 'FIMSynchronzationService' database on the SQL it will ask if you want to reuse this, and start the dialog to select the file with the backed up encryption key.

    1 person found this answer helpful.
    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Paolo Tedesco 21 Reputation points
    2021-08-12T07:24:52.623+00:00

    I was trying to put some test installations on the same DB server, so I didn't bother with named SQL instances, and just renamed the databases.
    I'm using the unattended installation, running the installer with msiexec, to change the DB name at install.
    It looks like the option to specify a different database name is available only through msiexec, while the possibility to specify existing encryption keys is available only from the interactive installation dialog.
    In the end, specifying the DB name from the msiexec command line works in recovering the old DB, even if the DB name is not displayed in the dialog.
    Really confusing, but it worked.

    Many thanks for your answer :)

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.