Move IDSync Database to new SQL Server

Remember that ANY version or edition of SQL Server (even Express edition) is supported.

Even when the IDSync database footprint is very small, please, make sure you have enough free space (1GB at least) on the 'new' database server.

Launch SQL Server Configuration Manager

Make sure that the following services are running:

• SQL Server (InstanceName) and SQL Server Browser

Make sure that these protocols are enabled:

• Named Pipes and TCP/IP

Make sure you're using Mixed mode authentication.

Define (or create) a valid service user (for IDSync's database access). You may use the 'sa' default user or any other service user. 

Use your usual naming and password policies and conventions.

Since the database already exists and will be restored, the sql login account does not need to have the 'sysadmin' role.  It is recommended that it is granted the 'dbcreator' role.  It should also be set as the db_owner of the IDSync sql database.

Check or change any Firewall setting that could prevent or reject remote connections to the SQL Server database.

TCP Port 1433 and UDP Port 1434 must be accessible

Create Inbound Rules if required (to allow remote connections to both SQL services).

Remember that there might be IDSync services running on other locations (such as workstations or Domain Controllers). Make sure you stop or close those instances as well.

Close any IDSync application (specially, close the IDSync Management Studio using the OK button to commit any change you've lately performed).

Perform a (Full) database backup of the current IDSync database (depending on your specific backup policies, this backup could be Full or Differential, but, since you'll be moving the database to a new location, a Full backup is advised to easily copy the resulting file to the target server).

Take the current IDSync database Offline (this way you'll have it available for any future reference but it won't be accidentally accessed).

Then, restore the database backup on the target (new) SQL Server.

After you've closed or stopped all the IDSync services and applications, re-open the IDSync Management Studio.

Click on the 'Connection' button (top left corner of the application).

And change the corresponding settings to have the IDSync software pointing to the new database location.

Click OK to commit the change and close the IDSync Management Studio.

(Please, remember that at this point all the IDSync services and applications MUST be/remain stopped or closed).

First open the IDSync Management Studio and confirm that all data and configuration parameters are correct.

Click on the Transactions tab and verify that it is displaying a list of existing transactions. It should not be blank. This verifies that is reading data from the restored database.

Then, start all the IDSync services (remember that you might have IDSync services and applications on other servers or workstations, different from the IDSync 'main' server).

Configure Agent on each DC (Domain Controller)

The agent on each DC writes password changes to the database.  Once the database is restored to the new server the agent can be reset to point to the new destination.  In the meantime the agent will cache changes while the original database was taken offline and no database was available.

• On each DC, go the Program Files\Identity Syncronizer

• Find the file Syncronizer.Agent.Config, right click the file and select run as Administrator

• Change the settings to point to the new server

• Click the 3-dot ellipses to test the connection

  • You should see "Configuration is valid." above the database server name.

• Press OK to close the dialog

  • You can ignore the warning about restarting the DC as the agent is not being changed

Validation:

• On each DC, Launch the ADUC tool and perform a password reset for a AD test user.

• On the Transaction tab of the IDSync console you should see the Change Password transaction recorded and the name of the DC