Installing and configuring FPSMC Part 1

Just completed a run-through of my first installation of FPSMC – Forefront Protection Server Management Console. Blogging this as other installs all use SQL Express, which in big organisations (the ones who need the console to manage FPE (Forefront Protection for Exchange) is going to be quite commonly the case I should imagine. (FPSMC also supports Sharepoint apparently). I’m no SQL guru, and permissions could probably be more locked down, but I didn’t have much success when I tried.

1. Create 2 SQL databases on a clustered or standalone instance of SQL 2008 named ‘FPSMCData’ and ‘FPSMCReport’, granting the installer owner permissions.

2. Create a SQL login for the installer, and grant them sysadmin and dbcreator roles.

NOTE: Sysadmin seems excessive rights – it is documented this way at, and fails if you just have dbcreator. Other, more liberal roles were not tested. It is also documented that the user needs local admin permissions on the SQL box, but this has not been found to be true so far. Microsoft have confirmed to me that some of the documentation for this product refers to beta versions of the product and are no longer accurate.

3. Download FPSMC from

4. Install MS Chart Controls for.Net framework 3.5SP1 from on a Windows 2008 x64 machine (see system requirements at

5. Run FPSMC_setup.exe. Click Yes to install

6. Click Next

7. Choose Primary server and a password for replication between primary and backup (to be installed on another server against another SQL instance with the same DBs created)

8. Click Check prerequisites

9. If chart controls were not installed previously this warning will appear. Install from and click retry.

10. Choose your SQL instance and enter credentials, click Test Logon

11. Without dbcreator permissions you will probably get the following error. Go to the properties of the login in SQL Management Studio and tick dbcreator (and sysadmin it seems). Or get your DBA to do this for you which is more commonly going to be the case.

12. If login is OK, click Next

13. Choose Microsoft update option then click Next

14. If SQL Server Agent isn’t started, you will get the following error – start the service on the SQL box through service.msc or SQL Management Studio. Also, if you don’t have sysadmin permissions you will probably get this error as well. Go to the properties of the login in SQL Management Studio and tick sysadmin. Or get your DBA to do this for you which is more commonly going to be the case.

15. Click Yes or No to prompt

16. Accept license agreement

17. Accept or amend install location

18. Click Install

19. Click Finish

20. Go to http://servername/fpsmconsole to view the console.

Next steps – lockdown to SSL not http:80, deploy agents, configure packages etc… part 2 coming soon…

Tim Coveney | LlamaIT

This entry was posted in Exchange 2010, Forefront 2010. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s