I have FIM synchorization, FIM Portal, and FIM Service installed on an internal server.  SharePoint 2010 Foundation is installed on the same server.  I want to install a second server in the DMZ for the SSPR components as we have some external users who will need to register and reset their passwords from outside our domain, all users including the external users are set up within Active Directory.  Is it possible to have the second SSPR server in the DMZ?  If so how do I get it communicate with the internal server?

We are using ADFS is it possible to set up FIM 2010 R2 to sync with ADFS instead of AD DS?  So far everything I have seen online indicates I can only sync with ADFS if I am running FIM 2012.  Thanks.

Hello!

It is a good practice to deploy the SSPR portals on a separate server in DMZ if you want to use password reset for external users.

The Server have to be able to talk to the FIM Service server on the inside, here is a list of ports. http://technet.microsoft.com/en-us/library/ee534892(v=ws.10).aspx

FIM cannot talk to ADFS for this scenario and there is no FIM 2012 and will never be.

/Robert