Microsoft Identity Manager SP3 delay: What it means for your identity strategy
Steven Connelly
Head of Enterprise Identity
Published: 13 February 2026
Microsoft has delayed Service Pack 3 for MIM 2016. With SharePoint 2016 and 2019 support ending in July 2026, organisations need to manage risk now, while staying ready to adapt if SP3 arrives. Here’s what we suggest.
Microsoft has confirmed that the long-anticipated Service Pack 3 (SP3) for Microsoft Identity Manager (MIM) 2016, originally expected in 2025 and later January 2026, has been delayed, with no revised release date currently available.
This delay has significant implications for organisations relying on MIM to manage hybrid identity environments, particularly those running the MIM Portal on SharePoint Server 2016 or 2019, both of which reach end of support in July 2026.
What was planned for MIM SP3?
SP3 was expected to deliver a focused set of compatibility updates designed to keep MIM viable within Microsoft-centric hybrid estates:
- Support for Windows Server 2025 and SQL Server 2022
- Compatibility with SharePoint Server Subscription Edition
- Azure SQL support using Managed Identity authentication
- ADFS claims-based single sign-on for the MIM Portal
These updates were designed to extend the operational life of MIM in modern hybrid environments, offering a bridge for organisations not yet ready to fully transition to Microsoft Entra.
Why the SP3 delay matters
The timing of this delay is particularly challenging. SharePoint Server 2016 and 2019 (core dependencies for the MIM Portal) reach end of support on 14 July 2026. Without SP3, MIM remains tethered to these older SharePoint versions, leaving organisations with a potential support gap and increased security and compliance risks.
MIM 2016 itself remains in extended support until January 2029, and Microsoft will continue to provide security updates during that period. However, if SP3 does not arrive in time to support migration away from SharePoint 2016 and 2019, organisations running the MIM Portal on those platforms would be operating on unsupported infrastructure from July 2026.
Microsoft has not announced a broad Extended Security Update programme for SharePoint 2016 or 2019. However, a limited private extension programme may be available for eligible customers, providing coverage until 12 January 2027. It’s worth noting though, that access is not guaranteed and assessed on a case-by-case basis so we’d advise reaching out to your account manager.
While this may provide short-term breathing space for some organisations, it doesn’t remove the underlying dependency risk.
Nor does it alter Microsoft’s strategic direction toward cloud-native identity in Microsoft Entra. It should be viewed as temporary mitigation rather than a long-term solution, and eligibility does not guarantee that every dependency or integration scenario will be covered.
This dependency risk exists regardless of whether SP3 ultimately ships. The difference is how prepared organisations are to respond.
Where organisations should be right now
Given the fixed SharePoint support deadline and the absence of a confirmed SP3 delivery date, organisations should already be executing mitigation steps, while remaining ready to adjust if SP3 is released in time.
In practical terms, that means:
- Confirming where SharePoint 2016 or 2019 underpins MIM Portal functionality
- Identifying which workflows are tightly coupled to the portal versus MIM itself
- Reducing reliance on SharePoint-based components where possible
- Ensuring identity services are not left exposed to unsupported infrastructure by default
So, is it time to move to Microsoft Entra?
Microsoft Entra ID and Entra ID Governance now offer robust alternatives to many of MIM’s core capabilities, including:
- Identity lifecycle workflows
- Access reviews and entitlement management
- Self-service password reset (SSPR) with writeback to on-prem AD
- Provisioning via SCIM and Microsoft Graph
- Dynamic group and role-based access control
While not a direct drop-in replacement for every MIM scenario, Entra’s cloud-native architecture, continuous innovation, and security-first design make it a compelling option for organisations looking to modernise their identity infrastructure.
Entra provides Microsoft-native execution paths that can be used immediately, without introducing alternative vendors, while longer-term identity decisions continue.
What you can do now
Recommended actions:
The SP3 delay is a reminder that MIM’s future is finite. The aim is to stay within Microsoft, stay supported, and stay in control. Whether you choose to extend, coexist, or evolve, now is the time to act.
How Kocho can help
Kocho is one of the UK’s longest-standing and trusted specialists in Microsoft identity. We’ve supported organisations through every phase of Microsoft’s identity evolution, from early on-premises directory services and MIM deployments through to today’s Entra-first architectures.
Working exclusively within the Microsoft identity platform, we help organisations assess MIM estates, manage dependency risk, and take controlled, evidence-led steps towards modernisation, without disruption or change for change’s sake.
If you need a trusted Microsoft identity partner who understands both where you are and where Microsoft is going, we are here to help.
latest edition
Everything you need to know about Microsoft Entra
A clear, practical view of how Microsoft Entra works as a unified platform.
Expert guidance on modern identity design, security, governance, and Entra licensing.
Discover how you can:
- Run Entra as one coherent identity platform
- Apply end-to-end security and governance
- Modernise IAM safely, from MIM to AI-driven identity
Great emails start here
Sign up for free resources and exclusive invites
Subscribe to the Kocho mailing list if you want:
- Demos of the latest Microsoft tech
- Invites to exclusive events and webinars
- Resources that make your job easier
