Microsoft Identity Manager SP3 delay: What it means for your identity strategy

Microsoft has confirmed that the long-anticipated Service Pack 3 (SP3) for Microsoft Identity Manager (MIM) 2016, originally expected in 2025 and later January 2026, has been delayed, with no revised release date currently available.

This remains an evolving picture. While the delay may prove to be short, the absence of a confirmed release date means organisations should still consider the potential implications, particularly where the MIM Portal relies on SharePoint Server 2016 or 2019, both of which reach end of support in July 2026.

What was planned for MIM SP3?

SP3 was expected to deliver a focused set of compatibility updates designed to keep MIM viable within Microsoft-centric hybrid estates:

• Support for Windows Server 2025 and SQL Server 2022
• Compatibility with SharePoint Server Subscription Edition
• Azure SQL support using Managed Identity authentication
• ADFS claims-based single sign-on for the MIM Portal

These updates were designed to extend the operational life of MIM in modern hybrid environments, offering a bridge for organisations not yet ready to fully transition to Microsoft Entra.

Why the SP3 delay matters

The timing of this delay is particularly challenging. SharePoint Server 2016 and 2019 (core dependencies for the MIM Portal) reach end of support on 14 July 2026. Without SP3, MIM remains tethered to these older SharePoint versions, leaving organisations with a potential support gap and increased security and compliance risks.

MIM 2016 itself remains in extended support until January 2029, and Microsoft will continue to provide security updates during that period. However, until a delivery timeline is confirmed, organisations running the MIM portal on SharePoint 2016 or 2019 would be advised to look at contingencies that mitigates SP3 dependency.

SharePoint support update

Microsoft has not announced a broad Extended Security Update programme for SharePoint 2016 or 2019. However, a limited private extension programme may be available for eligible customers, providing coverage until 12 January 2027. It’s worth noting though, that access is not guaranteed and assessed on a case-by-case basis so we’d advise reaching out to your account manager.

While this may provide short-term breathing space for some organisations, this should be viewed as short-term mitigation rather than a strategic alternative.

It doesn’t change Microsoft’s long-term direction toward the cloud-native Entra platform, nor does it guarantee coverage for every scenario.

This dependency risk exists regardless of whether SP3 ultimately ships. The difference is how prepared organisations are to respond.

Where organisations should be right now

Given the fixed SharePoint support deadline and that SP3 timing remains unconfirmed, organisations should ensure mitigation options are prepared and ready to execute if timelines extend beyond expectations.

In practical terms, that means:

• Confirming where SharePoint 2016 or 2019 underpins MIM Portal functionality
• Identifying which workflows are tightly coupled to the portal versus MIM itself
• Reducing reliance on SharePoint-based components where possible
• Ensuring identity services are not left exposed to unsupported infrastructure by default

So, is it time to move to Microsoft Entra?

Microsoft’s strategic investment in identity is centred on Microsoft Entra, particularly .

Today, Entra ID and Entra ID Governance already delivers many capabilities traditionally associated with MIM, including:

• Identity lifecycle workflows
• Access reviews and entitlement management
• Self-service password reset (SSPR) with writeback to on-prem AD
• Provisioning via SCIM and Microsoft Graph
• Dynamic group and role-based access control

While not a direct drop-in replacement for every MIM scenario, it does now allow orgnanisations to progressively adopt Entra’s Entra capabilities that reduce dependency on legacy components while maintaining operational continuity.

Introducing Entra-native workflows where appropriate allows identity teams to align with Microsoft’s active investment roadmap without introducing alternative vendors or forcing unnecessary change.

What you can do now

Recommended actions:

The SP3 delay doesn’t change MIM’s support status, and the delay itself may ultimately prove short.

However, until a confirmed release timeline exists, organisations should avoid planning assumptions that depend on SP3 arriving within a specific window.

SharePoint support deadlines remain fixed. Identity programmes that revalidate dependencies now and prepare multiple delivery paths will retain far greater control, regardless of when SP3 arrives.

While it’s clear that MIM continues to play an important role for many organisations today, the reality is that its long-term trajectory is finite. The objective is to stay within Microsoft, stay supported, and stay in control, whether that means extending, coexisting, or progressively evolving toward Entra capabilities.

As Microsoft provides further clarity on SP3 timelines or support options, we’ll update our guidance to reflect the latest position.