Hi,Which would be the easiest / most clever way to add/remove a value from a multi-value attribute on a user, fx proxyAddresses? Is it even supported out of the box or do I write my own custom workflow for this?I have a scenario where roles are goverend by AD group membership on a one-to-one basis, i.e. if user is member of this group, add this appliction role to user (app roles are a multivalue attribute on the user/person object)Scenario might be:1) Set = All Groups where Name starts with AppRole2) MPR = when "All People" modified "Manually-Managed Membership"3) Action W/F = Add or remove value from multi-value attribute on the person being added or removed to the group, fx adding or removing an application role Regards, Soren Granfeldt --------------- http://granfeldt.blogspot.com

Hi Soren! Your best bet is to use the UpdateResourceActivity . It's important that you specify UpdateMode Insert or Delete instead of Modify on multivalued attributes for the UpdateRequestParameters you add to the UpdateResourceActivity. The UpdateResourceActivity can't be added using the FIM workflow UI, you'll have to create a custom workflow or activity. //HenrikHenrik Nilsson, ILM/FIM MVP Blog: http://www.idmcrisis.com Company: Cortego (http://www.cortego.se)