I'm working with ILM "2" to manage tokens(an arbitrary object) from an external server. I've created an MA for this external source and have configured the atrribute flows through the ILM portal (one sync rule for import and one for export since the import/export setting for the sync rule does not work). I've created the appropriate mgmt policy, set,and workflow so when a new token is created the sync rule is fired to export attributes to a metaverse token. The problem is that when I try to export the new metaverse object my custom MA doesn't detect that a new object has been added. The object is properly imported to the metaverse from the application store, but not to the external MA. I set the Create Object in Connected space option for the outbound rule. The environment is the Hyper-V virtual image where I've added the above external MA and modified the ILM MA to sync on the new object in the metaverse and the application store. Why can't the external MA see that a new object needs to be exported? Thisbi-directional provisioning worked when I configured the external MA attribute flow andjoin/projection rules through Identity Manager. But I'm using the synchronization rules in the ILM portal since that seemed to be what I was supposed to do. Can an inbound sync rule and an outbound one point to the same MA and the same object? Thanks, Colin

Colin, there are some preconditions your scenario must meet for successful outbound provisioning. To get a better feeling for how codeless provisioning works, you are better off using one of the existing walkthroughs we have developed and use it as template for your configuration. The Introduction to Outbound Synchronization has next to the steps also some conceptual information that explains how the outbound process works. Cheers, Markus ///////////////////////////////////////////////////////////////////////Markus VilcinskasTechnical WriterMicrosoft Identity Integration Servermailto:markvi@microsoft.com.NO_SPAMThis posting is provided "AS IS" with no warranties, and confers no rights.Use of included script samples are subject to the terms specified at http://www.microsoft.com/info/copyright.htm///////////////////////////////////////////////////////////////////////

Markus, Thanks for the speedy reply. I'll see if I missed something. Been working with this for2 months but the Sync rules in the Portal is new.I'll bet I missed something.Thanks,Colin

Markus, I've followed the document as stated but I still cannot see the Export to the connected system properly. A couple of differences from the document:1. I have an inbound sync rule associated with the extended MA (the file MA in the document). All documents and examples I've seen do not have a bi-directional flows or one for inbound and one for outbound. Usually one is the source and another is the destination (except the ILM MA, which is bi-directionally configured in Identity Manager).2. I onlyneedone set (All Tokens). I added an arbitrary set (All "New" Tokens) because the example had a different set associatedwith the target. No luck.3.I don't have the provisioning tab for my token as I have not created an OVC.I assume I should be able to see the outbound sync rule in the Expected Rules List under the Common attributes tab. Correct?Not sure why I can't see the sync rule. Any ideas?Thanks,Colin

Okay I found the issue with not getting the outbound rule to appear on the target object (I had the wrong requestor set).I'm still having issues with getting my AVP exporter to see the new object to add. Everything is correct until the "Synchronizing the scenario user" line. Then all I get is the export for the ILM MA. Everything else is fine I just can't get the sync to work right. I have confirmed that all needed attributes are present(I think) and the object projects into the metaverse correctly. But the previews show only the ILM MA gets updated.Thanks in advance,Colin

Hi Colin,There area few things needed in order for the provisioing to happen, the most important, is the creation and association of the ExpectedRuleEntry (ERE) object. This object links the Token object to the appropriate SynchronizationRule object. I would do the following to make sure the ERE exists and points to the proper Synchronization Rule.1. Locate the Token object in the Metaverse using "Search Metaverse"2. Check for a value in ExpectedRulesList and click the linked value. This will display the ExpectedRuleEntry that is associated with the Token.3. In the ExpectedRuleEntry object, there should be a link to the associated sync rule in either the SynchronizationRuleID or the SynchronizationRuleName. Click that link and view the Synchronization Rule.In the Synchronization rule, there should be an attribute "createConnectedSystemObject" which should be set to True. In the Tools / Options menu, please ensure that "Enable Synchronization Rule Provisioning" is enabled. If all of these things seem to be in order, but you are still not getting the objects to provision into your management agent, I would try using the Preview function of the Sync's Identity manager to see what errors might be returned.Steve Klem