I am having issues with old exports to MV. I am having the same issues as this thread: http://social.technet.microsoft.com/Forums/en-US/ilm2/thread/d6408dd8-ae66-4f5b-8fb9-edae45c0396d. However, there is no response on how to clean the old exports since I have updated the sync rules with all the correct group attribtues. Anyway to delete the old exports giving me errors so I can run a clean export to MV?

You could delete the content of the connector space. Cheers, Markus Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation

Ok, I deleted the space and seem to get the same error so I must have my groups set up incorrectly. Here is what I have for inbound sync rule: IIF(Eq(BitAnd(2,groupType),2),"Global",IIF(Eq(BitAnd(4,groupType),4),"DomainLocal","Universal")) = scope IIF(Eq(BitOr(14,groupType),14),"Distribution","Security") = type false = membershiplocked none = memberaddflow NETBIOSNAME = domain Then for the Configure Attributes Flow for groups in the FIM Service MA, not AD MA, I have this configured: Import: Data Source : Metaverse Membershiplocked = membershiplocked Memberaddflow = memberaddflow Domain = domain Scope = scope Type = type I do a Full Import and Sync, then an export. The export says: Required attribute "Domain" missing. Then the other missing attribute errors... The "Domain" is capitalized, I am not sure what I am missing here to get this from not erroring out on the web service during an export. Thanks.

NETBIOSNAME = domain Does this mean, you are flowing "NETBIOSNAME" as value for the domain attribute? If so, I doubt a bit that this is the right value. The value of this attribute is the nETBIOSName of the domain a resource belongs to. You can use this script to see what the value of this attribute should be. Please see How Do I Synchronize Users from Active Directory Domain Services to FIM for more details. Cheers, Markus Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation

NetBiosName is the Domain name. I did not want to provide my domain for the example. The user syncrhonization is fine. I deleted all the AD and MA connector spaces. However, I am getting errors with the below for the groups: Membershiplocked Memberaddflow Domain Scope Type I have followed this document, http://social.technet.microsoft.com/Forums/en/ilm2/thread/e6a09fa9-e8bc-4fd1-bc19-b07c21375ee3, but still receive the errors.

NetBiosName is the Domain name. I did not want to provide my domain for the example. Just making sure - it will have to be the valid value for your objects. It just seems to be an odd name for a domain :-) Since you still get the error for all these attributes, you should do a connector space search and verify whether these attributes are set on the affected group objects in the FIM connector space. Instructions for verifying whether your objects have the required attribute values are in the Introduction to Inbound Synchronization and Introduction to Outbound Synchronization. Cheers, Markus Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation

Followed, these except outbound. I am not doing any outbound synchronization to Active Directory. I just want to get the groups into the FIM MA. When I do a search on the FIM Service MA, I can see the the group but when I validate the object schema it gives me the errors that the attributes for the groups are not there, so the export errors for the FIM Service MA. Even when I look in the Metaverse Designer and look at the attributes for the groups they have a precedent set to 1. I can even search the Metaverse and find the groups but the object schema still has errors. Do I need to create an outbound syncrhonization rule for groups? Also, if I look at the AD connector space and do a preview and drill down to Connector Update > Export Attribute Flow, I receive a bunch of these for the groups: Skipped: Not Precedent,membershipAddWorkflow,Direct,MembershipAddWorkflow,,(Deleted) Skipped: Not Precedent,membershipLocked,Direct,MembershipLocked,,(Deleted) etc..

This means that you must have import attribute flow mappings configured for these attributes on your FIM MA. Remove these flow mappings, and then run a full synchronization on your FIM MA. About Attribute Flow Precedence. Cheers, Markus Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation

Ok, I got the errors resolved. I had the Configure Attribute Flow incorrect in the FIM Service MA. The group attributes where from Data Attribute Source to Metaverse. Since I do not have these defined in AD it was erroring. Therefore my synchronization rule would not supply the FIM Service MA the group attributes, it was wanting the attribute flow to already have the attribute.