ExpectedRuleList not appllied in several group
Hi guys, I want to build self-service distribution group and already follow the instruction from technet, then when I went to test by joining A(user) to B(group). Then I check at FIM portal, A(user) joined to B(group). But after I sync and look at the AD the A(user) not joining to B(group). after tracing the problem then I realize the ExpectedRuleList not applied and when I look at the B(group), entry for ExpectedRuleList is empty. Then I check for C(group), ExpectedRuleList have an entry for Outbound Group Rule. Any idea guys? rgds, Krisna
June 25th, 2010 5:36am

Did you tick the "Enable Synchronization Rule Provisioning" checkbox in Tools->Options from the Synchronization Service Manager? Cheers, PaoloPaolo Tedesco - http://cern.ch/idm
Free Windows Admin Tool Kit Click here and download it now
June 28th, 2010 6:21pm

Yes, I've already done thatrgds, Krisna
June 29th, 2010 1:48am

ERL management happens in the portal and is a result of a "Set-MPR-Workflow" processing chain: The Set transition triggers the MPR The MPR invokes the workflow The workflow brings a resource into or out of the scope of a synchronization rule The combination of a Set, MPR, workflow and synchronization rule is known as synchronization policy. If an object that should be in the scope of a synchronization rule is not in the scope of it, you need to check your synchronization policy configuration. Apparently, something is not configured the way you need it. Please see Understanding Data Synchronization with External Systems and Designing Business Policy Rules for more details. Cheers, MarkusMarkus Vilcinskas, Knowledge Engineer, Microsoft Corporation
Free Windows Admin Tool Kit Click here and download it now
June 29th, 2010 3:11pm

solved this problem by deleting the problem group, delete workflow, MPR and outbound rule then re-adding it again..rgds, Krisna
July 1st, 2010 5:14am

Should new sync policies be (retrospectively) applied to objects that already exist in the FIM Service database? 1. Install FIM 2. Import five security group objects into the FIM Service using PS client 3. Configure the sync service as required to provision security groups to AD 4. Create the sync policy - OSR, WF, Set & MPR 5. The five security groups are not brought into the scope of the SR (the ERL property is not populated) 6. Create a sixth security group object, it is brought into the scope of the SR, the ERL property is set and provisioning works as expected on the sixth group Any thoughts on this one?
Free Windows Admin Tool Kit Click here and download it now
August 27th, 2010 3:25pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics