All, I am having an issue flowing the member attribute to AD. Adding a new user to a group works fine, but remove does not. I have a criteria based group 'AGROUP' where the criteria is based a user attribute containing the value 'AGROUP'. If I add a user, it works fine and it flows into AD, but removing does not not. Metaverse gets the updates, but AD does not. I have a sandbox and checked the settings, which appear to be the same. It works in the sandBox, but not in the environment of interest. Thanks in advance for your help, much appreciated!Nosh Mernacaj, Identity Management Consultant

If you want to flow out empty groups to AD DS, you need to enable null flow for the member attribute in your outbound synchronization rule. I would first start with more than one user and verify that the removal scenario works as expected before testinig empty groups. Cheers, MarkusMarkus Vilcinskas, Knowledge Engineer, Microsoft Corporation

Thanks a lot Marcus, It worked.Nosh Mernacaj, Identity Management Consultant