I want the FIM Portal to automatically assign users that I'm exporting from the FIM Service into AD to be put into an already existing AD distribution group based on attribute data. For instance, I have 3 departments: 1,2, and you guessed it, 3. :) I want the users to be added to "DistributionGroup1", "DistributionGroup2" or "DistributionGroup3". I've created 3 Sets in the FIM Portal, and the user accounts are showing up in the search properly, but I can't figure out how to create a Workflow or MPR to do this, or if it is possible. Any help is greatly appreciated! THANK YOU in advance!

Have you seen this http://technet.microsoft.com/en-us/library/ff686261%28WS.10%29.aspx Why don't you use distribution groups instead of sets? Just create the filters in distribution groups and provision those groups to AD. If you don't want to "overwrite" your existing AD group, then add this new group to be member of the old group.

You can configure your distribution groups to be criteria-based. This is pretty similar to defining Sets. There is no need to define a specific workflow or MPR to do this. See the Introduction to Security Group Management for more details. Cheers, MarkusMarkus Vilcinskas, Knowledge Engineer, Microsoft Corporation

Thank you for the fast replies! I created the criteria based distribution group in the FIM Portal, but I'm missing how the group is exported and created (or an existing group in AD would be updated) from the FIM Portal.

You can find a detailed description on how to synchronize groups in the How Do I Guides. To make this work, your best bet is probably to create a group in the portal according to your requirements, and then to provision the group to AD. Cheers, MarkusMarkus Vilcinskas, Knowledge Engineer, Microsoft Corporation

OK, I'm getting it now. I have to go back to the AD MA and add the Group object type and start from there. Thank you for the help! I think I'm on the road to success now. :)