Hi,I have a senario where i have Active Driectory and ILM 2 and wanted to syncronize data in and out to eachother. I gone throught Inbound Synchronizationand replaced File MA with my AD MA and selected required Attributed for AD to sync.then i created ILM MA where i mapped person to person and all attributes flow to import.then i Created Run Profile i.e. full Import, Full Sync, Delta Import, Delta sync & Export for both MA.Then Created a Set,Process and policy in ILM portal. After all this i Run Profiles starting with ILM MA by full Import followed by full Sync ending with Export. then created a new user with test credential and information.then run ILM Ma with Delta import and Full Sync. then Executed AD MA with Full Import and full sync . Till her i get all results but when i click in Export which should export all data to AD does not give any result and all Info is 0.I could not understand where i am wrong in the procedure. can anyone please help me to let this thing work. please help me , Thanks in advanceMohitMohit Goyal

Hi Mohit, did you check the "Initial flow only" checkboxes in the outbound synchronization rule? Cheers, Paolo

yes as directed in the document , i checked initial flow olny for Employee ID,uniCodePwd,userAccountControl and dn. i got once entry added to the Ad but when i tried to do it again i failed everytime. did i missed anyting here?Mohit Goyal

An inbound synchronization happens from a connected data source to ILM.You explanation actually sounds like you are trying to perform an outbound synchronization of a portal user to AD.This scenario is covered in Introduction to Outbound Synchronization.Cheers,MarkusMarkus Vilcinskas, Technical Content Developer, Microsoft Corporation

i had configured the steps directed in Outbound sync guide. now i am getting few errors which are as follows1- cd-existing-object2-dn-attribute-failureHowever, i suppose the error No 1 is due to users existing in AD but it is comming for those users who were already present in AD before ILM implementation.After exporting users from ILM to AD, none of the new added users giving error.Regarding error No 2: it is comming while running Export on AD MA, however users are added to AD and functioning good. but still error is comming for only for few users. rest if add more users no error. Is this error in it`s memory? if it is how can i flush it.All these errors are comming while AD Export function. CS also shows some attributes pending for Export as well al Import.I could not find where i missed as i follow each step instructed by the Guide.also i wanna know when making Run Profiles as a scheduled job, do i have to configure all Run profile starting from Full Import? Mohit Goyal

I ran into a similar situation while provisioning AD with identities from multiple authoritative data sources.It turned out, when I reverse joined AD back to MV objectin with delta sync(instead of just delta import stage onlyfrom AD) the problem appeared to go away. The reason I did this was not just to fix export errors and failed service errors but to also import objectSid from AD which in turn is a required attribute when synchronizing proxy objectsinADout toADAM.Hope this helps. Anu

Can anyone explain me these error, microsoft does not hae any info for these error,1. cd-existing-object2. Failed-creation-via-web-services :- i followed postbut i an getting error for missing many attributes including domain,scope,owner etc3. sync-rule-provisioning-failed :- i checked dn is set for initial flow only and this is happening for 2 users out of 5 users. why so?4. ma-extention-error :- It says Required Attribute "cn" is missing. but to every attribute where ever cn is required it is already present.5. no-start-ma :- i resove this issue by restarting the server but this is not the fix.please help Mohit Goyal

Unfortunately, in ILM "2" RC, a.k.a. RC0, the only way to ascertain the real meaning behind any errors raised by an MA is through a combination of the MIIS (synchronisation engine) errors logged to the event log (application log) and those generated in a WCF trace. If you're seeing all of the above, consider deleting the CS for all of your MAs. Import each, synchronise the ILM MA, then update the precedence in the MV designer. Once this is done, run previews against objects in the CS of your other MAs to see if synchronisation is anywhere near expeceted. If it is, run a full synchronisation on each MA and then export as required. Follow up with delta imports and synchronisations and more exports and see where you are. If you start hitting existing objects or WS failures you'll need to re-evaluate your OSRs (paying particular focus to the join rules) and then enable tracing in the ResourceManagement service configuration file and start troubleshooting it this way.Note, re. failed-creation-via-web-services, here's a couple off the top of my head:-- ILM MA is configured with an account different to that in the resourceManagement configuration file (causes synchronisation account to go through AuthN and AuthZ phases which you don't wanT).-- Attribute/attribute binding validation enforcing attribute values, e.g. you're flowing "Permanent" as employeeType when the default attribute binding regexp only allows "Full Time Employee", "Contractor" and "Intern".-- SQL client timeouts. Due to a combination of expensive MPRs and IOPS to your SQL database the request is timing out.You also need to verify that all required services are up and running, as I've seen cd-errors that have been righted by a full import and full sync after service restarts (mainly around SQL failover when installed on an FC).Also, watch out for the bugs where the synchronisation rules get trashed. To fix this you need to disconnect from the ILM CS, import and [re]sync. If that fails, you need to delete all of your MAs and recreate MAs and sync rules. Note you can export, delete and import but the UI will render the sync rules such that the GUID doesn't resolve so you won't be able to make changes, so just bite the bullet and recreate...

The errors are described in the documentation that shipped with the product and for example the first error message is the subject of content on the web thatI found here: http://www.bing.com/search?q=cd-existing-object The failed-creation-via-web-services may be the result of an MPR denying you rights, or missing mandatory attributes. RC0 did not disclose the real reason behind the failure, and required you to have intimate knowledge of permitted values for all the attributes on the objects you are trying to export.There is a Greatest Hit article about ways to learn ILM that you can find here: http://social.technet.microsoft.com/Forums/en-US/identitylifecyclemanager/thread/6f572a64-e422-47b1-ac98-3abadbc49d6fAhmadAW