I am receivied this error in the Search Request in FIM portal when I export a group: <RequestStatusDetail xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" DetailLevel="Information" EntryTime="2010-06-14T21:02:31.7267971Z">Group validation failed: Displayed owner is not set.</RequestStatusDetail> I check the MPR's for this request and they are all enabled and the account which does the export has access to these MPR's. I also get during the export: There is an error executing a web service object creation request. Type: Microsoft.ResourceManagement.WebServices.Client.PermissionDeniedException Message: Fault Reason: Policy prohibits the request from completing. How do I set the Display Owner?

This is covered in How Do I Synchronize Groups from Active Directory Domain Services to FIM in Extending Your Group Synchronization Logic. Cheers, Markus Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation

Markus, Should it error during the export? The Extending Your Group Synchronization Logic shows that you can still import the group. So why would I get failed web service creation error during the export? Is this just to show that the Display Owner needs to be set? There is an error executing a web service object creation request. Type: Microsoft.ResourceManagement.WebServices.Client.PermissionDeniedException Message: Fault Reason: Policy prohibits the request from completing. Also, I ran the MPR script to check if everything is correct and it came back clean saying MPR was configured correctly. Thanks, Nathan

Nathan, there are two different issues in your post. You don’t have to set owner and displayedOwner on the synchronization side. You can get a group synchronized into FIM without specifying values for these attributes. The impact of not setting these attributes is covered in the article. At a minimum, you can set these attributes manually. Where your “permission denied” comes from is a different story. You can review your request queue – there should be a denied request with more details. You can also try this script, first. Have you actually verified, that the MPRs that need to be enabled, are enabled? Cheers, MarkusMarkus Vilcinskas, Knowledge Engineer, Microsoft Corporation

Nathan, you are not required to set owner and displayedOwner during in an export to FIM. The article I have referenced outlines the effect of not setting these attributes. When you run into a PermissionDeniedException exception, you need to determine the condition of it. This script might help you in this context. The script only checks the requirements for synchronization – your exception can come from a different operation. A PermissionDeniedException during an export results in export failures. If you don't see export errors reported, the exception is not related to it. Cheers, Markus Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation