I have tried to provision computer object to AD from FIM. The problem I run into and want som help with is that when I try to export my ADMA I get the followin error: cd-error A required attribute is missing. Required attribute 'cn' is missing. Then after the export the conector space object for the computer is auto-deleted. If I add this attribute to the sync rule I got the followin error insted: constraint violation A required attribute is missing. Without any error code when I click "Validate object against schema". when I make a "Full preview" and verify the "Export attribute flow" for the outbound sync rule to AD I can see the followin status for the cn attribute: Skipped: Not Precedent. I'm using declarative provisioning (no code) for this and I have read the two following articles: http://technet.microsoft.com/en-us/library/ff608270(v=ws.10).aspx http://blogs.technet.com/b/doittoit/archive/2008/06/25/extending-ilm-2-to-manage-and-provision-computer-objects.aspx The objects are also addes as "Provisiong Disconnects" when Im running the FIM MA. Some one who knows what this menas and why they are set as "Provisioning Disconnects"?

You can't set the CN of an object directly. To set the CN of an object, you need to configure a DN flow - like you need to do this for all other AD DS objects. When provisioning runs into an object that already exists in a CS, but has not been exported yet (like in your case), the conflicting object is removed and a new object is created. The deleted dupes are also known as provisioning disconnects. Cheers, Markus Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation

I flow DN to the object and it's done with the following custom expressionin the outbound sync rule: EscapeDNComponent("CN="+displayName)+",OU=w,OU=u"+",DC=x,DC=y,DC=z" -> dn And it looks lite the DN is set as it should but the object isn't provisioned (created) in AD. The FIMMA account which provisions the objects have the correct permissions as well. Thanks for the description of how the provisioning disconnects work, now I understand what those are and how they appear.

Is your DN flow configured as initial flow? Cheers, MarkusMarkus Vilcinskas, Knowledge Engineer, Microsoft Corporation

Yes, it is set as initial flow only. The other attribute the sync rule is handeling is samaccount name which is populated from displayname aswell, and it is also set as initial flow.

Are you adding a "$" to your samAccountName? Cheers, MarkusMarkus Vilcinskas, Knowledge Engineer, Microsoft Corporation

I concatenated the value, $, to the accoutname which flows to samAccountName but I'm still presented with the same error: cd-error A requierd attribute is missing Required attribute 'cn' is missing. (shown in Export in Progress) If I try to create the computer object with ADSIEDIT for example and with the FIM MA account it works and all I need to specify is CN and samAccountName. I also tried to flow out the objectCategory but when I do that I'm presented with constraint-violation. I have also created a inbound flow which works so the computer objects are synchronized into the portal but provision sitll fails.

Just to check - is the displayName attribute populated, otherwise, you'll have something like "CN=(null), OU=...." for the dnRegards, Soren Granfeldt blog is at http://blog.goverco.com | twitter at https://twitter.com/#!/MrGranfeldt