Hello.

I have a problem. My system has users information only in FIM and I'm able to export wirh success these users into AD running the following profiles:

1) Full import (ADMA)

2) Full synch (ADMA)

3) Full import, synch, export, delta import (FIMMA)

4) Export with ma-extension-error (ADMA)

5) Delta import (ADMA)

Users are successfully write into AD even if during the export phase ther is the problem written above.

Moreover, I modify a user attribute in AD and I want to propagate this change into FIM.

So I run:

1) delta import

2) delta synch (ADMA). (everything ok)

3) export (FIMMA)

When I run export for FIMMA an error appears for every user Detected Rule Entry: failed-creation-via-web-services.

If I click Validate object against schema, "Required attribute 'Connector' is missing" appears in Export in progress tab.

If I click Preview and Generate preview it says Synchronization succesfull. On the left, I click Connector Updates and I explore Attribute flow for Detected Rule Entry object of FIMMA and I notice that synchRuleID, displayName, connector, resourceParent, objectType have skipped: Not precedent status and Final value (Deleted). Only <object-id> is applied.

It seems that the connector space of Fimma was deleted automatically.

What can I do? Thank you in advance.

• Moved by Anca PopaMicrosoft contingent staff Tuesday, July 19, 2011 7:38 AM English and not Italian (From:Sicurezza, Microsoft Forefront, Gestione degli Accessi e delle Identità)

Moreover, I able to create a new user and to export it succesfully into FIM. The problem is the update phase..

you need to configure your AD Sync Rule as inbound/outbound rule, enable both "create resource in FIM" and "create resource in external system", then configure your attribute flow for the inbound and outbound.

in synchronization service manager you need to configure the metaverse attribute precedence.

refer to this for understanding how synchronization and attribute precedence works:

Understanding Data Synchronization with External Systems

Thank you very much Mr. Almotlaq. I reached the solution reading very carefully your suggested article and these rows rappresent the solution:

"......The creation of an object in the metaverse is always initiated by an object in the connector space. This process is also known as projection. In addition to projecting a new object in the metaverse, a connector space object can also join to an existing metaverse object. Both processes, projection and join, establish a link relationship between a connector space object and a metaverse object. In the FIM terminology, a connector space object that is linked to a metaverse object is known as a connector. If a connector space object does not have a link relationship, it is known as a disconnector. The following illustration shows an example of this........"

In other words, I created Join and Projection rules in ADMA configuration - Configure Join and Projection Rules for group, organizational unit and user.

Moreover, I putted equal precedence for group and user attributes except than some attributes I wanted to have particular precedence.

Thank you very much again for your suggestion.

• Marked as answer by greenmp86 Tuesday, July 19, 2011 3:23 PM

Dear Sir,

I have created the sync rule properly but still users are not exporting to the external AD. FIMMA Export in not provisioning Metaverse to ADMA Agent. Please help me in it.

Regards,

Shakeel Shahid