Let me explain scenario.

I am using only Synchronization service. 

Now during import of user object and its roles of user. Role contain information about end system as well. 

So for example. If you look at below table it get during import. Now during Export if AD MA is MAName then export only group for user which has SystemName = System1. 

Is This possible ? Any help would be appreciable.

I am not sure of this.

FIM Synch service has attribute filter which actually stores the filter attribute value coming from FIM Service(or say FIM Portal). value.

When you try running import from second table to create Group, try to set filter attribute using concatenate functions.

I am giving one example scenrio from my setup.

Try updating filter attribute, if it works.

My case
<Filter xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" Dialect=""http://schemas.microsoft.com/2006/11/XPathFilterDialect"" xmlns=""/Person[country">http://schemas.xmlsoap.org/ws/2004/09/enumeration"">/Person[country = 'DK']</Filter>

in your case it could be

<Filter xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" Dialect=""http://schemas.microsoft.com/2006/11/XPathFilterDialect"" xmlns=""/Person[SystemName">http://schemas.xmlsoap.org/ws/2004/09/enumeration"">/Person[SystemName = System1]</Filter>

I will try it also in one of my lab setup.

Thanks,

Mann

Filtering is all possible, but I don't quit get the picture of what you are trying to do.

Mann,

_____________________

FIM Synch service has attribute filter which actually stores the filter attribute value coming from FIM Service(or say FIM Portal). value.

____________________

He has already said that he does not have Portal\Service.  Filtering is all possible anyways, though.

Let me give you some more information and as I am new to FIM I will using SQL Server Terminology to explain the problem.

1. Master Table ( ObjectId ( PK) , ObjectType , StudentName , Branch , YearOfAdmission)

    Master table contains information for object Student , Group ( Group can be belong to Any System Like AD , Oracle , SAP )

2. Permission Table ( ObjectId (FK) , ManagementAgentName , GroupId (FK))     

Now this table contain information about Student has which role for which management agent.

I am trying to achieve following thing.

Suppose I have multiple system and above table provide input to FIM Sync Engine ( Means we import from above table)

Now we sync at this time it will sync with Metaverse and it also decide outbound sync that will get affected. Problem is that for second table when it is possible that user have multiple permission for different management agent It should export only for matching MA and other not.

So for example If user1 has permission for MA1, MA2. When We choose Export to MA1 It will only export that match the name and other not. 

Although it is a little scrambled still, by default FIM Allows you to decide who and where to provision to.

Since you are using SYNC Only, this is done in Code (Classical), CSharp or Visual Basic in the Provisioning DLL, MVExtension.DLL. 

1. First you import the data into Metaverse from this table

2. Then the provisioning Code decides who to provision where. 

Here is a sudo example of how it is done.  Of course you have a long way to go here, since you are a beginner. Please spend some time to learn the product before you attempt this.  

void IMVSynchronization.Provision (MVEntry mventry)
        {

            If (mventry["attributeName"].Value.Euqals("Whatever"))

             {

                  Provision (AD)

}       

             {

                  Provision (Oracle)

}       

}

Thanks for this but I already followed one tutorial on Microsoft in which they explain how to import from SQL and move user to AD.  Later I extend that sample to make export to some other SQL DB. It is working fine. During that process I have seen above code to provision to different MA. 

But I also realize that as you provided sample above that what ever I have to do is by writing custom code in provision. 

Apart from this I also need to know which DLL is handling writing to actual AD system from FIM. ( FIM active directory management agent DLL).

Thanks,

Because you are not using FIM Portal which offers the codeless option, you do need to write code.

You may not need a DLL for AM MA.  If you sending information such as Firstname --> givenName, lastname --> sn, then you don't need a dll.  If you are doing something more complex, then you need code.  That dll is called Extension DLL. There could be one for each MA (Again, not required).  Here is how you create it. https://msdn.microsoft.com/en-us/library/windows/desktop/ms695377(v=vs.100).aspx

Again Thanks for quick help.

Yes If we create our own then It will be listed in extension. I want to know location of DLL for AD MA. Means How FIM write data to AD. As This is based on .NET Framework I want to know if possible that How official MA is written so I can create my own for some other system.

MA (Or management Agent) and DLL are 2 separate things. An MA can have a DLL to do avacanced flows, but it is not required. AD Is an out of the Box MA and you don't need your own, but you need to configure it. Out of the box there are a list of MAs, https://technet.microsoft.com/en-us/library/ff608275(v=ws.10).aspx

Here is a walkthrough of the process. https://fim2010techie.wordpress.com/2012/12/10/synchronizing-active-directory-users/