Hello everybody!

I need to create a MPR for grant permissions to read and modify a range of users. I created two sets, one for users and another for administrators, but administrators set must have the members of a existing security group. Is it possible?

I try adding security group into administrators set but the permission is not detected :-(

Thanks in advance for you help.

The only way permissions will work if you scope them to a set using an MPR and if that set contains users from the portal. That being said, you are looking for a mechanism that keeps a set membership in sync with a security group.

One option could be a scheduled tasks on the FIM server which reads the AD group from time to time and adds the required people to the set you want. Perhaps not as nice, but if the group isn't changing that much, it could work for you.

Perhaps another way: have your security group synced from AD to FIM. have an MPR fire whenever a write to the member (or it's equivalent in FIM) happens. That could then execute a workflow (for example with a powershell script) which adds your user to your set.

It's a bit creative, but it could cover your needs...

Hi Thomas!

Thanks for the clarification.