I would like to set AD group membership with the FIM 2010 R2 Syncronization Service. Basically I want all users that have connectors to AD to have be a member of my "BasicO365" security group.  I've ironed out all my provisioning of user accounts and setting rules extention to set proxy addresses according to their employeeType. Now I just need to assign Office 365 licenses, but I need to make sure they all have a common group for the powershell scripts provided by the O365 community. Has anybody done this with the Syncronization Service? I don't plan on using the Portal and I prefer to write my own code.... or in this case learn how.

I already have the group imported and synced into the metaverse and now I'm just wondering how to add members.

thanks in advance for anybody that can help.

Here is what I'm trying... we'll see after I get to the point where I can run an export:

Case "LicenseGroup"
                If csentry("member").Values.Contains("accountName") Then
                    Return
                Else
                    csentry("member").Values.Add("accountName")
                End If

            Case Else

Can I call accountName since I set up Attribute flow to be from Person to Group?

Looks like this question might have already been asked but no offical answer:

http://social.technet.microsoft.com/Forums/en-US/76b0e7db-2666-4b12-9965-2a4238ab28eb/how-to-add-members-to-groups-using-classic-provisioning-no-portal

Hi,

You can do one thing. I am not you are looking for this or not.

Just read ADMA connector using Rule Extension and i that set a Metaverse attribute value "True" if it exists. Map this metaverse attribute with any custom or existing, Which you are not using, attribute. and set the group criteria on portal on the basis of this attribute value.

I hope this is what you are looking for.

Thanks~

Giriraj Singh Bhamu

I was hoping to say away from the portal if possible. I'm thinking about just scheduling a powershell script but I was hoping to get the flow in the FIM Sync Service so I have one location to watch. Thanks for your post. 

You could certainly follow the advice in that post and populate your membership via an external source to then use a multivalued attribute table to populate the membership. (I doubt there's anything un-supported about that approach. At least, I've not heard of anything.) 

Carol's written a guide on using the multivalued attribute tables if you are new to that which might be helpful: http://www.wapshere.com/missmiis/who-needs-group-populator-when-you-have-multivalue-tables

Depending on your user load, the multivalued attribute table option can be time consuming. However, this would keep the membership flows within FIM if you are looking to keep all data flows in one place.

HTH,

Sami