Hi, 

We need to configure FIM to set folder permissions for users when their account is disabled. Example: 

User leaves the organisation and his account is disabled by FIM, I then need FIM to give full control to that users manager over his home folder. I am guessing the best way would be to use a powershell MA to achieve this. I dont need to create or delete the home folders just give permissions to the users line manager when they leave.

Does anyone have a script that would do this or any helpful advice. 

Thanks

Not pretty, but you could do it using workflow which triggers when the user gets disabled. This workflow would extract the user's manager then use commands to modify the folder ACL.

I'd suggest looking at the FIM PowerShell Workflow activity (from Codeplex) - I've written a lot of custom WF using that.

The downside of this approach is it will be a fire-and-forget operation, so you won't be able to get confirmation of the ACL changes through FIM (although you can put some confirming code in the WF itself), but its easier than writing your own MA.