add attributes to an AD Inbound syncronization Rule with Powershell

Hi all,

i created an AD inbound synchronization rule and after i run the sync i can't access the portal even with the fimadmin account, i guess it's missing the objectSID and domain attributes, can i add these attributes with power-shell script and if yes what is the commands.

March 4th, 2015 5:51am

No, you cannot set those values as you don't have any account that can be used to do so. You can try to do it, but you would fail as you have to have valid credentials to access FIMService and update any values there. And if you don't have such credentials, you'd be unable to update them.

You can use Sync engine if FIM MA service account still works as expected to fill those attributes - create direct import flow from AD and export to FIM (remember that your direct flow has to be precedent)

Or restore your copy of FIMService database that you did before making changes.

Free Windows Admin Tool Kit Click here and download it now
March 4th, 2015 7:59am

Thanks Dominik,

this Import Export will be in the AD MA or the FIM Service MA?

March 4th, 2015 8:29am

Also if i reinstall FIM Service and Portal will this fix the issue.

Free Windows Admin Tool Kit Click here and download it now
March 4th, 2015 9:12am

Import would be on AD MA

Export - on FIM Service MA

Please remember that "Domain" attribute is not stored in User object in AD - if you want correct domain value, create constant import flow with netbios domain name as attribute value.

March 4th, 2015 12:33pm

Also if i reinstall FIM Service and Portal will this fix the issue.

Free Windows Admin Tool Kit Click here and download it now
March 4th, 2015 12:33pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics