Hi All, 

I am quite new to FIM. I recently look at some videos and blog and Later I search that when we have to add role to user we can not do it directly in user object. Instead we have to add user to group for active directory MA.

I tried to look at list of attribute in Active directory MA Configuration but there is no such property called memberOf. 

Can you please let me know what we have to do manage memberOf attribute in AD.

Thanks.

Jinal, the 'memberOf' attribute cannot be managed because it's a back-link. You can use the AD MA to set a groups 'member' attribute (the forward-link).

Cheers,

Ok. 

I still have confusion but I do understand for AD.

What about other system ? 

As I am new I want to know that which component is actually writing data to AD ( Or any external system). 

In FIM All I can see is that , It is either MVEntry or CSEntry but this is internal to DB. When we export it will write to actual AD system or any external system. At export type which component is writing Data to AD. As FIM is using .NET framework there must be a class called "DirectoryEntry" should be used to manage AD objects.

Any help would be appreciable.

You'll need to familiarise yourself with the management agent component. Typically, for an AD DS connected directory, you'll need the AD DS MA, which handles all communications with the directory service. If you want to manage another connected data source, then you'll need to have a look at the corresponding MA.

Cheers,