Adding ldap groups to AD but also want to populate them with members. The LDAP conn. space has the attribute "memberUid" (type string - multivalue)) and this contains all members (only contains the members accountname). How can I get those names into the MV? I tried a flow definition from "memberUid" to "members" but that doesn't work (string to reference error). What would be the best approach???

Thanks

M.A.

Hello,

i also did this a very Long time ago (MIIS times).

The only way is to use advanced Attribute flows with rules extensions in MA flows

You can use the Util.FindMVEntries Method to search the mv for objects with the accountname you have in the Attribute and with that set it as a reference to the member Attribut of Groups in MV.

See: http://msdn.microsoft.com/en-us/library/windows/desktop/ms698819(v=vs.85).aspx

Regards
Peter

Thanks Peter, will give that a go.

Mik

I don't see how that would work, at least not today with FIM 2010. Reference attributes are not permitted to use Attribute Flows with Rules Extensions. I am struggling with the same problem as the original poster. I cannot source group information from an posixGroup using the "Oracle (previously Sun) directory server" MA. The inability to use flow rules on reference attributes is something I've hit my head on so many times.

Hello.

yes you are right, did not read the fact of reference attributes correctly in the starting post.

So a solution could be to fill a SQL table with the memberUid string information, and import that table as a multivalue table to FIM, so you will have references then.

Maybe by querying the LDAP with PowerShell and write Data to the SQL table.

Bad thing the non advanced reference flow in FIM

-Peter