FIM: Bulk Delete Expected Rule Entries Using FIM OTB features

FIM: Bulk Delete Expected Rule Entries Using FIM OTB features

 

Introduction

This article gives the :Step-by-Step guide to delete All ERE or EREs for any specific Sync Rule. This article uses all FIM OTB features to perform this Activity. You need not to use any PowerShell scripts or commands.

Best thing , As we will use FIM OTB feature we can keep the track of deletes and actions into "Search Request" sections. By following this article you can perform the deletion of any kind of Objects as well. It is not bounded to only EREs.

 

Before You Begin

Before We start with the steps we need to consider few things:

  1. As this task is related to Object deletion so we need to take backup of Both FIMSync and FIMService DBs.
  2. Set-up metaverse deletion rule to delete mventry if deleted from FIM Portal.

Steps

  1. Create One Set "Objects to delete".
    • In criteria tab: select "expected rule Entry or Object Type" and "Any/All".
  2. Click "Add Condition" and select "Display Name" is Equal/Starts with "Give the name of Sync for which you want to remove ERE".
  3. Create one More set "Expiration Set".
    • In criteria tab: Select "All Resources" and "All".
    • Click "Add Condition" and select "Display Name" is "Expiration Workflow". Click Submit.
  4. Create one "Request Type" MPR name "Give Permission to Expiration Workflow to delete ER type resources". 
    • In Requestors select Specific set "Expiration Set".
    • In Operations select "Delete resource" and "Remove a value from a Multi-valued attribute". 
    • Select "Grant Permission" into Permissions part.Into "Target Resources" tab select "All Expected Rule Resources" for Both before and after section. 
    • Select "All Attributes".
  5. Create one more Set-Transition MPR "Delete EREs". 
    • Select transition Set "Objects to delete". 
    • Select transition type "Transition-In".
    • In Policy workflow tab select "Expiration Workflow". 
  6. Modify "Expiration Workflow" to "run on policy update".
  7. We are all set to delete desired EREs by Resetting filter criteria into "Objects to delete" set.


How to track if it is working

Please follow below steps to verify if it is working:

  1. Go To FIM Portal--> Administration.
  2. Click "All Resources".
  3. Search for "Expected Rule"--> Click.
  4. You can search here if the total number of EREs are decreasing on Page Refresh.
After Running FIMMA Import and Sync you can see changes into MV as well.
Sort by: Published Date | Most Recent | Most Useful
Comments
  • great work !!!

  • It is a great article. Helped me to delete almost 60k+ entries for one of my customers without going with the PowerShell solution.

  • It is a great Article. Helped me to delete almost 60k+ ERE's for one of my customers without going to powershell script.

  • Giriraj, why is the article helping you when it is your article? Was this the step you used for your client?

    Rakesh, why did you paste in what Giriraj wrote? Because it looks like Giriraj meant to switch accounts to Rakesh to leave that comment. Is that what happened?

    Thanks!

  • Actually I don't know about comment similarity but yes We both work for same organization and Rakesh was working for a client and He needed to delete All orphan ERE's from Portal and then Metavarse as well but His client was not confident to use PowerShell. He asked for my help and I suggested him this solution. After successfully tested into My Test environment I shared this to Rakesh and He implemented this for his client (Which is indirectly mine as well).

    After that I thought It is good if I share this OTB feature to eliminate the PowerShell dependency. That is why I commented here and as It also helped Rakesh as well.