none
Sync Rule Deprovisioning RRS feed

  • Question

  • Hi,

    We have configured "Stage a delete on the object for the next export run" on the SQL MA.

    In the metaverse, I found a user with a connector to the FIM MA & the SQL MA.

    If I manually disconnect the user from the SQL MA in the metaverse, why is the user not deleted from the SQL table that the SQL MA connects to?

    Instead, nothing happens when I run an Export on the SQL MA. However, if I run a Full Sync on the SQL MA, the disconnected user Joins the MV objects.

    What am I misunderstanding?

    thank you,

    sk

    Tuesday, May 14, 2013 8:54 AM

Answers

All replies

  • Have you configured an object deletion rule in the metaverse designer?

    Tried a full import, sync and export?

    Tuesday, May 14, 2013 1:37 PM
  • Hi,

    The object deletion rule is on default - as the objective here is not to delete the MV object, but rather delete the record in the connected system.

    I can delete the SQL record using Portal logic. However, I am just trying to further understand FIM.

    So if I have "Stage a delete on the object for the next export run" on the SQL MA, and in the MV I disconnect an object in the SQL Connector Space...shouldn't this delete the record in SQL on next Export?

    Thank you

    Tuesday, May 14, 2013 11:16 PM
  • S.Kwan,

    Deprovisioning happens under 1 of 2 conditions:

    1. the object is disconnected when MetaVerse object is deleted
    2. the object is disconnected via a provisioning rules extension

    Additionally, if using Sync Rules in the FIM Portal, you can set up deprovisioning to run when the Synchronization Rule is removed from the resource. 

    If you want to retain the MV object, but deprovision the SQL record, you will have to use a provisioning rules extension or set up the Portal policies to remove the Sync Rule when the proper rules apply and enable that deprovisioning process.

    Wednesday, May 15, 2013 11:39 PM
  • Manually disconnecting a SQL record will not trigger the deprovisioning logic. As Rebecca says, it only gets triggered when the MV object is deleted or when the object is disconnected in a provisioning rules extension.

    You might find it useful to review this: http://social.technet.microsoft.com/wiki/contents/articles/1860.understanding-deletions-in-ilm-2007.aspx#Deleting_objects_in_a_connected_data_source (bit outdated as it's for ILM, but the concepts are the same)

    - Ross Currie


    FIMSpecialist.com | MCTS: FIM 2010 | Now Offering ECMA1->ECMA2 Upgrade Services

    Thursday, May 16, 2013 1:43 AM
  • This is correct, Ross.
    Just one minor correction - the content is not outdated.
    This is all still true for FIM.

    Cheers,
    Markus 


    Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation

    Thursday, May 16, 2013 9:07 PM
  • This is correct, Ross.
    Just one minor correction - the content is not outdated.
    This is all still true for FIM.

    The concepts are the same, but it IS a bit outdated. For example:

    FIM has more options.

    - Ross Currie


    FIMSpecialist.com | MCTS: FIM 2010 | Now Offering ECMA1->ECMA2 Upgrade Services

    Friday, May 17, 2013 12:08 AM
  • Thank you for all the responses - its all clear now.
    Friday, May 17, 2013 12:20 AM