none
MIM (Group Owner) RRS feed

  • Question

  • Hi,

    I am creating security & distribution groups on FIM portal using a SQL MA but I am unable to set group owner's and displayed owner field. I am trying to flow out administrator's employee id from SQL using reference field (DN). My MA flow successfully creates all the groups but don't populate owner field. 

    While I flowed out Employee ID of administrator as reference (dn) field to owner and displayed owner fields of Metvaerse from SQL, and then from Metaverse to FIM portal. 

    If I run the preview of my MA's synchronization, I get the following results, shown in screen shot below. I have checked the attribute precedence but it is set to equal but still it is skipping these values. 

    For setting the manager of a user on FIM portal, I used the same approach and it worked. That I passed the EmployeeID of manager as reference (DN) to manager and it automatically resolved the reference. But in case of groups, it is not working. 

    Please see screen shot below 

    If anyone could help me to come out of this situation, I'll be really very thankful. 


    F.

    Monday, November 19, 2018 7:41 AM

All replies

  • Are you also importing records for the user from your SQL MA? For the reference to work, you need both sides of the reference (in this case, the group, and the referenced user). 

    Thanks,
    Brian

    Consulting | Blog | AD Book

    Monday, November 19, 2018 2:12 PM
    Moderator
  • Users are already there on FIM portal with their employee ids. These users imported through a different MA not with this SQL MA, that I created for groups.


    F.

    Monday, November 19, 2018 4:25 PM
  • You have to have both sides of the reference in each MA. The solution here typically is to have the SQL MA with the groups also show all the users (at least that are group owners) in the query result. They don't need any attributes other than the employee ID so that you can join the records to the user's MV objects. 

    Thanks,
    Brian

    Consulting | Blog | AD Book

    Monday, November 19, 2018 4:38 PM
    Moderator
  • Hi Brian,

    Thank you for your response. I do have included user's employee id with my view. 

    And here is I mark group_owner field as reference:

    Below is my attribute flow:

    Kindly guide, where I am doing any mistake.


    F.

    Tuesday, November 27, 2018 10:19 AM
  • You need to have a connector space entry for each referenced user.

    To do this you need to do a few things:

    1. Add an object_type column (name doesn't matter) to your view. For all your group rows it should be "group".
    2. Add an "employee_id" column (name doesn't matter) to your view. For each user that is listed as a group_owner, you need to have a row in your view with the object_type column set to "person" and the "employee_id" column set to the relevant value. All the other columns can be null for your person entries.
    3. Reconfigure the SQL MA to support the object_type column. I don't have this up in front of me, but, I believe it is in the Configure Columns section. Mark the employee_id as the anchor for person objects here too.
    4. Add a Join rule that matches your SQL MA person objects employee_id on the relevant metaverse attribute.
    5. Update your MV deletion rule (if necessary) for person objects to ignore the CS objects from this MA. 

    Thanks,
    Brian

    Consulting | Blog | AD Book

    Tuesday, November 27, 2018 4:20 PM
    Moderator