AD group member not correctly provisioned


  • Hi,

    I have a database with users and groups and a domain (one forest one domain with level 2008 R2) with users and groups

    Users and groups are projected from the database to the metaverse.

    Groups are provisioned to AD by FIM, whereas users are joined. I'm not using the portal only sync service.

    In the metaverse, a group has 3000 members but in Active Directory only 158.

    If I can take one user that should be in the AD group but is not:

    • I can see that the user has a connector to AD.
    • I can see that the user is member of the group (by looking at its GUID)

    I have done several Full import/Full synchronization from AD or the database, or just by using the preview/commit feature. I even suppress the whole connector space but nothing changed.

    I'm using FIM 2010 build 4.0.3594.2.

    Do you have any ideas?

    samedi 27 juillet 2013 16:27

Toutes les réponses