Auteur de questions
I have a database with users and groups and a domain (one forest one domain with level 2008 R2) with users and groups
Users and groups are projected from the database to the metaverse.
Groups are provisioned to AD by FIM, whereas users are joined. I'm not using the portal only sync service.
In the metaverse, a group has 3000 members but in Active Directory only 158.
If I can take one user that should be in the AD group but is not:
- I can see that the user has a connector to AD.
- I can see that the user is member of the group (by looking at its GUID)
I have done several Full import/Full synchronization from AD or the database, or just by using the preview/commit feature. I even suppress the whole connector space but nothing changed.
I'm using FIM 2010 build 4.0.3594.2.
Do you have any ideas?
Toutes les réponses
I don't see how you are making the relation between user and group. Before FIM came up with the portal and group management, there was a tool called Group Populator . http://crosbysite.blogspot.com/2008/02/using-group-populator-application-with.html. You can still use it. it is free and works.
You need a method in metaverse to relate users with groups.
Nosh Mernacaj, Identity Management Specialist
Have you run any Export profiles against AD? You're only mentioning Imports and Sync runs.
Regards, Soren Granfeldt
blog is at http://blog.goverco.com | facebook https://www.facebook.com/TheIdentityManagementExplorer | twitter at https://twitter.com/#!/MrGranfeldt