Synchronizing nested active directory groups


  • Hello dears..

    is there any way to sync groups between active directory and MIM 2016 without expanding nested groups and convert it to a group that contains members only ?

    I have some cases that I need to manage membership of nested groups without the members expanding, please help.

    thank you :)

    2018년 7월 12일 목요일 오전 9:38

모든 응답

  • Hello,

    sure you can do that. It is one of the main features of FIM/MIM to transport and keep the referential integrity intact between all systems.

    For that to work, all referenced objects needs to be present in MIM MV and the CS's of the Coneectors.

    See also:


    Peter Stapf - ExpertCircle GmbH - My blog:

    2018년 7월 12일 목요일 오전 10:58
  • thank you dear Peter,

    I know about reference object, I usually use it for user's manager and assistant, but I really appreciate it if you explain more about how I can use reference objects to keep an active directory group contains users and groups with out expanding, noting that I manage groups membership with BHOLD and I think that's why I can't keep the nested groups...

    Thank you again

    • 편집됨 rasa.92 2018년 7월 12일 목요일 오후 1:00
    2018년 7월 12일 목요일 오후 12:59
  • Hi

    I never used the Bhold part of MIM so I'm not very familiar with that.

    From the default MIM Sync and Portal side you need to do nothing to keep nested group references beside tha fact that all referenced objects need to be in the MV and both (all) connector spaces you what to have the nested group references.

    So maybe someone with more experience in bhold can help out here if maybe Bhold breaks the nesting.


    Peter Stapf - ExpertCircle GmbH - My blog:

    2018년 7월 12일 목요일 오후 1:20