Background - We had a FIM 2010 deployment in production deployment. Few months ago, we upgraded it to FIM R2. There are already about 4000 Criteria based Groups and Request Based Groups at FIM portal. FIM portal is used as an authoritative source for group membership.
Problem Statement - The requirement is to attest the existing and
ongoing Request Based group membership of users using BHold User Attestation module. We want to continue FIM portal (not Bhold UI) as the end user interface for requesting the group membership.
Hence, for metaverse' group object's member attribute, FIM Portal should have higher precedence than Bhold MA.
From available documentation of Bhold, I understand that BHold is more suitable in cases where FIM Portal is not already the Group Membership deciding system. However, in our already existing deployment, both group membership is given by FIM portal. In fact this should be the case with all the FIM deployments before Bhold’ s release.
Please suggest on how to attest the group memberships.
Mayank Vaish