Hi,
I'm running FIM 2010 R2 in a testing environment to test the following situation: I want to join existing user accounts in AD with employee data from the HR system. Relationship criteria should be the AD attribute EmployeeNumber which corresponds to the EmployeeNumber in the HR system. Therefore I added the attribute EmployeeNumber in the schema of the metaverse and the portal.
I configured a MA for SQL (HR System) and for AD and for the FIM portal. In the FIM portal I configured an inbound synchronization rule for SQL with the setting "Create Resource in FIM" enabled. That part works fine, the users are imported and synchronized to the metaverse and also synchronized to the portal and the attribute EmployeeNumber is populated.
I also configured an inbound synchronization rule for the AD MA. Here I configured "Create Resource in FIM" disabled, since I don't want accounts from users that don't exist in the HR database to be synchronized to FIM. I configured EmployeeNumber in the inbound attribute flow. I can see that the Synchronization rule is projected to the metaverse, but it isn't executed. When I search the connector space of the AD connector, I can see that all user accounts are imported to the connector space with the following attributes:
displayName, name, objectSID, pwdLastSet,sAMAccountName and UserAccountControl. None of them are configured in the Synchronization Rule. The attributes configured in the Synchronization rule however are NOT synchronized, so I conclude that the Synchronization rule isn't executed at all.
What am I doing wrong?
Kind regards,
Klaus