From user side if they create group in FIM and are not provision in AD, then there is no indication that group creation was successful unless the user does not get the feeling that group is not working at all or some one from IT get into it to investigate.
As I have experienced a user created group with scope universal and domain local group as member, the group failed to sync and if the user want to delete the group in FIM, it errors out ObjectSIDString is either null and empty, cannot delete the group at this time.
To delete the group I have to go advanced view of the group in FIM, locate the field for “ObjectSIDString Group binding”, and type any number in it (for example 1234).Click OK and submit the change.
The group got deleted at last.
As I have experienced a user created group with scope universal and domain local group as member, the group failed to sync and if the user want to delete the group in FIM, it errors out ObjectSIDString is either null and empty, cannot delete the group at this time.
To delete the group I have to go advanced view of the group in FIM, locate the field for “ObjectSIDString Group binding”, and type any number in it (for example 1234).Click OK and submit the change.
The group got deleted at last.
No comments:
Post a Comment