Hi,
This error pops up regularly when certain changes are made to a user in the AD. I also have had a few posts about this in the past, but were not successful in resolving it. Initially I thought that there is a conflict of rules in the FIM portal, but interestingly when I manually change one of the attributes in the FIM portal, all rules are applied without problems and the next export on the FIM MA succeeds.
This error only happens with a specific type of contractor which is managed by the service desk. Other contractors are managed by the HR system. Sometimes the service desk gets instruction to deprovision a contractor before contract expiry for whatever reason, normal contract expiries are handled by rules in the portal.
When the service desk manually deprovision a user, they do the following:
1. Move the user to a specific Exits OU
2. Disable the account
3. Remove the manager
4. Add description containing the request number
5. Change the email to invalid address to prevent the user from receiving email, they normally use the request number as the mail address, for example123456@company.com
6. Also update the proxy addresses, same as email above
7. Hide the email address from the address book
The FIM portal picks these changes up, because we still need to delet the user object after a certain amount of time. When these changes are exported the FIM MA fails with the error above.
To isolate the problem I have changed all the attributes one at a time and discovered that when the proxy address is changed manually, it causes this error. To work around this I have changed the process on the service desk to not modify the email address and proxy addresses manually but have the FIM portal do this, by prefixing the address with a 0.
I have also done this in my lab and found that when the proxy address in AD is changed manually it also causes this error.
The question I have is the following: Is there some validation done in the FIM portal on the proxy address collection? or is this maybe a bug? And has anyone else come across this?
Thanks
Johan Marais
JkM6228