Please let me ask a question.

Synchronizing SQL Server Objects to AD using ILM2007.

<Purpose>

A:When a user is deleted from SQL, I would like to perform the following processings.

 1.UserAccountControl = 514;

 2.DN="OU=RetiredUser,OU=UserOU,DC=local.DC=com";

B:It is made to Join when the user with same SamaccountName is created by SQL.

<Tried contents >

1.Deprovision coding ->MV delete ->B cannot

2.Provision coding -> UserAccountContorol is read only ->A cannot
 #System.InvalidOperationException: attribute userAccountControl is read-only

--------------------

void IMVSynchronization.Provision (MVEntry mventry){
            ConnectedMA ma = mventry.ConnectedMAs["ADMA"];
            int ADMAconnect = ma.Connectors.Count;
            int SQLconnect = mventry.ConnectedMAs["SQL_User_MA"].Connectors.Count;
                if (SQLconnect == 0 && ADMAconnect == 1)
                {
                    csentry = ma.Connectors.ByIndex[0];

                    // Moves the disabled user account to another container.
                    string container = "OU=RetiredUser,OU=UserOU,DC=local.DC=com";
                    string rdn = "CN=" + csentry["samAccountName"].Value;
                    //csentry["userAccountControl"].Value = "514"; <error Point>
                    ReferenceValue dn = ma.EscapeDNComponent(rdn).Concat(container);
                    csentry.DN = dn;
                    //throw new UnexpectedDataException(rdn);
                }
}

-------------------

  3.ADMA>Attribute Flow>rules extension coding.
    But User deleted from DB does not pass along Export Rule.

  -------------------
          void IMASynchronization.MapAttributesForExport (string FlowRuleName, MVEntry mventry, CSEntry csentry)
        {
          if(FlowRuleName == "UAC"){
                  //throw new EntryPointNotImplementedException(temp);
                    if (mventry.ConnectedMAs["SQL_User_MA"].Connectors.Count == 0)
                    {
                        csentry["userAccountControl"].Value = "514";
                    }
                    else {
                        csentry["userAccountControl"].Value = mventry["userAccountControl"].Value;                    
                    }
                 }
       }
-------------------

I am troubled very much.

Aren't there any good methods?

It will be saved if advice is got.

The best approach I find to handle your requirement is NOT to delete the MV object when the SQL connector is deleted.  Your existing provisioning logic looks OK - this should fire on the disconnection OK.  I suspect your problem is not with your code but with your "UAC" advanced export flow rule - from memory you will need to select the <objectID> metaverse attribute in your selected attributes list for your flow rule to ensure it ALWAYS runs this code (since you always need SOME sort of metaverse change to trigger your code).

A variation on your above approach might be to use a metaverse attribute with a value that is only ever contributed by your SQL MA - and use the removal of the value (can be a constant) from this property as a trigger for your export flow rule.

ThankYOUUNIFYBob

checkbox :check out
Configure Deprovisioning> Do not recall attributes contributed by objects from this management agent when disconnected.

MV attribute is not delete when SQL Data deleted.

thank you very much