FIM 2010 R2 Portal: Add Computers to Security group Membership

In this scenario, I have seperate MAs for SG, user and Computers in the Sync Engine. I have already brought the Computers into the Metaverse and into the Portal. Now I want to be able to add Computers to SGs. So I want to bring the Computer objects into the SG Connecter Space and configure the Portal to allow Computers to be selected for group membership. I have already created a Search scope for computers called “All Computers”.

  • Step One: FIM Sync

Edit the SG MA and add the Computer as one of the Object types

  • Step Two: FIM Portal

Add new Inbound Sync rule for the SG MA

Name & Description: Inbound rule for computers in SG AD MA

Type: Inbound

Scope: MV Object : Computer

External System: SG MA

External System Resource Type: Computer

Relationship: Samaccountname to Samaccountname

Click Submit, Finish

Edit the Outbound Sync for the SG MA, for Membership attribute flow select 3 or more resource and type “user,group,computer”

Click submit, Finish.

Search scope

  • Add “Security” to Usage Keyword for All Computers search scope


  • Add “Computer” to the ObjectType option of the MembersToAdd control in the RCDC for Create and Edit Group.


  • Step Three: FIM Sync

Run in this order

Run Delta Import Delta Sync on the FIM MA to bring in the new and updated sync rules.

Run Full Import on the SG MA to bring in the Computer objects

Run Delta Sync on the SG MA to join the objects to Computer objects in the MV.