Foreign Security Principal sync with AD RRS feed

  • Question


    I have added some users from Active directory to ADAM roles thru authorization manager.

    I have created an authorization store in my ADAM instance. I created roles in Azman, added windows users from AD to azman roles.  When I added a windows user, a SID entry got added in the   CN= foreignsecurityprincipal of my ADAM instance. I understand that it is a pointer to the user’s AD entry.


    Now I deleted the user from AD. Now, the foreignsecurityprincipal sid entry is invalid.  How will I synchronize the foreignsecurityprincipal  sid enty in ADAM with AD?

    Can Adamsync do that for me?

    Tuesday, January 22, 2008 5:05 PM


  • I got an answer for this question - Adamsync will not delete the foreignsecurityprincipal  sid entries as a part of synchronization. If you delete an entry from AD, the corresponding FSP entry in ADAM becomes invalid. But it doesn't cause any harm. If you want to delete it, you may have to do it programmatically!!!


    Friday, January 25, 2008 1:43 PM