Hi,
Could someone tell me how I can deprovision users from AD? I've followed the guide "Introduction to Publishing To Active Directory from Two Authoritative Data Sources" which I can get to work using an input CSV file. I've also read "Understanding deprovising in FIM" from http://social.technet.microsoft.com/wiki/contents/articles/1270.understanding-deprovisioning-in-fim.aspx
My input CSV file is my authorative data source, on all of my management agents I've selected "stage a delete on the object for the next export run". I've also configured an object deletion rule "Delete metaverse object when connector from any of the following management agents is disconnected": File Management Agent (checked).
At this point, I've removed entries from my CSV file, then on my File management agent ran a full import, sync, export and delta import on my management agent (however previous objects from my CSV file remain in the metaverse when using MV search).
Within my "AD Provisioning Sync rule" (inbound & outbound), I've selected "Disconnect FIM resource from external system when synchronization rule is removed". I've ran a full import, sync and export on my provisioning sync rule, but I still have no luck deprovisioning end users. At no point have unwanted users disappeared from AD or the metaverse.
My end goal is to have an input CSV file with AD & Exchange attributes which will be authorative. I'll then be updating my domain based on the CSV. The CSV file will have regular modifications for email address changes and name changes.
Would I be better of using FIM to use FIM for AD & Exchange account sync + creation or just AD account creation + sync, then use PowerShell to script mailboxes?
Thanks