Creating Rules Extensions
With Forefront Identity Manager Synchronization Service (FIM Synchronization Service), you can programmatically modify the behavior that occurs when data that is managed by FIM Synchronization Service is changed or removed. You can modify the behavior by using an installable component known as a rules extension, which you create.
FIM Synchronization Service supports the following types of rules extensions.
Rules extension | Description |
---|---|
Management agent |
Used on data that flows between the connector space and the metaverse, such as data transformations, join rules, and deprovisioning. Each management agent can have only one rules extension. |
Metaverse |
Used on data that flows between the metaverse and connector space in response to a change in the metaverse, such as when an attribute value changes, or a link is added or removed from a metaverse object. The metaverse can have only one rules extension. |
A rules extension is a Microsoft .NET Framework class library, which is a dynamic link library (DLL) that implements one or more classes.
A rules extension class must implement a particular interface, which is determined by the type of rules extensions that are being implemented. An interface is a contract that requires the class to implement all the methods of the interface. A management agent rules extension must implement the IMASynchronization interface. A metaverse rules extension must implement the IMVSynchronization interface.
FIM Synchronization Service follows these steps when it runs a rules extension:
Opens the class library DLL specified by the management agent or metaverse.
Loads the extension object by finding a class that implements the proper interface for the type of extension, either IMASynchronization for a management agent extension or IMVSynchronization for a metaverse extension.
Initializes the extension.
Calls the appropriate class methods.
Terminates the extension after a period of inactivity, unloads the extension object, and closes the class library DLL.
Warning
Rules extensions are run in the FIM Synchronization Service Engine's process, which is a 64-bit process. 32-bit only Rules Extensions are not supported in FIM.
Exceptions
In the past, methods and functions either returned a failure code or set a particular value on an output parameter to indicate that an error had occurred. The .NET Framework relies more heavily on exceptions than other programming models do. Although structured exception handling is not new, the .NET Framework has expanded the use of exceptions so that they are commonplace. When an exception is passed back to a caller, the exception is thrown. When a caller handles an exception, the caller catches the exception.
The Microsoft.MetadirectoryServices namespace defines the following exceptions that are specific to FIM Synchronization Service.
One instance in which you can use an exception is when a rules extension does not implement a method. If a method is not implemented, the extension should throw the EntryPointNotImplementedException exception. FIM Synchronization Service catches this exception and acts appropriately.
The following examples show how to to throw the EntryPointNotImplementedException exception when a management agent rules extension does not implement the Deprovision method.
Public Function Deprovision( _
ByVal csdepro As CSEntry) _
As DeprovisionAction _
Implements IMASynchronization.Deprovision
Throw New EntryPointNotImplementedException()
End Function
DeprovisionAction IMASynchronization.Deprovision (CSEntry csentry)
{
throw new EntryPointNotImplementedException();
}
For more information about implementing specific types of rules extensions, see the following topics: