Forefront Identity Manager Synchronization Service (FIM Synchronization Service) has a flexible synchronization rules engine that you can use to process identity data between your connected data sources and the metadirectory according to your business rules. Your business rules are expressed as synchronization rules in FIM Synchronization Service, either as declarative rules or through rules extensions.

Declarative rules are synchronization rules that you configure through the Synchronization Service Manager of FIM Synchronization Service. For business rules that are beyond declarative rules, you can use a rules extension to express otherwise complex logic in a well-structured form.

Both declarative rules and rules extensions coexist to give you the flexibility of choosing the appropriate method for a given scenario. The following list shows some of the rules that you can express in rules extensions:

A rules extension is a Microsoft .NET Framework assembly that you implement in the form of a dynamic link library (.dll) file. You can create a rules extension by using any programming language and compiler that creates a .NET Framework assembly. For more information, see Creating Rules Extensions.

Types of Rules Extensions

FIM Synchronization Service supports the following types of rules extensions.

Rule extension Description

Management agent

Used on data that flows between the connector space and the metaverse, such as data transformations, join rules, and deprovisioning. Each management agent can have only one rules extension.


Used on data that flows between the metaverse and connector space in response to a change in the metaverse, such as when an attribute value changes or a link is added or removed from a metaverse object. For example, you can use a metaverse rules extension to create provisioning rules to ensure that all the connected system objects contain the unified identity data that is stored in the metaverse. You can have only one metaverse rules extension. The metaverse is also referred to as the FIM Synchronization Service database.

Rules extensions are called when identity data is processed. For more information, see How Rules Extensions Are Called. To see how the synchronization rules map to the rules extension methods, see Synchronization Rules Mapped to Rules Extension Methods.

Accessing Objects

You create objects in the connector space and metaverse from the following classes.

Class Object


Connector Space object


Metaverse object

Most of the classes in the Microsoft.MetadirectoryServices namespace are related to these two objects.

See Also