A frustrating deficiency of the Identity Manager application is the inability to copy the list of disconnectors from the Joiner page. I really don’t understand why this functionality wasn’t included – was it just an oversight? Ploughing through the disconnectors is an inevitable part of taking over an existing directory, and to do that you’re going to need the list.
There is a way to get the list however – and it involves querying the MicrosoftIdentityIntegrationServer database.
First you need to find the identifying number for the MA you’re interested in:
select ma_id, ma_name from dbo.mms_management_agent
Now insert the ma_id into the following query to find all disconnected objects (the curly brackets must be included):
select rdn from dbo.mms_connectorspace cs
left outer join dbo.mms_csmv_link mv
on cs.object_id = mv.cs_object_id
where cs.ma_id = ‘{ma_id}’
and mv.cs_object_id is null
There’s an extra point to mention about using this method against an LDAP-style directory. The SQL query will return a CN list, rather than the full DN. If you have same-named objects in different OUs it is not immediately obvious which one is the disconnector.
There is probably a way to do the SQL query so it includes the parent OUs, but I’ve as yet been unable to work it out. Typically there is some uniquely identifying attribute, such as a staff number, that I have already pushed out to the connected objects in the directory. By matching my list of CNs against an LDAP search I can figure out which are the disconnectors.