I’ve been working for the past fortnight or so on a FIM POC, and getting myself very well aquainted with the nuances of RC0 
. Most of the issues we’ve hit so far have been documented to some extent by the likes of David Lundel & co, but today we came across something that had us stumped for a couple of hours until we realized what the issue must be … an (apparently) undocumented upper limit on the number of Allowed Attributes that you can add to a filter scope, which appears to be 254.
. Most of the issues we’ve hit so far have been documented to some extent by the likes of David Lundel & co, but today we came across something that had us stumped for a couple of hours until we realized what the issue must be … an (apparently) undocumented upper limit on the number of Allowed Attributes that you can add to a filter scope, which appears to be 254.My MS colleague had been extending the schema with some attributes of our own for the POC, and found that every time he got to a certain point of adding them into the Admin filter scope, the next time he returned to the scope definition he was presented with an error – and from that point onwards the filter scope cannot be edited.
He discovered that a work-around was to delete the custom attribute entirely, but we had both assumed that the problem was with the schema and not the filter definition itself. I had noted that the Application Event log was full of "Event 5, System.ServiceModel 3.0.0.0" (Message Logging task) messages complaining about a "Diagnostics.PlainXmlWriter+MaxSizeExceededException".
We put 2 and 2 together and figured that there might be an upper limit on the number of attributes – so we’ve implemented a work-around whereby we define an "Administrator Filter Scope Ex" (in addition to the default Administrator Filter Scope), and include our additional bound schema attributes in there. These are then appended as an additional AuthZ workflow item, thereby allowing our new schema attributes to appear in the Attribute drop down lists.
Hopefully this one will be resolved by RC1 …
IdM for Real 