Upper limit on Filter Scope Configuration Configuration

I’ve been working for the past fortnight or so on a FIM POC, and getting myself very well aquainted with the nuances of RC0 .  Most of the issues we’ve hit so far have been documented to some extent by the likes of David Lundel & co, but today we came across something that had us stumped for a couple of hours until we realized what the issue must be … an (apparently) undocumented upper limit on the number of Allowed Attributes that you can add to a filter scope, which appears to be 254.
My MS colleague had been extending the schema with some attributes of our own for the POC, and found that every time he got to a certain point of adding them into the Admin filter scope, the next time he returned to the scope definition he was presented with an error – and from that point onwards the filter scope cannot be edited.
He discovered that a work-around was to delete the custom attribute entirely, but we had both assumed that the problem was with the schema and not the filter definition itself.  I had noted that the Application Event log was full of "Event 5, System.ServiceModel 3.0.0.0" (Message Logging task) messages complaining about a "Diagnostics.PlainXmlWriter+MaxSizeExceededException".
We put 2 and 2 together and figured that there might be an upper limit on the number of attributes – so we’ve implemented a work-around whereby we define an "Administrator Filter Scope Ex" (in addition to the default Administrator Filter Scope), and include our additional bound schema attributes in there.  These are then appended as an additional AuthZ workflow item, thereby allowing our new schema attributes to appear in the Attribute drop down lists.
Hopefully this one will be resolved by RC1 …
Advertisements

About bobbradley1967

Microsoft IAM MVP and Solutions Architect (MCTS, MCP) - FIM/ILM/MIIS Specialist, with 20 years SQL database ( OLAP) and MS.Net applications development/SI background, in particular on the SharePoint platform
This entry was posted in FIM (ForeFront Identity Manager) 2010 and tagged . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s