Hi, We have to add users as a members of a provision roles based on some attribute values provided at create user reqquest. I have created one provision role, in that I have modified Admin rule policy and user scope rule accordingly. Rule: Admin Rule: who are all members of (group "Contractors") User Scope: where ("provision_to_LDAP" = true) When I have created a user and added to Contractors group also... and also provision_to_LDAP=true in the backend provision roles are added based on the admin rule. But the user is added as a Administrator in the Provision Rule not as a member.. so the records are provisioned to target system. Kindly provide the suggestions. Thanks in advacne... Regards Vamsi.