Note to self . When building a new environment don’t forget to delete the out-of-box (OOB) Management Policy Rule (MPR) “Users can create registration objects for themselves” with an action type of “Create, Modify”. As per kb978864 Update 1 (build 4.0.2592.2 or later) adds two new MPRs:
- Users can create registration objects for themselves (action type of Create)
- Users can modify registration objects for themselves (action type of Modify)
These new MPRs supersede the original thus the original should be deleted.
Also, the MPR: “Administration: Administrators control configuration related resources” has a misspelt Action Parameter (IsAuthoriztionActivity). Add “Is Authorization Activity” to the resource attributes (target resources grouping or “tab”) and click Submit to remove the erroneous typo (bug) and add the correct action parameter. Now you will be able to add Activity Information Configuration (AIC) resources as you intended.