How to Use PowerShell to Determine the ERL Flow Configuration

FIM ScriptBox Item

Summary

To process outbound synchronization rules, you must populate the ERL attribute of you managed objects in the metaverse.

The objective of this script is to check whether import attribute flow rule mappings for the expectedRulesList attribute are configured on your FIM management agent for person objects and group objects.

Script Code

001 002 003 004 005 006 007 008 009 010 011 012 013 014 015 016 017 018 019 020 021 022 023 024 025 026 027 028 029 030 031 032 033 034 035 036 037 038 039 040 041 042 043 044 045 046 047 048 049 050 051 052 053 054 055 056 057 058 059 060 061 062 063 064 065 066 067 068 069 070 071

#----------------------------------------------------------------------------------------------------------  set-variable -name URI   -value "http://localhost:5725/resourcemanagementservice"    -option constant   set-variable -name Part1 -value "//import-flow-set[@mv-object-type='$']"             -option constant  set-variable -name Part2 -value "/import-flows[@mv-attribute='expectedRulesList']"   -option constant  set-variable -name Part3 -value "/import-flow[@src-ma='$' "                          -option constant  set-variable -name Part4 -value "and @cd-object-type='$']"                           -option constant  set-variable -name Part5 -value "/direct-mapping[src-attribute='ExpectedRulesList']" -option constant #----------------------------------------------------------------------------------------------------------  function HasNode  {     PARAM($xmlDoc, $maId, $mvType, $cdType)     END     {        $node = $Part1.Replace("$", $mvType) + `                $Part2 + `                $Part3.Replace("$", $maId)   + `                $Part4.Replace("$", $cdType) + `                $Part5                     $xmlDoc.selectSingleNode($node) -ne $null     }             } #----------------------------------------------------------------------------------------------------------  if(@(get-pssnapin | where-object {$_.Name -eq "FIMAutomation"} ).count -eq 0) {add-pssnapin FIMAutomation}  clear-host  $exportObject = export-fimconfig -uri $URI `                                   -customconfig ("/ma-data[SyncConfig-category='FIM']") `                                   -ErrorVariable Err `                                   -ErrorAction SilentlyContinue `                                   -onlyBaseResources                                   if($Err){throw $Err}  if($exportObject -eq $null) {throw "FIM management agent not found"}  #----------------------------------------------------------------------------------------------------------    [xml]$partData = ($exportObject.ResourceManagementObject.ResourceManagementAttributes | `                    Where-Object {$_.AttributeName -eq "SyncConfig-ma-partition-data"}).Values  if($partData.selectSingleNode("//filter/object-classes[object-class='Person']") -eq $null)  {throw "FIM management agent is not configured to process object type person"}  $bHasGroups = $partData.selectSingleNode("//filter/object-classes[object-class='Group']") -ne $null  $maId = ($exportObject.ResourceManagementObject.ResourceManagementAttributes | `           Where-Object {$_.AttributeName -eq "SyncConfig-id"}).Value #----------------------------------------------------------------------------------------------------------  $exportObject = export-fimconfig -uri $URI `                                   -customconfig ("/mv-data") `                                   -onlyBaseResources `                                   -ErrorVariable Err `                                   -ErrorAction SilentlyContinue  if($Err){throw $Err}  if($exportObject -eq $null) {throw "No metaverse data configured"}   $iafValue = ($exportObject.ResourceManagementObject.ResourceManagementAttributes | `               Where-Object {$_.AttributeName -eq "SyncConfig-import-attribute-flow"}).Value    [xml]$iafFlows = "" +$iafValue + ""  $bHasPersonErl = HasNode -xmlDoc $iafFlows -maId $maId -mvType "person" -cdType "Person"  $bHasGroupErl  = HasNode -xmlDoc $iafFlows -maId $maId -mvType "group"  -cdType "Group" #----------------------------------------------------------------------------------------------------------  write-host "`nERL Flow Configuration"  write-host "======================"  write-host "Person: " $bHasPersonErl.toString()  if($bHasGroups -eq $true)  {write-host "Group : " $bHasGroupErl.toString()}  write-host "`nCommand completed successfully`n" #----------------------------------------------------------------------------------------------------------  trap   {      Write-Host "`nError: $($_.Exception.Message)`n" -foregroundcolor white -backgroundcolor darkred     Exit 1  } #----------------------------------------------------------------------------------------------------------

 

Note

To provide feedback about this script, create a post on the FIM TechNet Forum.
For more FIM related Windows PowerShell scripts, see the FIM ScriptBox.

 

---

See Also

• PowerShell Portal
• Wiki: Portal of TechNet Wiki Portals