How to Use PowerShell to Document Your Provisioning Policy Configuration
FIM ScriptBox Item
Summary
This script documents your provisioning policy configuration on your system.
The script lists all your synchronization rules, the workflows a synchronization rule was added to and the related management policy rule:
This script can help you to detect mistakes in your provisioning policy configuration.
Script Code
| 001 002 003 004 005 006 007 008 009 010 011 012 013 014 015 016 017 018 019 020 021 022 023 024 025 026 027 028 029 030 031 032 033 034 035 036 037 038 039 040 041 042 043 044 045 046 047 048 049 050 051 052 053 054 055 056 057 058 059 060 061 062 063 064 065 066 067 068 069 070 071 072 073 074 075 076 077 078 079 080 081 082 083 084 085 086 087 088 089 090 091 092 093 094 095 096 097 098 099 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 |
#---------------------------------------------------------------------------------------------------------- function GetFIMObjects { PARAM($filter) END { $exportObjects = export-fimconfig -uri "http://localhost:5725/resourcemanagementservice" ` –onlyBaseResources ` -customconfig ("$filter") ` -ErrorVariable Err ` -ErrorAction SilentlyContinue if($Err){throw $Err} return $exportObjects } } #---------------------------------------------------------------------------------------------------------- function GetTippleObject { PARAM($wfId = "", $wfName = "", $wfAction = "", $srId = "", $srName = "", $srType = "") END { $newRecord = new-object psobject $newRecord | add-member noteproperty "SRId" $srId $newRecord | add-member noteproperty "SRName" $srName $newRecord | add-member noteproperty "SRType" $srType $newRecord | add-member noteproperty "WFId" $wfId $newRecord | add-member noteproperty "WFName" $wfName $newRecord | add-member noteproperty "WFAction" $wfAction $newRecord | add-member noteproperty "MPRNames" "" return $newRecord } } #---------------------------------------------------------------------------------------------------------- if(@(get-pssnapin | where-object {$_.Name -eq "FIMAutomation"} ).count -eq 0) {add-pssnapin FIMAutomation} $dataList = @() #---------------------------------------------------------------------------------------------------------- GetFIMObjects -filter "/WorkflowDefinition"| where-object {$_.ResourceManagementObject.ResourceManagementAttributes | where-object {$_.AttributeName -eq "XOML"}} | foreach { $wfName = ($_.ResourceManagementObject.ResourceManagementAttributes | ` Where-Object {$_.AttributeName -eq "DisplayName"}).Value $wfId = (($_.ResourceManagementObject.ObjectIdentifier).split(":"))[2] [xml]$xmlXoml = ($_.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "XOML"}).Value $xmlXoml.SequentialWorkflow.SynchronizationRuleActivity | where-object {$_ -ne $null} | foreach{ $dataList += GetTippleObject -wfId $wfId ` -wfName $wfName ` -wfAction $_.Action ` -srId $_.SynchronizationRuleId } } #---------------------------------------------------------------------------------------------------------- GetFIMObjects -filter "/SynchronizationRule" | foreach{ $srName = ($_.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "DisplayName"}).Value $srId = ((($_.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "ObjectID"}).Value).Split(":"))[2] $srType = ($_.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "FlowType"}).Value switch ($srType) { 0 {$srType = "Inbound"} 1 {$srType = "Outbound"} default {$srType = "Inbound and Outbound"} } $records = $dataList | where-object {$_.SRId -eq $srId} if($records -ne $null) { $records | foreach{ $_.SRName = $srName $_.SRType = $srType } } else{$dataList += GetTippleObject -srId $srId -srName $srName -srType $srType} } #---------------------------------------------------------------------------------------------------------- GetFIMObjects -filter "/ManagementPolicyRule" | where-object {$_.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "ActionWorkflowDefinition"}} | foreach{ $mprName = ($_.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "DisplayName"}).Value foreach($wfVal in ($_.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "ActionWorkflowDefinition"}).Values) { foreach($curRec in ($dataList | where-object{$_.WFId -eq ($wfVal.Split(":"))[2]})) { if($curRec.MPRNames.length -gt 0) {$curRec.MPRNames += ","} $curRec.MPRNames += $mprName } } } #---------------------------------------------------------------------------------------------------------- clear-host write-host "Provisioning Policy Configuration" write-host "==================================" $dataList | sort-object -property "SRName" | format-list -property "SRName", "SRType", "WFName", "WFAction", "MPRNames" write-host "Command completed successfully`n" #---------------------------------------------------------------------------------------------------------- trap { Write-Host "`nError: $($_.Exception.Message)`n" -foregroundcolor white -backgroundcolor darkred Exit 1 } #---------------------------------------------------------------------------------------------------------- |
Note
To provide feedback about this script, create a post on the FIM TechNet Forum.
For more FIM related Windows PowerShell scripts, see the FIM ScriptBox.