How to Use PowerShell to Display a User’s Attribute Values for FIM Portal Access

FIM ScriptBox Item

Summary

To access the FIM portal, the following attributes must be set:

• AccountName
• Domain
• ObjectSID

This script lists the values of these attributes for a user.
The script indicates if a value is not set:

http://public.bay.livefilestore.com/y1pr5ogs95TF5zJ1Fnsx8if-Kf8Xa-koHa4v_8bzTPngOG2EpLzwscYOXNHH4aSVYDVnSFqAoL_U6jhMU2uaWjibw/Sid01.png

If the values are set, the script shows them:

http://public.bay.livefilestore.com/y1p9ABAJUWDcL3KwvDfDmwpjP0-aHDm2Hz3KmzZYL7qDxlBjoo4fkNgljTFqN0dDF2nLvwN1yC3ePFm4H2v0_VI7w/Sid02.png

Script Code

001 002 003 004 005 006 007 008 009 010 011 012 013 014 015 016 017 018 019 020 021 022 023 024 025 026 027 028 029 030 031 032 033 034 035 036 037 038 039 040 041 042 043 044 045 046 047 048 049 050 051

#----------------------------------------------------------------------------------------------------------  set-variable -name URI         -value "http://localhost:5725/resourcemanagementservice" -option constant   set-variable -name DisplayName -value "Britta Simon"                                    -option constant  #----------------------------------------------------------------------------------------------------------  Function SetAttributeValue  {     Param($DataRecord, $CurObject, $AttributeName)     End      {        $CurAttribute = $curObject.ResourceManagementObject.ResourceManagementAttributes | `                        Where-Object {$_.AttributeName -eq "$AttributeName"}        If($curAttribute -eq $null)         {$DataRecord | Add-Member NoteProperty $AttributeName ""}        Else        {$DataRecord | Add-Member NoteProperty $AttributeName $($CurAttribute.Value)}     }  }  #----------------------------------------------------------------------------------------------------------  If(@(get-pssnapin | where-object {$_.Name -eq "FIMAutomation"} ).count -eq 0) {add-pssnapin FIMAutomation} #----------------------------------------------------------------------------------------------------------  $CurObject = export-fimconfig -uri $URI `                                –onlyBaseResources `                                -customconfig ("/Person[DisplayName='$DisplayName']")`                                -ErrorVariable Err `                                -ErrorAction SilentlyContinue   If($Err){Throw $Err}  If($CurObject -eq $null) {throw "User not found"}  $DataRecord = New-Object PSObject  SetAttributeValue -DataRecord $DataRecord -CurObject $CurObject -AttributeName "AccountName"  SetAttributeValue -DataRecord $DataRecord -CurObject $CurObject -AttributeName "DisplayName"  SetAttributeValue -DataRecord $DataRecord -CurObject $CurObject -AttributeName "Domain"  SetAttributeValue -DataRecord $DataRecord -CurObject $CurObject -AttributeName "ObjectSID"    $szSid = ""  If($DataRecord.ObjectSID.Length -gt 0)  {    $binarySid = [System.Convert]::FromBase64String($DataRecord.ObjectSID)    $obSid = New-Object System.Security.Principal.SecurityIdentifier($binarySid, 0)    $szSid = $obSid.ToString()  }  $DataRecord | Add-Member NoteProperty "StringSID" $szSid  Clear-Host  $DataRecord | Format-List #----------------------------------------------------------------------------------------------------------  Trap   {      Write-Host "`nError: $($_.Exception.Message)`n" -foregroundcolor white -backgroundcolor darkred     Exit 1  } #----------------------------------------------------------------------------------------------------------

 

Note

To provide feedback about this article, create a post on the FIM TechNet Forum.
For more FIM related Windows PowerShell scripts, see the  FIM ScriptBox

 

---

See Also

• PowerShell Portal
• Wiki: Portal of TechNet Wiki Portals