Getting Started Quest recently posted a PowerShell Snap-In to CodePlex containing some cool PowerShell Cmdlets for FIM, including: New-FimSession New-FimResource Get-FimResource Set-FimResource Remove-FimResource So? In using the Cmdlets shipped with FIM you come to notice they are highly tailored to configuration migration. Sure they can be used in lots of other interesting ways as illustrated in this forum's ScriptBox but the cmdlets from Quest a just a little easier to use. Below is a quick walkthrough for getting started with the Quest Cmdlets: Download the source files from http://fimpscmdlets.codeplex.com/releases/view/44432 To register the DLL, run InstallUtil.exe (be sure to use the correct version for your processor architecture!): D:\Scratch\FimPsCmdlets>C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe Quest.FIMPowerShellSnapin.dll To see if the DLL was installed, run "get-PSSnapin -registered" in PowerShell get-PSSnapin -registered Run "Add-PSSnapin Quest.FIMPowershellSnapin" Add-PSSnapin Quest.FIMPowershellSnapin Create a new FIM Session: $fimSession = New-FIMSession -Credential (Get-Credential) -Server localhost Create a new Person: New-FIMResource -Type "Person" -Session $fimSession -Attributes @{"DisplayName"="Thomas Anderson"; "AccountName"="neo"} Get the new Person back $user = Get-FIMResource -Filter "/Person[DisplayName='Thomas Anderson']" -Session $fimSession Set some attributes on the Person: $user.SetValue("City", "Leipzig") $user.SetValue("Country", "Germany") Set-FIMResource -Instance $user -Session $fimSession CraigMartin Edgile, Inc. http://identitytrench.com

Thanks a lot for putting this together, Craig. This is very helpful! Link to the related post. Cheers, MarkusMarkus Vilcinskas, Knowledge Engineer, Microsoft Corporation

While executing step 7, getting following error. Am I missing something? $user = Get-FIMResource -Filter "/Person[DisplayName='XYZ']" -Session $fimSession Get-FIMResource : The token provider cannot get tokens for target 'http://localhost:5725/ResourceManagementService/Enumeration'. At line:1 char:24 + $user = Get-FIMResource <<<< -Filter "/Person[DisplayName='XYZ']" -Session $fimSession + CategoryInfo : NotSpecified: (:) [Get-FIMResource], SecurityNegotiationException + FullyQualifiedErrorId : System.ServiceModel.Security.SecurityNegotiationException,Quest.FIMPowerShellSnapin.GetFIMResource Thanks Sachin

Craig Great info on how to get the Quest PS tools working. However I have come up against an issue I wondered if you had as well when testing. With my execution policy in PS set to unrestricted I get this warning when importing the Snapins Security Warning Run only scripts that you trust. While scripts from the Internet can be useful, this script can potentially harm your computer. Do you want to run C:\FIMPSCmdlets-0.1\quest.fimpowershellsnapin.Types.ps1xml? [D] Do not run [R] Run once [S] Suspend [?] Help (default is "D"): If I set the execution policy to remote-signed then they will not load as their is no signing on the snapin. Any idea in how I canget this to load automatically so that I can include the snapins in a script? thanks Andy

Here is some explanation regarding PS policies: http://setspn.blogspot.com/2011/05/running-powershell-scripts-from-unc.html You could run the script with -bypasshttp://setspn.blogspot.com

Is this code still being maintained / developed? I find it to be exceptionally useful to perform bulk modifications / loads for FIM. I also find it to be easier to use then the FIMAutomation cmdlets. The only release I see is the one in "Alpha" stage on Apr 28 2010.I have made a few modifications to the code, that might seem useful to others, such as: GetFIMResource class - retrieve all schema attributes of the Root ResourceType in the filter (or Resource by default)FIMPSClient class - option to use the NetworkCredential of the user running the code/cmdlets without having to specify a PSCredential Wondering what the road map for this code will be with "FIM 2010 R2" and beyond... :)

The code is a great example of wrapping an existing client to product PowerShell cmdlets, but I do not think it enjoys a steady stream of updates. The PowerShell Snap-In that ships with FIM 2010 is still incredibly useful for FIM CRUD. A mode that wraps the FimAutomation PowerShell was just released on CodePlex. You might give that try. http://fimpowershellmodule.codeplex.com CraigMartin Edgile, Inc. http://identitytrench.com