Hi How do I run Powershell script immediately after creating the user in FIM and the transfer of the user settings?

Not sure I understand what it is you want to do. Could you please clarify? Cheers, MarkusMarkus Vilcinskas, Knowledge Engineer, Microsoft Corporation

I want to FIM immediately after creating the user in Active Directory performed PowerShell script that passes parameters established by the user in FIM For example, I create user user1 in the FIM. It synchronizes and created in Active Directory. Immediately after that to make the FIM launched "powershellscript1.ps1 User1"

I know Carol has been working on a PowerShell XMA that might do what you ask for: http://www.wapshere.com/missmiis/remote-powershell-script-xma Another way could be to create a custom PowerShell workflow activity in an action workflow that is triggered by the Expecteded State Detection mechanism when user is created in AD: http://technet.microsoft.com/en-us/library/ff608269%28WS.10%29.aspx //Henrik Henrik Nilsson, ILM/FIM MVP Blog: http://www.idmcrisis.com Company: Cortego (http://www.cortego.se)

I know Carol has been working on a PowerShell XMA that might do what you ask for: http://www.wapshere.com/missmiis/remote-powershell-script-xma I would like more information on how to build extensions in Visual Studio Why do I need Template Input File? I need to run Powershell script with parameter User1

1. Creating Management Agents 2. There is no way to create an export only Management Agent - All management agents must have an ability to do import therefore the need for a file - About Connected Data Source Extensions. 3. I don't know how Carol made her XMA but that could probably be done. :-) //HenrikHenrik Nilsson, ILM/FIM MVP Blog: http://www.idmcrisis.com Company: Cortego (http://www.cortego.se)

but there is no easier way?

There is maybe an alternative: configure the export step of your MA to create a log file; you will get an xml file containing details of all the operations performed by the agent (created a user, modified the value of an attribute and so on). Tipically the log file should be under 'C:\Program Files\Microsoft Forefront Identity Manager\2010\Synchronization Service\MaData\<agent name>'. Then, whenever you run an export profile on your AD MA, you run immediately after a PowerShell script of yours that takes this xml file as input, parses it and does the appropriate actions according to which operations were performed. Cheers, PaoloPaolo Tedesco - http://cern.ch/idm

Just a small correction - it should be after an (confirming) import. In case of an import, there is also an option to create a log file. Cheers, MarkusMarkus Vilcinskas, Knowledge Engineer, Microsoft Corporation

Where and how configure logging to xml file?

This is part of the run profile configuration. Cheers, MarkusMarkus Vilcinskas, Knowledge Engineer, Microsoft Corporation

thanks for logging setting. my task: to create a folder structure and personal website after creating the user in AD. If user change position (job title) -> I must transfer the user's folder to another location. This task is correctly solved with Workflow or Management Agent?

Reposting because the formatting just got messed up... I have created both home folders and websites using XMAs many times in the past. The general idea is that you treat then home folder (or website) as an object which has properties. You need both an Import step (to enumerat the existing home folders/websites) and an Export step (to implement the changes). For me, if you want ongoing management of the folder/website, rather than just creating it and forgetting it, then the XMA approach is correct. If you create the folder/website with a workflow activity then FIM has no ongoing relationship with that object. If you use an XMA then the folder/website exists as a connected object which can be modified, and eventually deleted. It's not trivial however and you need to do some study to understand the Sync Service, the relationship between metaverse and connector space objects, and how to create Extensible MAs. Some posts from my blog: http://www.wapshere.com/missmiis/creating-an-extensible-ma http://www.wapshere.com/missmiis/creating-user-home-directories-windows-version http://www.wapshere.com/missmiis/an-xma-to-create-apache-websites http://www.wapshere.com/missmiis/remote-powershell-script-xma http://www.wapshere.com/missmiis/provisioning-bpos-powershell-commands-as-cs-objects Note the last post I have linked is just to give you an example of the export step - I dod not propose you use the approach outlined in this post (which was firing off powershell cmdlets without a lot of feedack). You are far beter off following the approach of the first couple of posts when you enumerate the existing objects and import them as managed objects. You should also have seperate XMAs for you different object types, in this case home folder and website. I don't know what type of website you're creating. I did a demo once with IIS where I followed an approach similar to the Apache XMA I have blogged about, and just used the built-in IIS scripts to create, delete etc. Carolhttp://www.wapshere.com/missmiis

Carol, can you share Visual Studio solution from http://www.wapshere.com/missmiis/creating-user-home-directories-windows-version and exported agent configuration? I succesfull convert your example to C#. My problem is Sub HomeFolder_Provisioning(ByVal mventry As MVEntry) Dim HFMA As ConnectedMA = mventry.ConnectedMAs("HomeFolders") Dim path As String = "" Dim server As String = "" How Agent execute this code? How get all user information from metaverse?

When I flow the objectSid back onto the metaverse person object from the AD user it triggers a run of the provisioning code (as does any change to a metaverse object). That piece of code is part of the provisioning code (also often referred to as the MVExtension.dll). It detects that the home folder does not yet exist and creates it. Note that this is using the old methods applicable to MIIS/ILM. There's no reason why you couldn't use a FIM Portal Sync Rule to provision the home folder object, instead of using this Sub - and in fact I have done exactly that in a lab, though I haven't had time to write it up yet. You'll still need the Import and Export code for the XMA's CSExtension either way. It might be worth going through the MIIS 2003 docs and walkthroughs to better understand the sync service. http://www.wapshere.com/missmiis