Using PowerShell to document your provisioning policy configuration
Summary
This script documents your provisioning policy configuration on your system.The script lists all your synchronization rules, the workflows a synchronization rule was added to and the related management policy rule: This script can help you to detect mistakes in your provisioning policy configuration.
#----------------------------------------------------------------------------------------------------------
function GetFIMObjects
{
PARAM($filter)
END
{
$exportObjects = export-fimconfig -uri "http://localhost:5725/resourcemanagementservice" `
–onlyBaseResources `
-customconfig ("$filter") `
-ErrorVariable Err `
-ErrorAction SilentlyContinue
if($Err){throw $Err}
return $exportObjects
}
}
#----------------------------------------------------------------------------------------------------------
function GetTippleObject
{
PARAM($wfId = "", $wfName = "", $wfAction = "", $srId = "", $srName = "", $srType = "")
END
{
$newRecord = new-object psobject
$newRecord | add-member noteproperty "SRId" $srId
$newRecord | add-member noteproperty "SRName" $srName
$newRecord | add-member noteproperty "SRType" $srType
$newRecord | add-member noteproperty "WFId" $wfId
$newRecord | add-member noteproperty "WFName" $wfName
$newRecord | add-member noteproperty "WFAction" $wfAction
$newRecord | add-member noteproperty "MPRNames" ""
return $newRecord
}
}
#----------------------------------------------------------------------------------------------------------
if(@(get-pssnapin | where-object {$_.Name -eq "FIMAutomation"} ).count -eq 0) {add-pssnapin FIMAutomation}
$dataList = @()
#----------------------------------------------------------------------------------------------------------
GetFIMObjects -filter "/WorkflowDefinition"|
where-object {$_.ResourceManagementObject.ResourceManagementAttributes |
where-object {$_.AttributeName -eq "XOML"}} |
foreach {
$wfName = ($_.ResourceManagementObject.ResourceManagementAttributes | `
Where-Object {$_.AttributeName -eq "DisplayName"}).Value
$wfId = (($_.ResourceManagementObject.ObjectIdentifier).split(":"))[2]
[xml]$xmlXoml = ($_.ResourceManagementObject.ResourceManagementAttributes |
Where-Object {$_.AttributeName -eq "XOML"}).Value
$xmlXoml.SequentialWorkflow.SynchronizationRuleActivity | where-object {$_ -ne $null} |
foreach{
$dataList += GetTippleObject -wfId $wfId `
-wfName $wfName `
-wfAction $_.Action `
-srId $_.SynchronizationRuleId
}
}
#----------------------------------------------------------------------------------------------------------
GetFIMObjects -filter "/SynchronizationRule" |
foreach{
$srName = ($_.ResourceManagementObject.ResourceManagementAttributes |
Where-Object {$_.AttributeName -eq "DisplayName"}).Value
$srId = ((($_.ResourceManagementObject.ResourceManagementAttributes |
Where-Object {$_.AttributeName -eq "ObjectID"}).Value).Split(":"))[2]
$srType = ($_.ResourceManagementObject.ResourceManagementAttributes |
Where-Object {$_.AttributeName -eq "FlowType"}).Value
switch ($srType)
{
0 {$srType = "Inbound"}
1 {$srType = "Outbound"}
default {$srType = "Inbound and Outbound"}
}
$records = $dataList | where-object {$_.SRId -eq $srId}
if($records -ne $null)
{
$records | foreach{
$_.SRName = $srName
$_.SRType = $srType
}
}
else{$dataList += GetTippleObject -srId $srId -srName $srName -srType $srType}
}
#----------------------------------------------------------------------------------------------------------
GetFIMObjects -filter "/ManagementPolicyRule" |
where-object {$_.ResourceManagementObject.ResourceManagementAttributes |
Where-Object {$_.AttributeName -eq "ActionWorkflowDefinition"}} |
foreach{
$mprName = ($_.ResourceManagementObject.ResourceManagementAttributes |
Where-Object {$_.AttributeName -eq "DisplayName"}).Value
foreach($wfVal in ($_.ResourceManagementObject.ResourceManagementAttributes |
Where-Object {$_.AttributeName -eq "ActionWorkflowDefinition"}).Values)
{
foreach($curRec in ($dataList | where-object{$_.WFId -eq ($wfVal.Split(":"))[2]}))
{
if($curRec.MPRNames.length -gt 0) {$curRec.MPRNames += ","}
$curRec.MPRNames += $mprName
}
}
}
#----------------------------------------------------------------------------------------------------------
clear-host
write-host "Provisioning Policy Configuration"
write-host "=================================="
$dataList |
sort-object -property "SRName" |
format-list -property "SRName", "SRType", "WFName", "WFAction", "MPRNames"
write-host "Command completed successfully`n"
#----------------------------------------------------------------------------------------------------------
trap
{
Write-Host "`nError: $($_.Exception.Message)`n" -foregroundcolor white -backgroundcolor darkred
Exit 1
}
#----------------------------------------------------------------------------------------------------------
Go to the FIM ScriptBox
Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation
December 28th, 2009 2:53am
I spent part of the morning playing with this. Wow! This is super cool!
Free Windows Admin Tool Kit Click here and download it now
December 29th, 2009 7:13pm