Trying to export list of everyone who is listed as a manager in FIM portal RRS feed

  • Question

  • So I have had a request to build a dynamic Security group for "all People leaders" which is basically anyone who is listed as a manager in AD. 

    I know that this basically has to be done by adding an IsManager attribute to the schema then using FIM powershells to populate that attribute. 

    I was able to create a search scope and get a list of all managers, but I am unable to export this same search scope via FIMAutomation Powershell

    Anyone tell me what I am doing wrong?

    /Person[ObjectID =  /*[ObjectID = 'bce1cdd1-5222-4462-b910-ab30f5b6576a']/ComputedMember]/Manager']

    Is the search scope criteria, it wont work for groups or sets because of the double calculation I know. Does FimAutomation powershell fall into that issue as well?

    Here is the PowerShell

    set-variable -name URI    -value "http://localhost:5725/resourcemanagementservice"    -option constant
    add-pssnapin FIMAutomation

    $exportObject = export-fimconfig -uri $URI -onlyBaseResources -customconfig ("/Person[ObjectID =  /Set[ObjectID = 'bce1cdd1-5222-4462-b910-ab30f5b6576a']/ComputedMember]/Manager']")

    Powershell error

    export-fimconfig : Failure on making enumeration web service call. 
    Filter = /Person[ObjectID =  /Set[ObjectID = 'bce1cdd1-5222-4462-b910-ab30f5b6576a']/ComputedMember]/Manager'] 
    Error= Microsoft.ResourceManagement.WebServices.Faults.ServiceFaultException: cannot filter as requested
       at Microsoft.ResourceManagement.WebServices.Client.ResourceTemplate.EnumerateResources(SearchParameters parameters, ClientOptionsHelper clientOptionsHelper)
       at Microsoft.ResourceManagement.WebServices.ResourceManager.MoveNext()
       at Microsoft.ResourceManagement.Automation.ExportConfig.EndProcessing() 
    At line:1 char:17
    + $exportObject = export-fimconfig -uri $URI -onlyBaseResources -customconfig ("/P ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidOperation: (:) [Export-FIMConfig], InvalidOperationException
        + FullyQualifiedErrorId : ExportConfig,Microsoft.ResourceManagement.Automation.ExportConfig

    Russell Lema

    Monday, April 8, 2019 2:34 PM

All replies

  • You should look at the Lithnet Resourcemanagement powershell module:

    Its extremely more faster and easier to use than the built in FIMAutomation snapin.

    To get all users who are set as manager on other users, you can use this one liner:

    $Managers = Search-Resources -XPath "/Person[ObjectID = /Person/Manager]" -AttributesToGet AccountName, DisplayName

    • Proposed as answer by Leo Erlandsson Wednesday, April 10, 2019 7:42 AM
    Tuesday, April 9, 2019 9:38 AM