none
Scripting Identity Integration Server 2003 RRS feed

  • Question

  • We're using MIIS 2003 (v3.2 SP2) to import to Active Directory from eDirectory.

    I've created a simple PowerShell script that uses WMI to trigger the Run Profiles of the Management Agents on demand.  I can parse the resulting RunDetails' XML to find the number of users added into AD:

    [xml]$xmlAD=$activeDirectoryMA.RunDetails().ReturnValue
    $xmlAD."run-history"."run-details"."step-details"."export-counters"."export-add"."#text"

     How do I find out WHO was added?  I can see the details (distinguished names) of synchronisation errors but not of what was added (or updated) successfully.  This is easily viewable in the GUI.

    Is this level of detail accessible over WMI?

    Thanks!

    Thursday, July 18, 2013 1:40 PM

All replies

  • I don't believe that level of detail is available through WMI. If you are careful, you could go to the database and query it directly out of there.
    Friday, July 19, 2013 9:25 PM
  • Thanks.

    I don't suppose anyone knows how I would query this.

    I imagine a starting point would be the Run_Number which I get via WMI and can also see in the mms_run_history table.  That table though doesn't look to be what I need.  Perhaps it ties in somewhere else though?

    Wednesday, July 24, 2013 10:36 AM
  • I don't know if this will guide your approach at all, but querying the MIIS/ILM/FIM database directly is not supported or recommended.  Most likely Microsoft's underlying concern is that you could end up locking database objects in a way the product doesn't expect, it tries to run and fails, and chaos ensues.

    In these situations, I've had good success with thorough logging as part of the provisioning code.  Especially when it comes to object adds, there are no surprises...


    Steve Kradel, Zetetic LLC

    Wednesday, July 24, 2013 2:52 PM
  • Ah that's definitive for me then - I'll keep well away!

    Many thanks for the advice :-D

    Wednesday, July 24, 2013 8:59 PM