locked
Script Test RRS feed

  • General discussion

  •   Summary
     

    When you troubleshoot access problems, it might be helpful to review whether denied requests exits on your system.
    The objective of this script is to display them.

     

    #----------------------------------------------------------------------------------------------------------
     Function GetReferenceValue
     {
      Param($ObjectId)
    	End
    	{
    	  If($ObjectId.Length -eq 0) {Return ""}
    	  If($ObjectId.StartsWith("urn:uuid:") -eq $true) {$ObjectId = ($ObjectId.split(":"))[2]}
    	  $exportObject = export-fimconfig -uri "http://localhost:5725/resourcemanagementservice" `
                        -customconfig ("/*[ObjectID='$ObjectId']") `
    					     	    -onlyBaseResources `
                        -ErrorVariable Err `
                        -ErrorAction SilentlyContinue 
    	  
        If($Err){Throw $Err}
        If($exportObject -eq $null) {Return ""}
    	 
    	  Return ($ExportObject.ResourceManagementObject.ResourceManagementAttributes | `
            Where-Object {$_.AttributeName -eq "DisplayName"}).Value
     
    	}
     }
    #----------------------------------------------------------------------------------------------------------
     Function GetAttribute
     {
      Param($ExportObject, $AttributeName)
    	End
    	{
    	  $attributeValue = ($ExportObject.ResourceManagementObject.ResourceManagementAttributes | `
                    Where-Object {$_.AttributeName -eq $AttributeName}).Value
    	  If($attributeValue -eq $null) {$attributeValue = ""}
    	  Return $attributeValue
    	}
     }
    #----------------------------------------------------------------------------------------------------------
     If(@(Get-PSSnapin | Where-Object {$_.Name -eq "FIMAutomation"} ).count -eq 0) {Add-PSSnapin FIMAutomation}
     $dataList = @()
     
     $exportObjects = export-fimconfig -uri "http://localhost:5725/resourcemanagementservice" `
                      -customconfig ("/Request[RequestStatus = 'Denied']") `
    			    -onlyBaseResources `
                      -ErrorVariable Err `
                      -ErrorAction SilentlyContinue 
     If($Err){Throw $Err}
     If($exportObjects -eq $null)
     {
      Write-Host "No matching requests found"
    	Exit 0
     }	
    
     $exportObjects | Where-Object {$_.ResourceManagementObject.ObjectType -eq "Request"} | ForEach{
      $newRecord = new-object psobject
    	
      $attrValue = GetAttribute -ExportObject $_ -AttributeName "DisplayName"
      $newRecord | add-member noteproperty "DisplayName" $attrValue 	
    
      $attrValue = GetAttribute -ExportObject $_ -AttributeName "CreatedTime"
      $newRecord | add-member noteproperty "Date-Submitted" $attrValue 	
    
      $refAttr = GetAttribute -ExportObject $_ -AttributeName "Creator"
      $refVal = GetReferenceValue -ObjectId $refAttr
      $newRecord | add-member noteproperty "Originator" $refVal 	
    	
      $attrValue = GetAttribute -ExportObject $_ -AttributeName "Operation"
      $newRecord | add-member noteproperty "Operation" $attrValue 	
    	
      $attrValue = GetAttribute -ExportObject $_ -AttributeName "TargetObjectType"
      $newRecord | add-member noteproperty "Target-Resource-Type" $attrValue 	
    
      $refAttr = GetAttribute -ExportObject $_ -AttributeName "Target"
      $refVal = GetReferenceValue -ObjectId $refAttr
      $newRecord | add-member noteproperty "Target-Resource" $refVal 	
    
      $dataList += $newRecord 
     }
    #----------------------------------------------------------------------------------------------------------
     Clear-Host
     Write-Host "Denied Requests"
     Write-Host "==============="
     $dataList | Format-List
     Write-Host "Command completed successfully`n"
    #----------------------------------------------------------------------------------------------------------
     Trap 
     { 
      Write-Host "`nError: $($_.Exception.Message)`n" -foregroundcolor white -backgroundcolor darkred
      Exit 1
     }
    #----------------------------------------------------------------------------------------------------------

     

      Go to the FIM ScriptBox

    Markus Vilcinskas, Knowledge Engineer, Microsoft Corporation
    Thursday, June 10, 2010 4:17 PM