FIM ScriptBox Item

Summary

To process outbound synchronization rules, you must populate the ERL attribute of you managed objects in the metaverse.

The objective of this script is to check whether import attribute flow rule mappings for the expectedRulesList attribute are configured on your FIM management agent for person objects and group objects.

Script Code

001
002
003
004
005
006
007
008
009
010
011
012
013
014
015
016
017
018
019
020
021
022
023
024
025
026
027
028
029
030
031
032
033
034
035
036
037
038
039
040
041
042
043
044
045
046
047
048
049
050
051
052
053
054
055
056
057
058
059
060
061
062
063
064
065
066
067
068
069
070
071
#----------------------------------------------------------------------------------------------------------
 set-variable -name URI   -value "http://localhost:5725/resourcemanagementservice"    -option constant 
 set-variable -name Part1 -value "//import-flow-set[@mv-object-type='$']"             -option constant
 set-variable -name Part2 -value "/import-flows[@mv-attribute='expectedRulesList']"   -option constant
 set-variable -name Part3 -value "/import-flow[@src-ma='$' "                          -option constant
 set-variable -name Part4 -value "and @cd-object-type='$']"                           -option constant
 set-variable -name Part5 -value "/direct-mapping[src-attribute='ExpectedRulesList']" -option constant
#----------------------------------------------------------------------------------------------------------
 function HasNode
 {
    PARAM($xmlDoc, $maId, $mvType, $cdType)
    END
    {
       $node = $Part1.Replace("$", $mvType) + `
               $Part2 + `
               $Part3.Replace("$", $maId)   + `
               $Part4.Replace("$", $cdType) + `
               $Part5
            
       $xmlDoc.selectSingleNode($node) -ne $null
    }           
 }
#----------------------------------------------------------------------------------------------------------

 if(@(get-pssnapin | where-object {$_.Name -eq "FIMAutomation"} ).count -eq 0) {add-pssnapin FIMAutomation}
 clear-host
 $exportObject = export-fimconfig -uri $URI `
                                  -customconfig ("/ma-data[SyncConfig-category='FIM']") `
                                  -ErrorVariable Err `
                                  -ErrorAction SilentlyContinue `
                                  -onlyBaseResources 
                               
 if($Err){throw $Err}
 if($exportObject -eq $null) {throw "FIM management agent not found"} 
#----------------------------------------------------------------------------------------------------------
 
 [xml]$partData = ($exportObject.ResourceManagementObject.ResourceManagementAttributes | `
                   Where-Object {$_.AttributeName -eq "SyncConfig-ma-partition-data"}).Values
 if($partData.selectSingleNode("//filter/object-classes[object-class='Person']") -eq $null)
 {throw "FIM management agent is not configured to process object type person"}
 $bHasGroups = $partData.selectSingleNode("//filter/object-classes[object-class='Group']") -ne $null
 $maId = ($exportObject.ResourceManagementObject.ResourceManagementAttributes | `
          Where-Object {$_.AttributeName -eq "SyncConfig-id"}).Value
#----------------------------------------------------------------------------------------------------------
 $exportObject = export-fimconfig -uri $URI `
                                  -customconfig ("/mv-data") `
                                  -onlyBaseResources `
                                  -ErrorVariable Err `
                                  -ErrorAction SilentlyContinue
 if($Err){throw $Err}
 if($exportObject -eq $null) {throw "No metaverse data configured"} 
 $iafValue = ($exportObject.ResourceManagementObject.ResourceManagementAttributes | `
              Where-Object {$_.AttributeName -eq "SyncConfig-import-attribute-flow"}).Value
 
 [xml]$iafFlows = "" +$iafValue + ""
 $bHasPersonErl = HasNode -xmlDoc $iafFlows -maId $maId -mvType "person" -cdType "Person"
 $bHasGroupErl  = HasNode -xmlDoc $iafFlows -maId $maId -mvType "group"  -cdType "Group"
#----------------------------------------------------------------------------------------------------------
 write-host "`nERL Flow Configuration"
 write-host "======================"
 write-host "Person: " $bHasPersonErl.toString()
 if($bHasGroups -eq $true)
 {write-host "Group : " $bHasGroupErl.toString()}
 write-host "`nCommand completed successfully`n"
#----------------------------------------------------------------------------------------------------------
 trap 
 { 
    Write-Host "`nError: $($_.Exception.Message)`n" -foregroundcolor white -backgroundcolor darkred
    Exit 1
 }
#----------------------------------------------------------------------------------------------------------

 

note Note
To provide feedback about this script, create a post on the FIM TechNet Forum.
For more FIM related Windows PowerShell scripts, see the FIM ScriptBox.

 


See Also