FIM ScriptBox Item

Summary

This script documents your provisioning policy configuration on your system.
The script lists all your synchronization rules, the workflows a synchronization rule was added to and the related management policy rule:



This script can help you to detect mistakes in your provisioning policy configuration.

Script Code

001
002
003
004
005
006
007
008
009
010
011
012
013
014
015
016
017
018
019
020
021
022
023
024
025
026
027
028
029
030
031
032
033
034
035
036
037
038
039
040
041
042
043
044
045
046
047
048
049
050
051
052
053
054
055
056
057
058
059
060
061
062
063
064
065
066
067
068
069
070
071
072
073
074
075
076
077
078
079
080
081
082
083
084
085
086
087
088
089
090
091
092
093
094
095
096
097
098
099
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
#----------------------------------------------------------------------------------------------------------
 function GetFIMObjects
 {
    PARAM($filter)
    END
    {
       $exportObjects = export-fimconfig -uri "http://localhost:5725/resourcemanagementservice" `
                                         –onlyBaseResources `
                                         -customconfig ("$filter") `
                                         -ErrorVariable Err `
                                         -ErrorAction SilentlyContinue 
       if($Err){throw $Err}
       return $exportObjects                                 
    }
 }
#----------------------------------------------------------------------------------------------------------
 function GetTippleObject
 {
    PARAM($wfId = "", $wfName = "", $wfAction = "", $srId = "", $srName = "", $srType = "")
    END
    {
       $newRecord = new-object psobject
       $newRecord | add-member noteproperty "SRId"     $srId
       $newRecord | add-member noteproperty "SRName"   $srName
       $newRecord | add-member noteproperty "SRType"   $srType
       $newRecord | add-member noteproperty "WFId"     $wfId 
       $newRecord | add-member noteproperty "WFName"   $wfName
       $newRecord | add-member noteproperty "WFAction" $wfAction 
       $newRecord | add-member noteproperty "MPRNames" ""
       return $newRecord
   }
}
#----------------------------------------------------------------------------------------------------------
 if(@(get-pssnapin | where-object {$_.Name -eq "FIMAutomation"} ).count -eq 0) {add-pssnapin FIMAutomation}
 $dataList = @()
#----------------------------------------------------------------------------------------------------------
 GetFIMObjects -filter "/WorkflowDefinition"|
 where-object {$_.ResourceManagementObject.ResourceManagementAttributes | 
 where-object {$_.AttributeName -eq "XOML"}} |
 foreach {
    $wfName = ($_.ResourceManagementObject.ResourceManagementAttributes | `
               Where-Object {$_.AttributeName -eq "DisplayName"}).Value
    $wfId   = (($_.ResourceManagementObject.ObjectIdentifier).split(":"))[2] 
  
    [xml]$xmlXoml = ($_.ResourceManagementObject.ResourceManagementAttributes | 
                     Where-Object {$_.AttributeName -eq "XOML"}).Value  
    
    $xmlXoml.SequentialWorkflow.SynchronizationRuleActivity | where-object {$_ -ne $null} |
    foreach{
       $dataList += GetTippleObject -wfId $wfId `
                                    -wfName $wfName `
                                    -wfAction $_.Action `
                                    -srId $_.SynchronizationRuleId
    }
 }
#----------------------------------------------------------------------------------------------------------
 GetFIMObjects -filter "/SynchronizationRule" |
 foreach{
    $srName = ($_.ResourceManagementObject.ResourceManagementAttributes | 
               Where-Object {$_.AttributeName -eq "DisplayName"}).Value
    $srId   = ((($_.ResourceManagementObject.ResourceManagementAttributes | 
               Where-Object {$_.AttributeName -eq "ObjectID"}).Value).Split(":"))[2] 
    $srType = ($_.ResourceManagementObject.ResourceManagementAttributes | 
               Where-Object {$_.AttributeName -eq "FlowType"}).Value  
    switch ($srType) 
    { 
        0 {$srType = "Inbound"} 
        1 {$srType = "Outbound"} 
        default {$srType = "Inbound and Outbound"}
    }
        
    $records = $dataList | where-object {$_.SRId -eq $srId} 
    if($records -ne $null) 
    {
       $records | foreach{
          $_.SRName = $srName
          $_.SRType = $srType
       }
    }
    else{$dataList += GetTippleObject -srId $srId -srName $srName -srType $srType}
 }
#----------------------------------------------------------------------------------------------------------
 GetFIMObjects -filter "/ManagementPolicyRule" |
 where-object {$_.ResourceManagementObject.ResourceManagementAttributes | 
               Where-Object {$_.AttributeName -eq "ActionWorkflowDefinition"}} | 
 foreach{
    $mprName = ($_.ResourceManagementObject.ResourceManagementAttributes | 
                Where-Object {$_.AttributeName -eq "DisplayName"}).Value
                      
    foreach($wfVal in ($_.ResourceManagementObject.ResourceManagementAttributes | 
                       Where-Object {$_.AttributeName -eq "ActionWorkflowDefinition"}).Values)
    {
       foreach($curRec in ($dataList | where-object{$_.WFId -eq ($wfVal.Split(":"))[2]}))
       {
          if($curRec.MPRNames.length -gt 0) {$curRec.MPRNames += ","}
          $curRec.MPRNames += $mprName
       }
    }                  
 }
#----------------------------------------------------------------------------------------------------------
 clear-host
 write-host "Provisioning Policy Configuration"
 write-host "=================================="
 $dataList | 
 sort-object -property "SRName" |
 format-list -property "SRName", "SRType", "WFName", "WFAction", "MPRNames"
 write-host "Command completed successfully`n"
#----------------------------------------------------------------------------------------------------------
trap 
{ 
   Write-Host "`nError: $($_.Exception.Message)`n" -foregroundcolor white -backgroundcolor darkred
   Exit 1
}
#----------------------------------------------------------------------------------------------------------

 

note Note
To provide feedback about this script, create a post on the FIM TechNet Forum.
For more FIM related Windows PowerShell scripts, see the FIM ScriptBox.

 



See Also