FIM ScriptBox Item

Summary

The script code below generates the custom expression that is necessary to flow the domain attribute from AD DS to FIM.
The custom expression is stored in the clipboard of your computer.

Please see the following articles for more details:

Script Code

001
002
003
004
005
006
007
008
009
010
011
012
013
014
015
016
017
018
019
020
021
022
023
024
025
026
027
028
029
030
031
032
033
034
035
036
037
038
039
040
041
042
043
044
045
046
047
048
049
050
051
052
053
054
055
#--------------------------------------------------------------------------------------------------------
 Set-Variable -Name ForestDn -Value "DC=Fabrikam,DC=Com" -Option Constant
 Set-Variable -Name DnsRoot  -Value "fabrikam.com"       -Option Constant
#--------------------------------------------------------------------------------------------------------
 Clear-Host
 $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
 $objSearcher.SearchRoot = "LDAP://CN=Partitions,CN=Configuration,$ForestDn" 
 $objSearcher.Filter     = "(&(objectclass=Crossref)(dnsRoot=$DnsRoot)(netBIOSName=*))"
 $dataList = @()
 
 $objSearcher.FindAll() | ForEach{
$Domain = New-Object DirectoryServices.DirectoryEntry "LDAP://$($_.Properties.ncname)"
    If($Domain.objectGuid -eq $null) {Throw "Partition not found"}
$DomainSid = New-Object System.Security.Principal.SecurityIdentifier($Domain.objectSid[0], 0)

$newRecord = new-object psobject
    $newRecord | add-member noteproperty "Path"           $($_.Path)
    $newRecord | add-member noteproperty "NetBIOSName"    $($_.Properties.netbiosname)
    $newRecord | add-member noteproperty "SID"            $DomainSid.ToString()

$dataList += $newRecord
 }

 If($dataList.length -eq 0) {Throw "L:No domain partitions found!"}

 $CustomExpression = ""
 $dataList | ForEach {
    $CustomExpression += 
   "IIF(Eq(Left(ConvertSidToString(objectSid),$($_.SID.Length)),""$($_.SID)""),""$($_.NetBIOSName)"","
 }
 $CustomExpression += """Unknown"""
 $dataList | ForEach {
    $CustomExpression += ")"
 }

 Write-Host "Domain partitions for forest"
 Write-Host "============================"
 Write-Host "Forest : $ForestDn"
 Write-Host "DNS Root: $DnsRoot" 
 $dataList | Format-List
 Write-Host "Custom Expression:"
 Write-Host $CustomExpression
 Write-Host ""
 $CustomExpression | clip
#--------------------------------------------------------------------------------------------------------
 Trap 
 { 
    $exMessage = $_.Exception.Message
    If($exMessage.StartsWith("L:"))
    {write-host "`n" $exMessage.substring(2) "`n" -foregroundcolor white -backgroundcolor darkblue}
    Else 
{write-host "`nError: " $exMessage "`n" -foregroundcolor white -backgroundcolor darkred}
    Exit 1
 }
#--------------------------------------------------------------------------------------------------------

 

note Note
To provide feedback about this script, create a post on the FIM TechNet Forum.
For more FIM related Windows PowerShell scripts, see the FIM ScriptBox.

 



See Also