FIM ScriptBox Item

Summary

Consider this scenario:

You accidentally provisioned a few hundred objects into the FIM connector space, however they were never actually provisioned to the FIM portal due to attribute or other violation.  Long story short, these objects had nothing to match on aside from their guid.  

Here is a way to go fetch these objects, and delete them from the MV:

  1. Use PowerShell to find the CS DN of each orphaned object (link)
  2. Correlate these DNs to MV IDs
  3. Export the MV IDs to a csv file
  4. Create a tab-delimited MA, with a simple join rule - to join on this MV ID
  5. Configure deletion rule to delete MV object when <new MA> object was deleted
  6. Run a full import and sync (this joins to all the orphaned objects)
  7. Delete the <new MA> CS and then the MA itself.  This removes the orphaned objects per the deletion rule in #5.  

Script Code

001
002
003
004
005
006
007
008
009
010
011
012
013
014
015
016
017
018
019
020
021
022
023
024
#Import the FimSyncPowerShellModule Module
ipmo FimSyncPowerShellModule

$maNAME = 'Contoso FIMMA' 

#Get the last export run
$LastExportRun = (Get-MIIS_RunHistory -MaName $maNAME -RunProfile 'Export')[0]
 
#Get error objects from last export run (adjust your filter as needed...)
$errorObjects = $LastExportRun | Get-RunHistoryDetailErrors | ? {($_.dn -ne $null) -and ($_.ErrorType -eq 'failed-creation-via-web-services')}

#Build the custom Output Object
$outputFile = @()
$errorObjects | % {
     $TmpCSObject = Get-MIIS_CSObject -ManagementAgent $maNAME -DN $_.DN
     [xml]$UserXML = $TmpCSObject.UnappliedExportHologram
     $MyObject = New-Object PSObject -Property @{
        MVObjectID = (Select-Xml -Xml $UserXML -XPath "/entry/attr" | select -expand node | ? {$_.name -eq 'MVObjectID'}).value
        }
     $outputFile += $MyObject
 }
 
#Output to file
$outputFile | Export-Csv -NoTypeInformation $env:USERPROFILE\desktop\Deletions.csv

note Note
To provide feedback about this article, create a post on the FIM TechNet Forum.
For more FIM related Windows PowerShell scripts, see the  FIM ScriptBox

 



See Also