Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
FIM ScriptBox Item
Summary
This powershell script was designed to query for all MPR's and place them in the Powershell GridView to easily search on things such as Workflows by name.
It was designed to easily document existing MPR's and to import them into Excel for Grouping and documentation.
I wrote the script with the intention of using the Quest FIM Powershell Snapin and only works with that snapin.
The script can be modified (such as the multivalue delimiters) to suite your needs
The only required change is to line 9 to point to your FIM Web Service \ Load Balancer.
Just a side note, I'm not much of a Powershell / scripting guy, so I apologize in advance for any bad coding practices :)
Script Code
| 001 002 003 004 005 006 007 008 009 010 011 012 013 014 015 016 017 018 019 020 021 022 023 024 025 026 027 028 029 030 031 032 033 034 035 036 037 038 039 040 041 042 043 044 045 046 047 048 049 050 051 052 053 054 055 056 057 058 059 060 061 062 063 064 065 066 067 068 069 070 071 072 073 074 075 076 077 078 079 080 081 082 083 084 085 086 087 088 089 090 091 092 093 094 095 096 097 098 099 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 |
################################################################################### #About this script: #This script is used to export out all Management Policy Rules as displayed in the portal. #It will translate all References into DisplayName strings. #In order for this to work, an account must be used that has rights to read all MPRS and Sets, and potentially users. #This specific version of the script was written to use the Quest FIM Powershell Snapin #Configuration Parameters and global variables: $server = "fimservice:5725" ####Important this should be changed to point to the FIM Web Services or load balancer $cred = get-credential ####Set the credential to be used to query the webservice $mpr_attributes = @("ActionParameter","ActionType","ActionWorkflowDefinition","AuthenticationWorkflowDefinition","AuthorizationWorkflowDefinition", "Disabled","DisplayName","GrantRight","ManagementPolicyRuleType","MVObjectID","ObjectID","PrincipalSet", "PrincipalRelativeToResource","ResourceCurrentSet","ResourceFinalSet") $global:mpr_list = @() ################################################################################### ################## # Functions ################## function GetReferenceDisplayName { PARAM ($objectID) END { #Return the display name of the reference $obj = get-fimresource -session $session -Filter "/*[ObjectID='$objectID']" -Attribute "DisplayName" return $obj.Resource["DisplayName"].Value.ToString() } } function AddPropertyToObject { PARAM ($object, $attribute, $value) END { Add-Member -inputObject $object -MemberType NoteProperty -Name $attribute -Value $value } } function ParseMultiValue { PARAM ($values,$delimiter,$reference) END { $stringBuilder = "" switch ($delimiter) { "comma" { foreach ($item in $fim_mpr.Resource[$attribute].Values) { if ($reference -eq $true) { $stringBuilder += "$(GetReferenceDisplayName -ObjectId $item), " } else { $stringBuilder += "$item, " } } } "newline" { foreach ($item in $fim_mpr.Resource[$attribute].Values) { if ($reference -eq $true) { $stringBuilder += "$(GetReferenceDisplayName -ObjectId $item)`r`n" } else { $stringBuilder += "$item`r`n" } } } } $stringBuilder = $stringBuilder.SubString(0,$stringBuilder.Length-2) Return $stringBuilder } } ################ # Main ################ if(@(get-pssnapin | where-object {$_.Name -eq "Quest.FIMPowershellSnapin"} ).count -eq 0) {add-pssnapin Quest.FIMPowershellSnapin} $session = new-fimsession -server $server -credential $cred #Grab all MPRS $all_mprs = get-fimresource -session $session -filter "/ManagementPolicyRule" -Attribute $mpr_attributes foreach($fim_mpr in $all_mprs) { #create our own MPR object with static string data for copy paste into excel $mpr = new-object object #go thru each attribute of an MPR to describe our object foreach($attribute in $mpr_attributes) { if ($fim_mpr.resource["$attribute"] -ne $null -and $fim_mpr.Resource["$attribute"].Value -ne $null) { switch ($attribute) { "ObjectID" {AddPropertyToObject -object $mpr -attribute "ObjectID" -Value $attribute} "MVObjectID" {AddPropertyToObject -object $mpr -attribute "ObjectID" -Value $attribute} "PrincipalSet" {AddPropertyToObject -object $mpr -attribute $attribute -value $(GetReferenceDisplayName -ObjectID $fim_mpr.resource[$attribute].Value.ToString())} "ResourceCurrentSet" {AddPropertyToObject -object $mpr -attribute $attribute -value $(GetReferenceDisplayName -ObjectID $fim_mpr.resource[$attribute].Value.ToString())} "ResourceFinalSet" {AddPropertyToObject -object $mpr -attribute $attribute -value $(GetReferenceDisplayName -ObjectID $fim_mpr.resource[$attribute].Value.ToString()) } "ActionWorkflowDefinition" {AddPropertyToObject -object $mpr -attribute $attribute -value $(ParseMultiValue -values $fim_mpr.Resource[$attribute].Values -delimiter "newline" -reference $true)} "AuthenticationWorkflowDefinition" {AddPropertyToObject -object $mpr -attribute $attribute -value $(ParseMultiValue -values $fim_mpr.Resource[$attribute].Values -delimiter "newline" -reference $true)} "AuthorizationWorkflowDefinition" {AddPropertyToObject -object $mpr -attribute $attribute -value $(ParseMultiValue -values $fim_mpr.Resource[$attribute].Values -delimiter "newline" -reference $true)} "ActionParameter" { AddPropertyToObject -object $mpr -attribute $attribute -value $(ParseMultiValue -values $fim_mpr.Resource[$attribute].Values -delimiter "newline" -reference $false)} "ActionType" { AddPropertyToObject -object $mpr -attribute $attribute -value $(ParseMultiValue -values $fim_mpr.Resource[$attribute].Values -delimiter "comma" -reference $false)} default {AddPropertyToObject -object $mpr -attribute $attribute -Value $fim_mpr.resource[$attribute].Value.ToString()} } } else { AddPropertyToObject -object $mpr -attribute $attribute -value $null } } $global:mpr_list += $mpr $mpr = $null } $global:mpr_list | select $mpr_attributes | out-gridview |
Note
To provide feedback about this script, create a post on the FIM TechNet Forum.
For more FIM related Windows PowerShell scripts, see the FIM ScriptBox.