Have you ever needed to query the FIM service for objects based upon an Xpath definition and display the information on screen and if needed also export it to CSV?. Look no further, here’s a PowerShell script just doing that for you!
–
In the blog post (2012-11-11) Finding All Users Within FIM That Have (Not) Registered For SSPR I demonstrate how to query the FIM service using the FIM Portal for users that have registered for SSPR and for users that have not registered for SSPR. This is all done through search scopes. Once I got the question: "can you export that information?". It is by default not possible to export that information through the FIM Portal. However, nothing or nobody stops you from using PowerShell and achieve your goal!
–
Against using that blog post as an example, let’s do this through PowerShell. From that blog post I’m using the specified search scope filters to find both lists of users.
–
Finding Users That Have Registered For SSPR:
- Search Scope Filter (XPath) In that Blog Post (Old Test Environment) –> "/Person[AuthNWFRegistered = /Set[ObjectID = ‘f6a599be-a292-40a7-8720-6bb445e47ad8’]/ComputerMember]"
- Search Scope Filter (XPath) In My Current Test Environment –> "/Person[AuthNWFRegistered = /Set[ObjectID = ‘214ab7c5-afd8-4d57-bfe8-9c5b73ddc7e9’]/ComputedMember]"
.\Query-For-FIM-Service-Using-XPath.ps1 -xPath "/Person[AuthNWFRegistered = /Set[ObjectID = ‘214ab7c5-afd8-4d57-bfe8-9c5b73ddc7e9’]/ComputedMember]" -baseonly -exporttocsv -csvfilepath D:\TEMP\UsersThatHaveRegisteredForSSPR.CSV -attributelist IDtype,DisplayName,FirstName,LastName,EmployeeID,Email
Figure 1a: Output To Screen
–
Figure 1b: Output To CSV
–
Finding Users That Have NOT Registered For SSPR:
- Search Scope Filter (XPath) In that Blog Post (Old Test Environment) –> "/Person[not(AuthNWFRegistered = /Set[ObjectID = ‘f6a599be-a292-40a7-8720-6bb445e47ad8’]/ComputerMember)]"
- Search Scope Filter (XPath) In My Current Test Environment –> "/Person[not(AuthNWFRegistered = /Set[ObjectID = ‘214ab7c5-afd8-4d57-bfe8-9c5b73ddc7e9’]/ComputedMember)]"
.\Query-For-FIM-Service-Using-XPath.ps1 -xPath "/Person[not(AuthNWFRegistered = /Set[ObjectID = ‘214ab7c5-afd8-4d57-bfe8-9c5b73ddc7e9’]/ComputedMember)]" -baseonly -exporttocsv -csvfilepath D:\TEMP\UsersThatHaveNOTRegisteredForSSPR.CSV -attributelist IDtype,DisplayName,FirstName,LastName,EmployeeID,Email
Figure 2a: Output To Screen
–
Figure 2b: Output To CSV
–
And this is the PowerShell script….
–
# Abstract: This PoSH Script Exports Objects From The FIM Based Upon An XPath Definition, Converts It To PSObjects And Displays On Screen And Optionally Exports To CSV # Written by: Jorge de Almeida Pinto [MVP-DS] # Blog: https://jorgequestforknowledge.wordpress.com/ # # 2015-03-30: Initial version of the script # # Additional Information # * http://www.integrationtrench.com/2011/07/convert-fim-exportobject-to-powershell.html # * http://www.integrationtrench.com/2011/09/cant-use-xpath-contains-function-to.html # Example Syntaxes: # * <PoSH Script File> -xPath "/Person[AccountName='JohnDoe']" -baseonly # * <PoSH Script File> -xPath "/Person[AccountName='JohnDoe']" -baseonly -attributelist ObjectID,AccountName # * <PoSH Script File> -xPath "/Person[AccountName='JohnDoe']" -baseonly -exporttocsv -csvfilepath D:\TEMP\TEST.CSV # * <PoSH Script File> -xPath "/Person[AccountName='JohnDoe']" -baseonly -attributelist ObjectID,AccountName -exporttocsv -csvfilepath D:\TEMP\TEST.CSV Param ( # XPath Definition As Accepted By The FIM Service (e.g. "/Person[Account = 'JohnDoe']") [Parameter(Mandatory=$true)] [string]$xPath, # Comma-Separated List Of Attributes To Display/Export. When Nothing is Specified All Attributes Are Displayed/Exported [Parameter(Mandatory=$false)] [string[]]$attributelist, # The Full Path To The CSV File When Exporting To A CSV [Parameter(Mandatory=$false)] [string]$csvfilepath, # Export Only Based Objects (Recommended), Otherwise Also Export All Referred Objects [Parameter(Mandatory=$false)] [switch]$baseonly, # Also Export To CSV [Parameter(Mandatory=$false)] [switch]$exporttocsv ) Clear-Host Write-Host " ****************************************************" -ForeGroundColor Yellow Write-Host " ** Jorge de Almeida Pinto [MVP-DS] **" -ForeGroundColor Yellow Write-Host " ** BLOG: 'Jorge's Quest For Knowledge' **" -ForeGroundColor Yellow Write-Host " ** https://jorgequestforknowledge.wordpress.com/ **" -ForeGroundColor Yellow Write-Host " ** March 2015 **" -ForeGroundColor Yellow Write-Host " ****************************************************" -ForeGroundColor Yellow # MSFT PowerShell CMDlets For FIM 2010 R2 [array] $SnapInListToLoad = "FIMAutomation" foreach ($SnapIn In $SnapInListToLoad) { If(@(Get-PSSnapin | Where-Object {$_.Name -eq $SnapIn} ).count -eq 0) { If(@(Get-PSSnapin -Registered | Where-Object {$_.Name -eq $SnapIn} ).count -ne 0) { Add-PSSnapin $SnapIn Write-Host "" Write-Host "Snap-In '$SnapIn' has been loaded..." -ForeGroundColor Green Write-Host "" } Else { Write-Host "" Write-Host "Snap-In '$SnapIn' is not available to load..." -ForeGroundColor Red Write-Host "" } } Else { Write-Host "" Write-Host "Snap-In '$SnapIn' already loaded..." -ForeGroundColor Yellow Write-Host "" } } # Taken From http://www.integrationtrench.com/2011/07/convert-fim-exportobject-to-powershell.html Function Convert-FimExportToPSObject { Param ( [parameter(Mandatory=$true, ValueFromPipeline = $true)] [Microsoft.ResourceManagement.Automation.ObjectModel.ExportObject] $ExportObject ) Process { $psObject = New-Object PSObject $ExportObject.ResourceManagementObject.ResourceManagementAttributes | %{ If ($_.Value -ne $null) { $value = $_.Value } Elseif ($_.Values -ne $null) { $value = $_.Values } Else { $value = $null } $psObject | Add-Member -MemberType NoteProperty -Name $_.AttributeName -Value $value } Write-Output $psObject } } # If The BaseOnly Parameter Has Been Specified Then Only Export The Base Resources As Defined By The XPath Definition # Otherwise ALSO Export Referred Objects In Linked Attributes If ($baseonly) { $ObjectsInFIM = Export-FIMConfig -CustomConfig $xPath -OnlyBaseResources } Else { $ObjectsInFIM = Export-FIMConfig -CustomConfig $xPath } # If Additional Filtering Is Required Which Is Not Possible Through The Xpath Then Use: # http://www.integrationtrench.com/2011/09/cant-use-xpath-contains-function-to.html # Example: $ObjectsInFIM | Convert-FimExportToPSObject | ?{$_.Filter -like "*myAttribute*"} # Example: $ObjectsInFIM | Convert-FimExportToPSObject | ?{$_.XOML -like "*myValue*"} # !!! ==> ADJUST THE POWERSHELL MANUALLY TO BE ABLE TO USE THIS <== !!! # If The ExportCsv Parameter Has Been Specified Then ALSO Export To The CSV File Defined # Otherwise Just Show Information On Screen If ($exporttocsv) { $ObjectsInFIM | Convert-FimExportToPSObject | Select $attributelist | Export-CSV $csvfilepath -NoTypeInformation } $ObjectsInFIM | Convert-FimExportToPSObject | FT $attributelist -Autosize # Count The Number Of Objects $NumberOfObjectsInFIM = ($ObjectsInFIM | Measure-Object).Count Write-Host "Number Of Objects......: $NumberOfObjectsInFIM" Write-Host ""
–
Or get the PowerShell script from HERE
–
Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER:
https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
#########
http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————