Convert Policy and Schema XML files to CSV

I am in the process of re-writing my documentation scripts, which are somewhat different to the MS MIM Config Documenter, in that mine are designed to run on a workstation, and produce documents in Word format. Where they are much the same however, is long lists of configuration objects by object type, listing their attributes…

Pending Exports reporting script

I’ve just posted an updated version of my PendingExports.ps1 script here. The script parses the pending exports XML file produced by csexport.exe and produces single- and multi-value CSV files that you can import into Excel (split on the semi-colon). I’ve been tinkering with this script for years. This one now includes all current attribute values…

Lithnet AutoSync Trigger Scripting

After many years automating my MIM solutions with Event Broker/UnifyNow, I’m implementing a solution with Lithnet AutoSync. The result is the same event-driven sync as I’m used to, but I’ve had to get used to the different way AutoSync works. I always liked how Event Broker allowed me to integrate PowerShell scripts with run profiles,…

A simple PowerShell way to do Rules-based groups in AD

I’ve been helping a customer along the path towards a proper IAM solution, which has involved a lot of data clean-up, as it so often does. Criteria groups in MIM can encourage data quality as users don’t get the groups they need if their attributes aren’t correct – so I thought, how about getting them…

Test non-trusting cross-domain Windows authentication to SQL using PowerShell

Sometimes I want to simulate connectivity from an application another way, usually for troubleshooting or verifying networks and accounts have been set up correctly. One thing that’s always been difficult is testing I can connect to a SQL database in a non-trusting domain, using an AD account in the other domain. I can’t hardcode credentials in…

Breaking the AADConnect link – an Alumni example

I presented this at the MIM Team User Group meeting last week, but was having some computer issues and apparently people couldn’t hear me. There did seem to be quite a bit of interest from the comments window, so I figured I’d write it up as a blog post. This solution allows an Office 365 account…

Script: Compare-ADGroups.ps1

I recently wanted to do some analysis of existing groups in a well established AD that has a lot of groups (more groups than users in fact). I was hoping to find groups that looked like good candidates for conversion to role-based (aka criteria-based) groups.

Data Quality Script for the FIM Service

Today I presented a session called “all about data” at the FIM Team User Group meeting. One of the goodies I shared was my Data Quality script. The point of this script is to run against the FIM Service on a regular basis and look for anomalies that can be easily fixed – for example…