{"id":1909,"date":"2012-01-30T21:07:25","date_gmt":"2012-01-30T21:07:25","guid":{"rendered":"https:\/\/www.wapshere.com\/missmiis\/?page_id=1909"},"modified":"2012-01-30T21:07:25","modified_gmt":"2012-01-30T21:07:25","slug":"change-fimadmin-ps1","status":"publish","type":"page","link":"https:\/\/www.wapshere.com\/missmiis\/change-fimadmin-ps1","title":{"rendered":"change-fimadmin.ps1"},"content":{"rendered":"<pre>PARAM([string]$AccountName,[string]$Domain,[string]$DBServer=\"localhost\")\r\n\r\n#------------------------------------------------------------------------------------------------------\r\n# Change FIM Portal Admin account\r\n#\r\n#     Written by Carol Wapshere\r\n#\r\n# Notes:\r\n#  -- Intended use is creating a DEV environment using a production DB - has not been tested in Prod!\r\n#  -- This script directly modifies the FIMService database - please back it up first!\r\n#\r\n# Usage: .\\Change-FIMAdminAccount.ps1 -AccountName \"newaccount\" -Domain \"newdomain\" [-DBServer \"servername\"]\r\n#\r\n# Requires:\r\n#  -- RSAT powershell module feature\r\n#  -- SQL 2008 client\r\n#  \r\n\r\n#------------------------------------------------------------------------------------------------------\r\n\r\nfunction GetSidAsHex\r\n{\r\n    PARAM($AccountName, $Domain)\r\n    END\r\n    {\r\n        $ntaccount = New-Object System.Security.Principal.NTAccount($Domain,$AccountName)\r\n        $objectSid = $ntaccount.Translate([System.Security.Principal.SecurityIdentifier])\r\n\r\n$sid = New-Object system.Security.Principal.SecurityIdentifier $objectSid\r\n\r\n    $sidBytes = New-Object byte[] $sid.BinaryLength\r\n\r\n$sid.GetBinaryForm( $sidBytes, 0 )\r\n\r\n$hexArr = $sidBytes | ForEach-Object { $_.ToString(\"X2\") }\r\n\r\n$hexArr -join ''\r\n    }\r\n}\r\n#------------------------------------------------------------------------------------------------------\r\nnet stop FIMService\r\n\r\nif(@(get-pssnapin | where-object {$_.Name -eq \"sqlserverprovidersnapin100\"}).count -eq 0) {add-pssnapin sqlserverprovidersnapin100}\r\nif(@(get-pssnapin | where-object {$_.Name -eq \"sqlservercmdletsnapin100\"}).count -eq 0) {add-pssnapin sqlservercmdletsnapin100}\r\nif(@(get-module | where-object {$_.Name -eq \"ActiveDirectory\"}).count -eq 0) {import-module ActiveDirectory}\r\n\r\n$sqlLocation = \"SQLSERVER:\\SQL\\$DBServer\\DEFAULT\\Databases\\FIMService\"\r\n$currentLocation = get-location\r\nif ($currentLocation.Path -ne $sqlLocation) {set-location $sqlLocation}\r\n#------------------------------------------------------------------------------------------------------\r\n#Get details about current Admin account\r\nwrite-host\r\nwrite-host \"Current Admin account:\"\r\n\r\n$sqlQuery = \"SELECT CONVERT(varchar(max),SecurityIdentifier,1) \"`\r\n        + \"FROM [FIMService].[fim].[UserSecurityIdentifiers] \"`\r\n        + \"where UserObjectKey = 2340\"\r\n$oldSid = Invoke-SQLCmd $sqlQuery -SuppressProviderContextWarning\r\nwrite-host \"  SID:\" $oldSid.Column1\r\n\r\n$sqlQuery = \"SELECT ValueString \"`\r\n          + \"FROM [FIMService].[fim].[ObjectValueString] \"`\r\n            + \"where ObjectKey = 2340 \"`\r\n            + \"and AttributeKey = 1\"\r\n$oldAccountName = Invoke-SQLCmd $sqlQuery -SuppressProviderContextWarning\r\nwrite-host \"  AccountName:\" $oldAccountName.ValueString\r\n\r\n$sqlQuery = \"SELECT ValueString \"`\r\n          + \"FROM [FIMService].[fim].[ObjectValueString] \"`\r\n            + \"where ObjectKey = 2340 \"`\r\n            + \"and AttributeKey = 66\"\r\n$oldDisplayName = Invoke-SQLCmd $sqlQuery -SuppressProviderContextWarning\r\nwrite-host \"  DisplayName:\" $oldDisplayName.ValueString\r\n\r\n$sqlQuery = \"SELECT ValueString \"`\r\n          + \"FROM [FIMService].[fim].[ObjectValueString] \"`\r\n            + \"where ObjectKey = 2340 \"`\r\n            + \"and AttributeKey = 117\"\r\n$oldMailNickname = Invoke-SQLCmd $sqlQuery -SuppressProviderContextWarning\r\nwrite-host \"  MailNickname:\" $oldMailNickname.ValueString\r\n\r\n$sqlQuery = \"SELECT ValueString \"`\r\n          + \"FROM [FIMService].[fim].[ObjectValueString] \"`\r\n            + \"where ObjectKey = 2340 \"`\r\n            + \"and AttributeKey = 68\"\r\n$oldDomain = Invoke-SQLCmd $sqlQuery -SuppressProviderContextWarning\r\nwrite-host \"  Domain:\" $oldDomain.ValueString\r\n\r\nwrite-host\r\n\r\n#------------------------------------------------------------------------------------------------------\r\n#Get details about New Admin Account\r\nwrite-host \"Replace with New Admin Account:\"\r\n\r\n$newSid = GetSidAsHex -AccountName $AccountName -Domain $Domain\r\n$newSid = \"0x\" + $newSid\r\nwrite-host \"  SID:\" $newSid\r\nwrite-host \"  AccountName:\" $AccountName\r\n\r\n$objDC = Get-ADDomainController -Discover -DomainName $Domain\r\n$DC = [string]$objDC.HostName\r\n$filter = \"sAMAccountName -eq \"\"$AccountName\"\"\"\r\n$user = Get-ADObject -Filter $filter -Properties * -Server $DC\r\n$newDisplayName = $user.DisplayName\r\nwrite-host \"  DisplayName:\" $newDisplayName\r\n\r\nwrite-host \"  MailNickname:\" $AccountName\r\nwrite-host \"  Domain:\" $Domain\r\nwrite-host\r\n\r\n#------------------------------------------------------------------------------------------------------\r\nwrite-host \"Continue? y\/n\"\r\n$continue = $host.UI.RawUI.ReadKey(\"NoEcho,IncludeKeyDown\")\r\nif ($continue.Character -eq \"y\" -or $continue.Character -eq \"Y\") {\r\n\r\nwrite-host \"Udating FIMService database:\"\r\n\r\n$sqlQuery = \"UPDATE[FIMService].[fim].[UserSecurityIdentifiers] \"`\r\n        + \"SET SecurityIdentifier = $newSID\"`\r\n        + \"where UserObjectKey = 2340\"\r\nInvoke-SQLCmd $sqlQuery -SuppressProviderContextWarning\r\nwrite-host \"  Changed SID,\"\r\n\r\n$sqlQuery = \"UPDATE [FIMService].[fim].[ObjectValueString] \"`\r\n            + \"set ValueString = '$AccountName' \"`\r\n            + \"where ObjectKey = 2340 \"`\r\n            + \"and AttributeKey = 1\"\r\nInvoke-SQLCmd $sqlQuery -SuppressProviderContextWarning\r\nwrite-host \"  Changed AccountName,\"\r\n\r\n$sqlQuery = \"UPDATE [FIMService].[fim].[ObjectValueString] \"`\r\n            + \"set ValueString = '$newDisplayName' \"`\r\n            + \"where ObjectKey = 2340 \"`\r\n            + \"and AttributeKey = 66\"\r\nInvoke-SQLCmd $sqlQuery -SuppressProviderContextWarning\r\nwrite-host \"  Changed DisplayName,\"\r\n\r\n$sqlQuery = \"UPDATE [FIMService].[fim].[ObjectValueString] \"`\r\n            + \"set ValueString = '$AccountName' \"`\r\n            + \"where ObjectKey = 2340 \"`\r\n            + \"and AttributeKey = 117\"\r\nInvoke-SQLCmd $sqlQuery -SuppressProviderContextWarning\r\nwrite-host \"  Changed MailNickname,\"\r\n\r\n$sqlQuery = \"UPDATE [FIMService].[fim].[ObjectValueString] \"`\r\n            + \"set ValueString = '$Domain' \"`\r\n            + \"where ObjectKey = 2340 \"`\r\n            + \"and AttributeKey = 68\"\r\nInvoke-SQLCmd $sqlQuery -SuppressProviderContextWarning\r\nwrite-host \"  Changed Domain.\"\r\nwrite-host\r\n}\r\n\r\n#------------------------------------------------------------------------------------------------------\r\nnet start FIMService<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>PARAM([string]$AccountName,[string]$Domain,[string]$DBServer=&#8221;localhost&#8221;) #&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212; # Change FIM Portal Admin account # # Written by Carol Wapshere # # Notes: # &#8212; Intended use is creating a DEV environment using a production DB &#8211; has not been tested in Prod! # &#8212; This script directly modifies the FIMService database &#8211; please back it up first! # # Usage:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"open","ping_status":"closed","template":"","meta":{"jetpack_post_was_ever_published":false,"footnotes":""},"class_list":["post-1909","page","type-page","status-publish","hentry"],"jetpack_shortlink":"https:\/\/wp.me\/Pkp1o-uN","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.wapshere.com\/missmiis\/wp-json\/wp\/v2\/pages\/1909","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.wapshere.com\/missmiis\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.wapshere.com\/missmiis\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.wapshere.com\/missmiis\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wapshere.com\/missmiis\/wp-json\/wp\/v2\/comments?post=1909"}],"version-history":[{"count":2,"href":"https:\/\/www.wapshere.com\/missmiis\/wp-json\/wp\/v2\/pages\/1909\/revisions"}],"predecessor-version":[{"id":1911,"href":"https:\/\/www.wapshere.com\/missmiis\/wp-json\/wp\/v2\/pages\/1909\/revisions\/1911"}],"wp:attachment":[{"href":"https:\/\/www.wapshere.com\/missmiis\/wp-json\/wp\/v2\/media?parent=1909"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}