Resources For IT Professionals
Post an article
Wikis - Page Details
  • First published by (Microsoft)
  • When: 12 Jan 2011 2:54 AM
  • Last revision by (cMVP, Microsoft Community Contributo)
  • When: 15 Aug 2013 6:02 AM
  • Revisions: 7
  • Comments: 2
Options
RSSSubscribe to Article (RSS)
Can You Improve This Article?
Positively! Click Sign In to add the tip, solution, correction or comment that will help other users.

Report inappropriate content using these instructions.
Wiki  >  TechNet Articles  >  How to Use PowerShell to Generate the Custom Expression for the Domain Attribute Flow

How to Use PowerShell to Generate the Custom Expression for the Domain Attribute Flow

How to Use PowerShell to Generate the Custom Expression for the Domain Attribute Flow

FIM ScriptBox Item

Summary

The script code below generates the custom expression that is necessary to flow the domain attribute from AD DS to FIM.
The custom expression is stored in the clipboard of your computer.

Please see the following articles for more details:

Script Code

001
002
003
004
005
006
007
008
009
010
011
012
013
014
015
016
017
018
019
020
021
022
023
024
025
026
027
028
029
030
031
032
033
034
035
036
037
038
039
040
041
042
043
044
045
046
047
048
049
050
051
052
053
054
055
#--------------------------------------------------------------------------------------------------------
 Set-Variable -Name ForestDn -Value "DC=Fabrikam,DC=Com" -Option Constant
 Set-Variable -Name DnsRoot  -Value "fabrikam.com"       -Option Constant
#--------------------------------------------------------------------------------------------------------
 Clear-Host
 $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
 $objSearcher.SearchRoot = "LDAP://CN=Partitions,CN=Configuration,$ForestDn" 
 $objSearcher.Filter     = "(&(objectclass=Crossref)(dnsRoot=$DnsRoot)(netBIOSName=*))"
 $dataList = @()
 
 $objSearcher.FindAll() | ForEach{
$Domain = New-Object DirectoryServices.DirectoryEntry "LDAP://$($_.Properties.ncname)"
    If($Domain.objectGuid -eq $null) {Throw "Partition not found"}
$DomainSid = New-Object System.Security.Principal.SecurityIdentifier($Domain.objectSid[0], 0)

$newRecord = new-object psobject
    $newRecord | add-member noteproperty "Path"           $($_.Path)
    $newRecord | add-member noteproperty "NetBIOSName"    $($_.Properties.netbiosname)
    $newRecord | add-member noteproperty "SID"            $DomainSid.ToString()

$dataList += $newRecord
 }

 If($dataList.length -eq 0) {Throw "L:No domain partitions found!"}

 $CustomExpression = ""
 $dataList | ForEach {
    $CustomExpression += 
   "IIF(Eq(Left(ConvertSidToString(objectSid),$($_.SID.Length)),""$($_.SID)""),""$($_.NetBIOSName)"","
 }
 $CustomExpression += """Unknown"""
 $dataList | ForEach {
    $CustomExpression += ")"
 }

 Write-Host "Domain partitions for forest"
 Write-Host "============================"
 Write-Host "Forest : $ForestDn"
 Write-Host "DNS Root: $DnsRoot" 
 $dataList | Format-List
 Write-Host "Custom Expression:"
 Write-Host $CustomExpression
 Write-Host ""
 $CustomExpression | clip
#--------------------------------------------------------------------------------------------------------
 Trap 
 { 
    $exMessage = $_.Exception.Message
    If($exMessage.StartsWith("L:"))
    {write-host "`n" $exMessage.substring(2) "`n" -foregroundcolor white -backgroundcolor darkblue}
    Else 
{write-host "`nError: " $exMessage "`n" -foregroundcolor white -backgroundcolor darkred}
    Exit 1
 }
#--------------------------------------------------------------------------------------------------------

 

note Note
To provide feedback about this script, create a post on the FIM TechNet Forum.
For more FIM related Windows PowerShell scripts, see the FIM ScriptBox.

 

, , , , , [Edit tags]
Leave a Comment
  • Please add 3 and 8 and type the answer here:
  • Post
Wiki - Revision Comment List(Revision Comment)
Sort by: Published Date | Most Recent | Most Useful
Comments
  • 15 Aug 2013 6:02 AM

    Richard Mueller edited Revision 5. Comment: Removed (en-US) from title

  • 19 Feb 2012 3:19 AM

    Craig Lussier edited Revision 4. Comment: added en-US to tags and title

Page 1 of 1 (2 items)
Wikis - Comment List
Sort by: Published Date | Most Recent | Most Useful
Posting comments is temporarily disabled until 10:00am PST on Saturday, December 14th. Thank you for your patience.
Comments
  • Posted by
    on 19 Feb 2012 3:19 AM

    Craig Lussier edited Revision 4. Comment: added en-US to tags and title

  • Posted by
    on 15 Aug 2013 6:02 AM

    Richard Mueller edited Revision 5. Comment: Removed (en-US) from title

Page 1 of 1 (2 items)