Just a follow-up to a previous post. Here are two sample FIM XPath filters based on the RequestStatus values.
Friday, July 15, 2011
At its core, FIM is just an integration tool, and identity management has always been about the applications. This is an exciting time for FIM and identity management because ‘to the cloud’ seems to be great motivation to drive change into applications that are normally really hard to change.
My overall take is:
- Federate where you can
- Synchronize where you must
But it is never this simple, and tools like FIM will always be required so it is good to hear that Microsoft has plans for FIM to make cloud integration easier.
To me this is analogous to FIM’s early days when Active Directory was the big push, and FIM (then called MMS) was used to accelerate the adoption of Active Directory by getting application data into the DS thereby making it a reasonable target for other applications (remember directory-enabled applications?). If I ruled the world (or at least a significant amount of Microsoft) then I’d again position FIM in this way, only this time using it to accelerate adoption of Azure/Office365 by
easing eliminating the pain of the hybrid enterprise.
Anyhow, maybe the new article above is an indication of Microsoft moving FIM in this direction. Time will tell, at least until I rule the world.
I’m writing a small function to tell me when a FIM Request has completed, so need to know the possible status values of a FIM Request. Some digging around in Visual Studio using Class View unearthed an Enum for this in the FIM DLL.
The PowerShell one-liner below will display all the possible Request status values (called RequestStatusType).
Below are the results of the one-liner, showing all the possible FIM Request status values. HINT: the highlighted ones represent a FIM Request is that is done (can’t reach any other status).
Thursday, July 07, 2011
Working with the output from Export-FimConfig is not always fun because you have to dig hard to get attributes off an object.
This function I just whipped up will convert a FIM ExportObject to a PowerShell PSObject. The advantage here is that you can then use dot-notation <sp?> to dig out the attributes.
For example the Export-FimConfig used like this produces the output below.
Now using the fancy new function we get:
In addition, it is easier to get at the attributes for each object:
Finally, here is the function: