Today I needed to reproduce a Microsoft Identity Manager (MIM) workflow issue when users were added to groups. My tolerance for doing it in the MIM Portal waned so I decided to try using the LithnetRMA PowerShell module to do it. In the past I would always use the FIM PowerShell Module for such tasks but now LithnetRMA is an option so I wanted to learn more about it.

Things I like about the LithnetRMA module:

  • Open Source - the code is available on GitHub, even has a solid wiki!
  • PowerShell Gallery - the module can be installed from the PowerShell Gallery (Install-Module -Name LithnetRMA)
  • Code Quality - pretty great looking code
  • Integrates with the MIM Web Services - does not depend on the FIMAutomation PowerShell Snap-In, which makes it more reliable and fast

The experiment was a success! I’m really happy with how easy it was to use. Here’s the sample:

<#
Install the module - choosing CurrentUser Scope so it does not require Administrator privilege
#>
Install-Module -Name LithnetRMA -Scope CurrentUser

<#
Get the user and group objects
#>
$user  = Get-Resource -ObjectType Person -AttributeName AccountName -AttributeValue cmart
$group = Get-Resource -ObjectType Group  -AttributeName DisplayName -AttributeValue cmartppedg5000

<#
Add the user to the group
#>
$group.ExplicitMember.Add($user.ObjectID)
Save-Resource -Resources $group

<#
Remove the user from the group
#>
$group.ExplicitMember.Remove($user.ObjectID)
Save-Resource -Resources $group