Thursday, June 26, 2014

Get Sync Rules with AAD Sync Cmdlets

Poking around the PowerShell module for AAD Sync is pretty neat, and shows some real differences between FIM Sync and AAD Sync.

First step is to just load the module, so far I’ve only tried this on the same computer where AAD Sync is installed.

### Import the AAD Sync module

Import-Module PowerShellConfig

In my last post I already showed how to list the commands in the module.  In this post I look at Sync Rules.  A nice way to view objects in PowerShell is to just use Out-GridView because it allows you to interactively sort and filter.


### Look at the sync rules in a nice interactive table

Get-SynchronizationRule | Out-GridView

An object’s properties are only half of the value.  To see what the object will actually do, look at the methods too.


### Look at the objects and properties of the Sync Rule objects

Get-SynchronizationRule | Get-Member



Name                          MemberType

----                          ----------

AddAttributeFlowMapping           Method

AddJoinConditionGroup             Method

AddScopeConditionGroup            Method

CheckImmutableProperties          Method

Clone                             Method

Equals                            Method

GetHashCode                       Method

GetJoinHash                       Method

GetSchema                         Method

GetType                           Method

ReadXml                           Method

RemoveAttributeFlowMapping        Method

RemoveJoinConditionGroup          Method

RemoveScopeConditionGroup         Method

ToString                          Method

Validate                          Method

WriteXml                          Method

WriteXmlAttributeFlowMappings     Method

WriteXmlJoinFilter                Method

WriteXmlScopeFilter               Method

AttributeFlowMappings           Property

Connector                       Property

Description                     Property

Direction                       Property

Identifier                      Property

ImmutableTag                    Property

JoinFilter                      Property

LinkType                        Property

Name                            Property

Precedence                      Property

PrecedenceAfter                 Property

ScopeFilter                     Property

SoftDeleteExpiryInterval        Property

SourceNamespaceId               Property

SourceObjectType                Property

TargetNamespaceId               Property

TargetObjectType                Property

Version                         Property



There’s some interesting detail in there.  For example, what is that ‘Version’ property?  An optimist might guess that sync rules are internally source controlled by the sync engine such that rule changes could be tracked and rolled back.  Works for drivers on my Windows computer, why not sync rules?  BTW - I tried that, and my optimism wasn’t rewarded yet.  However, my optimism is still pretty high because this is just one cmdlet out of nearly 60, and already this replaces a lot of what I’ve had to write code for in the past.

No comments: