First published on MSDN on Oct 09, 2014
I Thought I would play around with the Scripts to query for users who have registered for SSPR and for those who have not. The following Script prompts the user running the script to Enter the number 1 to query all users who have registered for SSPR or to enter the number 2 to query all users who have not registered for SSPR.
Additionally I have added additional columns to show the queried users Account Name, Email address, and Manager.
set-variable -name URI -value " http://localhost:5725/resourcemanagementservice' " -option constant
clear
If(@(Get-PSSnapin | Where-Object {$_.Name -eq "FIMAutomation"} ).count -eq 0) {Add-PSSnapin FIMAutomation}
$WFDFilter = "/WorkflowDefinition[DisplayName='Password Reset AuthN Workflow']"
$curObjectWFD = export-fimconfig -uri $URI –onlyBaseResources -customconfig ($WFDFilter) -ErrorVariable Err -ErrorAction SilentlyContinue
$WFDObjectID = (($curObjectWFD.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "ObjectID"}).value).split(":")[2]
### Registered or non registered users ###
## This section Prompts for input to determine query for registered or users not registered for sspr ##
function Prompt-ForInput
{
Param($message)
$success = "n"
while($success -ne "" -and $success.ToLower() -ne "yes")
{
$val = Read-Host $message
$success = Read-Host "You entered: $val. Is this correct? Enter Yes or No"
}
return $val
}
# Questions
$SSPRRegistration = Prompt-ForInput "Enter 1 for Registered or 2 for NOT Registered"
if($SSPRRegistration -eq "1")
{
$Filter = "/Person[AuthNWFRegistered = '$WFDObjectID']"
set-variable -name CSV -value "Users Registered for Password Reset.csv"
}
elseif($SSPRRegistration -eq "2")
{
set-variable -name CSV -value "Users Not Registered for Password Reset.csv"
$Filter = "/Person[not(AuthNWFRegistered = '9c3aca59-a85c-437f-bb67-9ce5a70521d7')]"
}
$curObject = export-fimconfig -uri $URI –onlyBaseResources -customconfig ($Filter) -ErrorVariable Err -ErrorAction SilentlyContinue
[array]$users = $null
foreach($Object in $curObject)
{
$ResetPass = New-Object PSObject
$UserDisplayName = (($Object.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "DisplayName"}).Value)
$ResetPass | Add-Member NoteProperty "DisplayName" $UserDisplayName
$UserAccountName = (($Object.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "AccountName"}).Value)
$ResetPass | Add-Member NoteProperty "AccountName" $UserAccountName
$UserEmail = (($Object.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "Email"}).Value)
$ResetPass | Add-Member NoteProperty "Email" $UserEmail
$UserManager = (($Object.ResourceManagementObject.ResourceManagementAttributes | Where-Object {$_.AttributeName -eq "Manager"}).Value)
$ResetPass | Add-Member NoteProperty "Manager" $UserManager
$Users += $ResetPass
}
$users | export-csv -path $CSV
## http://blogs.msdn.com/connector_space ##
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.