This project has moved. For the latest updates, please go here.

Configuration Management

The PowerShell module has its own built-in support for configuration management and control within the FIM service. Using an XML file, you can define how resources should appear in the FIM service, and use the Import-RMConfig cmdlet to create, update, and delete resources and attributes as appropriate.
The module also supports the use of variables and placeholders to make transitioning configuration between environments as seamless as possible.

XML File Reference

Referencing within the XML file

The XML file structure allows you to not only reference objects in the FIM Service, but also to reference other resources described in XML. This can ensure referential integrity and maintain relationships between objects that may or may not have been created in the FIM service. See the topic on Building References for more information

Sample XML file

The following demonstrates how to describe a set, workflow and MPR in an XML file that can be applied using the Import-RMConfig cmdlet.
<?xml version="1.0" encoding="utf-8" ?>
<Lithnet.ResourceManagement.ConfigSync>
  <Variables>
    <Variable name="#domain#" value="%userdomain%"/>
    <Variable name="#PATH#" value =".\" />
  </Variables>
  
  <Operations>
    <!-- Create Set -->
    <ResourceOperation operation="Add Update" resourceType="Set" id="demoSet">
      <AnchorAttributes>
        <AnchorAttribute>DisplayName</AnchorAttribute>
      </AnchorAttributes>
      <AttributeOperations>
        <AttributeOperation operation="replace" name="DisplayName">___Demo Set</AttributeOperation>
        <AttributeOperation operation="replace" name="Description">Contains all the test users for the purpose of this demo</AttributeOperation>
        <AttributeOperation operation="replace" name="Filter" type="filter">/Person[starts-with(AccountName, 'testuser')]</AttributeOperation>
      </AttributeOperations>
    </ResourceOperation>
	
  <!-- Create Email Template -->
  <ResourceOperation operation="Add Update" resourceType="EmailTemplate" id="demoEmailTemplate">
      <AnchorAttributes>
        <AnchorAttribute>DisplayName</AnchorAttribute>
      </AnchorAttributes>
      <AttributeOperations>
        <AttributeOperation operation="replace" name="DisplayName">___Demo Email Template</AttributeOperation>
        <AttributeOperation operation="replace" name="Description">An email template created for the purpose of this demo</AttributeOperation>
        <AttributeOperation operation="replace" name="EmailTemplateType">Notification</AttributeOperation>
        <AttributeOperation operation="replace" name="EmailBody" type="file">#PATH#Templates\EmailTemplate.html</AttributeOperation>
        <AttributeOperation operation="replace" name="EmailSubject">Hello FIM user group</AttributeOperation>
      </AttributeOperations>
    </ResourceOperation>
	
  <!-- Create Workflow Definition -->
  <ResourceOperation operation="Add Update" resourceType="WorkflowDefinition" id="demoWorkflowDefinition">
      <AnchorAttributes>
        <AnchorAttribute>DisplayName</AnchorAttribute>
      </AnchorAttributes>
      <AttributeOperations>
        <AttributeOperation operation="replace" name="DisplayName">___Demo Workflow Definition</AttributeOperation>
        <AttributeOperation operation="replace" name="Description">Sends an account expiry notification email to users email address2</AttributeOperation>
        <AttributeOperation operation="replace" name="XOML" type="file">#PATH#Templates\WFDemo.xml</AttributeOperation>
        <AttributeOperation operation="replace" name="RequestPhase">Action</AttributeOperation>
        <AttributeOperation operation="replace" name="RunOnPolicyUpdate">false</AttributeOperation>
      </AttributeOperations>
    </ResourceOperation>
	
  <!-- Create MPR -->
  <ResourceOperation operation="Add Update" resourceType="ManagementPolicyRule" id="demoMPR">
      <AnchorAttributes>
        <AnchorAttribute>DisplayName</AnchorAttribute>
      </AnchorAttributes>
      <AttributeOperations>
        <AttributeOperation operation="replace" name="DisplayName">___Demo MPR - Triggers Workflow</AttributeOperation>
        <AttributeOperation operation="replace" name="Description">Triggers the "##xmlref:demoWorkflowDefinition:DisplayName##" workflow when a user account transitions into the "##xmlref:demoSet:DisplayName##" set</AttributeOperation>
        <AttributeOperation operation="replace" name="ActionParameter">*</AttributeOperation>
        <AttributeOperation operation="replace" name="ActionType">TransitionIn</AttributeOperation>
        <AttributeOperation operation="replace" name="ActionWorkflowDefinition" type="xmlref">demoWorkflowDefinition</AttributeOperation>
        <AttributeOperation operation="replace" name="Disabled">false</AttributeOperation>
        <AttributeOperation operation="replace" name="GrantRight">false</AttributeOperation>
        <AttributeOperation operation="replace" name="ManagementPolicyRuleType">SetTransition</AttributeOperation>
        <AttributeOperation operation="replace" name="ResourceFinalSet" type="xmlref">demoSet</AttributeOperation>
      </AttributeOperations>
    </ResourceOperation>
  </Operations>
</Lithnet.ResourceManagement.ConfigSync>

Last edited Aug 21, 2015 at 2:42 AM by ryannewington, version 4