Category: PowerShell

We all need to install FIM Automation cmdlets on different server/client at some stage, why on earth Microsoft didn’t make this easier I will never know. But again in true Ninja fashion I have automated the install in PowerShell……Peep this!

#Make sure the Microsoft.ResourceManagement.dll, Microsoft.ResourceManagement.Automation.dll and the Microsoft.IdentityManagement.Logging.dll are all in the current directory.
set-alias installutil $env:windir\Microsoft.NET\Framework\v2.0.50727\installutil
installutil .\Microsoft.ResourceManagement.Automation.dll
$installdir = "C:\Install"
Set-location $installdir
[System.Reflection.Assembly]::Load("System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a")
$publish = New-Object System.EnterpriseServices.Internal.Publish
$publish.GacInstall($installdir + "\Microsoft.ResourceManagement.dll")
$publish.GacInstall($installdir +"\Microsoft.IdentityManagement.Logging.dll")
#The following lines remove the MIM dll's out of the GAC if required at some later stage.
#$publish.GacRemove($installdir + "\Microsoft.ResourceManagement.dll")
#$publish.GacRemove($installdir +"\Microsoft.IdentityManagement.Logging.dll")

Now, the title says SAP but this works for any WebService but the datatypes returned will be different. I was surprised how easy and powerful this is I was recently working on a SAP project so I knocked together a quick Powershell POC script to troubleshoot some problems I was having. You could use a script like this in the MIMWAL workflow or in a Powershell Management agent if coding an extensible MA gives you shudders and you need to connect to a SAP system via WebServices.

So you need your WSDL url or file before you begin and an idea of some of the Datatypes and functions/methods sat behind that the below example is using a couple of custom functional BAPI’s created this will be different to your particular environment.

$webSites = get-WebSite
$global:index=-1
$webSites |  Format-Table -Property @{name="index";expression={$global:index;$global:index+=1}},name
$sitenameindex = read-host -Prompt "Enter Site index"
$sitename = $webSites[$sitenameindex].name

try
{
$RuleName = "HTTPS Redirect"
$Rule = @{
 Name = $RuleName
 patternSyntax = 'ECMAScript'
 stopProcessing = 'True'
 match = @{
  url = '(.*)'
  ignoreCase = 'True'
  negate = 'False'
 }
 conditions = @{
  logicalGrouping = 'MatchAll'
  trackAllCaptures = 'True'
 }
 action = @{
  type = 'Redirect'
  url = 'https://{HTTP_HOST}/{R:1}'
  appendQueryString = 'False'
  redirectType = 'Permanent'
 }
}
Add-WebConfigurationProperty -PSPath "IIS:\Sites\$SiteName" -Filter "/system.webServer/rewrite/rules" -Name "." -Value $Rule 
$match = @{
 input = '{HTTPS}'
 matchType = 'Pattern'
 pattern = 'off'
 ignoreCase = 'True'
 negate = 'False'
}
Add-WebConfigurationProperty -PSPath "IIS:\Sites\$SiteName" -Filter "/system.webServer/rewrite/rules/rule[@Name='$RuleName']/conditions" -Name "." -Value $match


$RuleName = "Redirect to MIM Site"
$Rule = @{
 Name = $RuleName
 patternSyntax = 'ECMAScript'
 stopProcessing = 'True'
 match = @{
  url = '^$'
  ignoreCase = 'True'
  negate = 'False'
 }
 action = @{
  type = 'Redirect'
  url = '/IdentityManagement/default.aspx'
  appendQueryString = 'False'
  redirectType = 'Permanent'
 }
}
Add-WebConfigurationProperty -PSPath "IIS:\Sites\$SiteName" -Filter "/system.webServer/rewrite/rules" -Name "." -Value $Rule
}
catch
{
Write-Host "There was a problem............." -ForegroundColor Red
write-host $_.Exception.Message -ForegroundColor Red
exit
}
Write-Host "$sitename has been updated successfully...........Enjoy!" -ForegroundColor Green

This is a very simple example that shows how easy it is with some custom function SAP BAPI’s created, now it would be even easier if there was one function that returned the user details in one go. I would always insist on this if I was doing a project for a customer. However that inevitably requires external resource of a SAP consultant so becomes problematic, the default SAP BAPI’s are horrendously complicated with nested data tables and multiple calls so try and avoid them like the plague.

The Microsoft documentation on this subject is pretty good for a change and can be found here.

 

Just a quick one as this has been discussed on the net before but if you are trying to run Azure PowerShell cmdlets in a MIMWAL workflow or embedded in a custom work flow and get the below error:

Import-Module : Could not load file or assembly ‘file:///C:\Windows\system32\WindowsPowerShell\v1.0\Modules\MSOnline\Microsoft.Online.Administration.Automation.PSModule.dll’ or one of its dependencies. This assembly is built by a runtime newer than the currently loaded runtime and cannot be loaded.

This is because the MIMWAL is built on the .net framework 3.5 whereas the later Azure PowerShell cmdlets are built on .net 4, if you can live with the older functionality the easy fix is to install version 1 of the cmdlets 64 bit from here or here for the 32 bit versions these are build 8362.1 so getting a bit old but have most of the required functionality. The whole list of versions is here but anything later than 8362.1 will not work. The other option is to take your script out of the workflow and trigger it externally.