FIM Portals: Use PowerShell Showing number of SETs a User Is a Member Of

Microsoft Tech Net Link
http://social.technet.microsoft.com/wiki/contents/articles/22814.fim-portals-use-powershell-showing-number-of-sets-a-user-is-a-member-of.aspx

Use PowerShell to Back Up Group Membership

What i found in one of the Change in Production FIM 2010 to fix something leads to break of group membership of the new user. Always advise to have group membership back up of your environment before implementing change that may break group membership of the user.Thank God Nothing was break for the existing user only then realize how important to keep the back up.

Steps: 

Take a Group Membership back up.

Back-Up Steps: 

Recover the Group Membership from back Up.

Create a backup folder where the entire user in AD will have their Group Membership having its own txt file with samaccountname, In case need to back up -the PowerShell can be point to the each txt to add back the group membership.

How to take Group Membership back-Up.

To search user with all the properties

Get-ADUSer -filter * -properties *

To select attribute we have to pipe it out

Get-ADUSer -filter * -properties * | Select name,samaccountname

OR

Get-ADUSer -filter * -properties * | %{
$x=$_.samaccountname
$x
}

The Output will show the attribute of the user, if you want to make further search you have to capture all the attribute in array.

Function FindGroupmember  {
   [CmdletBinding()]
   Param(
                 [Parameter(Mandatory=$true,ValueFromPipeline=$true)]
                 [string[]] $value    
              )
Begin {}
Process{
     foreach($i in $value) {
      # Write-Host  "=== Finding Group Membership of $i========"
     Write-Output "=== Finding Group Membership of $i========"
     $y=Get-ADUSer -identity $i -properties * 
     $z=($y.memberof -split (",")  | Select-String -SimpleMatch "CN=") -replace "CN=",""
     $z  # To display the output.
     # The below is the path to backup in csv
     $z >>C:\Users\Administrator\Desktop\Backup.csv
     $z >>C:\Users\Administrator\Desktop\Test\$i.txt
                                          }
             }
End {}
 }
Import-Module ActiveDirectory
$a=@( ) # Dynamic array
Get-ADUSer -filter * -properties * | %{
$x=$_.samaccountname
$a+=$x
}
FindGroupmember  -value $a

I have intensely strike Write-Host cmdlet after reading  Jeffrey Snover's blog

I am closing this topic with the line . Make sure you know what you are doing before you start to make changes you do not understand

List of Users in Multiple Domain..

How to find user in multiple domain, PowerShell by default will point to parent domain and will not fetch the result in child domain.When u will get list of users containing both  parent and Child domain,PowerShell will not fetch the result for child domain.
The below is the Script which will point to both domain.

How to Use PowerShell to Find all Users Having no Manager in FIM Portal

Microsoft Tech Net Link
http://social.technet.microsoft.com/wiki/contents/articles/22713.how-to-use-powershell-to-find-all-users-having-no-manager-in-fim-portal.aspx

Search Scopes in FIM 2010.

Search Scopes in FIM 2010.

What is the use - To display the attribute in the main UI of the portal.
Taking as example - The Users are not showing their EmployeeID details in the main UI of the portal.

Go to Administrator , Search Scopes, All Users, Results

In Attribute type EmployeeID.
IISRESET

Powershell to find the No of set or Group in FIM

Time to move on...

Time to move on...

Today is my last day in Mphasis an HP company, Thank you so much for providing me all the support and guidance whenever I require.

Team: Onepass \ CIO-Identity Security.

Manager : Mahal Sasidharan
Siddharth Agarwal
Pramod Das
Satisha P
Syama Mohan

Thanks Binu Balan for all the help and encouragement to learn Windows Power Shell & VBScript.

-- Bangalore (27-Sept-2013).