Creates an administrator in the FIM/MIM service from an existing AD account

Add-MIMAdministrator.ps1

#Requires -Version 3
#Requires -Modules LithnetRMA

[CmdletBinding()]

Param (
    # Username of the user to add
    [Parameter(Mandatory = $true)]
    [ValidateNotNullOrEmpty()]
    [string]
    $UserName = "robin",

    # Domain of the user to add
    [Parameter(Mandatory = $true)]
    [ValidateNotNullOrEmpty()]
    [string]
    $DomainName = "FROOSHNET",
    
    # MIM Service base address/servername
    [ValidateNotNullOrEmpty()]
    [string]
    $BaseAddress = "localhost",

    # MIM Service Credentials
    [PSCredential]
    $Credentials
)

Set-StrictMode -Version Latest
$ErrorActionPreference = [System.Management.Automation.ActionPreference]::Stop

if ($PSBoundParameters.Keys -contains "Credentials") {
    $MIMCredentials = @{Credentials = $Credentials}
} else {
    $MIMCredentials = $null
}

Set-ResourceManagementClient -BaseAddress $BaseAddress @MIMCredentials

$NTAccount = New-Object -TypeName System.Security.Principal.NTAccount -ArgumentList $DomainName, $UserName
$SID = $NTAccount.Translate([System.Security.Principal.SecurityIdentifier]) 

$ADSIUser = [adsi]"LDAP://<SID=$($SID.Value)>"
$DisplayName = $ADSIUser.displayName[0]

$SIDBytes = New-Object -TypeName byte[] -ArgumentList $SID.BinaryLength
$SID.GetBinaryForm($SIDBytes, 0)

# Create the resource
$MIMPerson = New-Resource -ObjectType Person
$MIMPerson.AccountName = $UserName
$MIMPerson.Domain      = $DomainName
$MIMPerson.DisplayName = $DisplayName
$MIMPerson.ObjectSID   = $SIDBytes
Save-Resource -Resources $MIMPerson

# Add to "Administrators" set
$MIMSet = Get-Resource -ObjectType Set -AttributeName DisplayName -AttributeValue Administrators
$MIMSet.ExplicitMember.Add($MIMPerson) | Out-Null
Save-Resource -Resources $MIMSet

Write-Information -Tags Success -MessageData "'$DisplayName' Added to MIM Set '$($MIMSet.DisplayName)'" -InformationAction Continue