Skip to content

Instantly share code, notes, and snippets.

View KentNordstrom's full-sized avatar

Kent Nordström KentNordstrom

View GitHub Profile
KentNordstrom / SetDBAlias.ps1
Created March 16, 2017 13:31
Add/Update your SQL Aliases using PowerShell
View SetDBAlias.ps1
This script adds/updates SQL Aliases on the local machine.
It can be implemented as function in your deployment scripts when installing FIM/MIM
or other application using SQL Aliases.
#Alias to be added to local machine
$dbAlias = "DBMSSOCN,$TargetServer,$TargetPort"
KentNordstrom / CreateSyncStatisticDB.ps1
Last active April 22, 2018 10:08
Scripts to save synchronization statistics (Pending Exports) to SQL
View CreateSyncStatisticDB.ps1
Script that creates SQL DB to store Pending Exports in MIM MAs into SQL for Statistical analysis.
PARAM([string]$SQLServer = "dbFIMSync", [string]$DBName = "FIMSyncStatistics",[string]$ScheduleAccount="AD\svcMIMAdmin")
#region Modules
Import-Module LithnetMIISAutomation
Import-Module SqlServer
KentNordstrom / WaitForWF.ps1
Created May 3, 2018 19:47
A script that checks if Requests to the FIMService are still in PostProcessing mode.
View WaitForWF.ps1
Script that waits for WF triggered by requests.
Used in Schedules to get dynamic sleep time before importing results after export to FIM Service.
Default Creator is Built-in Synchronization Account.
Requires the LithnetRMA PowerShell module from
[string]$Creator = 'fb89aefa-5ea1-47f1-8890-abe7797d6497',
KentNordstrom / DeltaRun.ps1
Created May 12, 2018 06:42
Script for running MIM Synchronization Service in a controlled way.
View DeltaRun.ps1
Script to run Synchronization of MIM.
Requires the LithnetMiisAutomation PowerShell module from
Parameter that will disable Exports to External Systems. Only FIMService will receive Exported data.
KentNordstrom / HelloForBusinessPermissionsOnAdminSDHolder.ps1
Created July 17, 2018 07:20
Allow Hello For Business on Protected Accounts by adding permissions to AdminSDHolder container.
View HelloForBusinessPermissionsOnAdminSDHolder.ps1
Script to give Azure AD Connect Permission on Protected users that want to use Hello For Business in Hybrid Deployment.
Gives read/write to msDS-KeyCredentialLink and msDS-ExternalDirectoryObjectID by setting permissions on AdminSDHolder container.
$ADDomain = Get-ADDomain
KentNordstrom / BeginImport.ps1
Created April 15, 2018 14:43
Use the Microsoft Generic PowerShell Connector to connect to MS Graph
View BeginImport.ps1
param (
[System.Collections.ObjectModel.KeyedCollection[[string], [Microsoft.MetadirectoryServices.ConfigParameter]]] $ConfigParameters,
[PSCredential] $PSCredential,
[Microsoft.MetadirectoryServices.OpenImportConnectionRunStep] $OpenImportConnectionRunStep,
[Microsoft.MetadirectoryServices.Schema] [ValidateNotNull()] $Schema
[string]$watermark = $OpenImportConnectionRunStep.CustomData #Used if Delta Import
if($OpenImportConnectionRunStep.ImportType -eq 'Delta' -and !$watermark){throw ("Full Import Required. No watermark found.")}
KentNordstrom / RemoveMultiValueValues.ps1
Last active November 12, 2018 18:04
Remove Values from MultiValue Attribute
View RemoveMultiValueValues.ps1
Script to remove values from MultiValue attribute based on search criteria.
[string]$MultiValueAttribute = 'emailAlias',
[string]$SearchValue = '',
KentNordstrom / InstallMIMSync.ps1
Last active December 16, 2018 18:43
Script to install MIM Synchronization Service
View InstallMIMSync.ps1
Installs MIM Synchronization Service
Expects the MIM ISO file to install from in the MediaFolder.
Script will ask for ServiceAccount password.
Typically the SQL Server is an SQL Alias
Please update the Parameters region to meet your own needs.
KentNordstrom / RedirectToMIMPortal.ps1
Last active January 29, 2019 10:06
Redirect to MIM Portal to make it the Welcome Page in the underlying SharePoint.
View RedirectToMIMPortal.ps1
Script to Redirect to /IdentityManagement on MIM Portal Server.
Defaults to expecting the only SPSite to be MIM Portal Site.
Intended to be run from SharePoint Management Shell.
Users need Read Access to RootFolder for this to work.
Script gives Read to Authenticated Users by default.
KentNordstrom / EnableHybridReportingInMIM.ps1
Created May 3, 2018 19:14
Enable Hybrid Reporting in MIM 2016 without installing the MIMReportingAgent
View EnableHybridReportingInMIM.ps1
Script to manually configure MIM 2016 Hybrid Reporting without installing the Agent as described in
# Step 1. Create the EventLog to store the MIM Request Events in.
New-EventLog -LogName "Identity Manager Request Log" -Source "Microsoft.IdentityManagement.Service"
# Step 2. Add hybrid reporting setting in FIMService config file. Setting hybridReportingRequestLoggingEnabled="true"