Last active
October 30, 2018 04:49
-
-
Save darrenjrobinson/193782384ab71dfe65096ad55a436244 to your computer and use it in GitHub Desktop.
Bulk Update SailPoint IdentityNow Entities Manager Attribute via API and PowerShell. Associated Blog Post https://blog.darrenjrobinson.com/lifecycle-management-of-identities-in-sailpoint-identitynow-via-api-and-powershell/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Your API Client ID | |
| $clientID = 'yourClientID' | |
| # Your API Client Secret | |
| $clientSecret = 'yourClientSecret' | |
| $Bytes = [System.Text.Encoding]::utf8.GetBytes("$($clientID):$($clientSecret)") | |
| $encodedAuth = [Convert]::ToBase64String($Bytes) | |
| # Your IdentityNow Tenant Name | |
| $orgName = 'yourTenantOrgName' | |
| $searchLimit = '1000' | |
| # Source Name in IdentityNow that contains the Accounts that will be updated | |
| $sourceName = "External Entities" | |
| # Queries for all users in NSW to update with a Manager | |
| $query = 'attributes.state:NSW' | |
| # Search URI | |
| $URI = "https://$($orgName).api.identitynow.com/v2/search/identities?" | |
| # Update Accounts Base URI | |
| $updateBaseURI = "https://$($orgName).api.identitynow.com/v2/accounts/" | |
| # Search Accounts to update Mgr for | |
| $searchResults = Invoke-RestMethod -Method Get -Uri "$($URI)limit=$($searchLimit)&query=$($query)" -Headers @{Authorization = "Basic $($encodedAuth)" } | |
| write-host "$($searchResults.Count) found" | |
| # Mgr to find | |
| $manager = "Rick Sanchez" | |
| $queryManager = "attributes.displayName:" + '"' + "$($manager)" + '"' | |
| # Search for Manager | |
| $mgrSearchResults = Invoke-RestMethod -Method Get -Uri "$($URI)limit=$($searchLimit)&query=$($queryManager)" -Headers @{Authorization = "Basic $($encodedAuth)" } | |
| write-host "$($mgrSearchResults.Count) found" | |
| if ($mgrSearchResults.Count -eq 1) { | |
| foreach ($identity in $mgrSearchResults) { | |
| Write-host "Manager $($identity.displayName)" | |
| $mgrID = $null | |
| foreach ($account in $mgrSearchResults.accounts) { | |
| If ($account.source.name.Equals($sourceName)) { | |
| $mgrId = $account.accountId | |
| } | |
| } | |
| } | |
| } | |
| # Update Users with Manager | |
| foreach ($identity in $SearchResults) { | |
| Write-host "Updating Manager for: $($identity.displayName)" | |
| $id = $null | |
| foreach ($account in $identity.accounts) { | |
| If ($account.source.name.Equals($sourceName)) { | |
| $id = $account.id | |
| } | |
| } | |
| if ($id -and $mgrid) { | |
| $updateURI = "$updateBaseURI$($id)?org=$($orgName)" | |
| $body = @{ | |
| "manager" = $mgrId | |
| } | |
| $body = $body | ConvertTo-Json | |
| try { | |
| Invoke-RestMethod -Uri $updateURI -Method Patch -Body $body -Headers @{Authorization = "Basic $($encodedAuth)"; 'Content-Type' = 'application/json' } | |
| } | |
| catch { | |
| write-host -forgroundcolor yellow "Well, that didn't work. Check your script" | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment