darrenjrobinson/GenerateObjectReport.ps1 Secret

## GenerateObjectReport.ps1
# https://github.com/lithnet/resourcemanagement-powershell
Import-Module LithnetRMA
# https://github.com/lithnet/miis-powershell
Import-Module LithnetMiisAutomation

# Output Directory
$ouputdirectory = "c:\temp"
# CSS for the HTML Output
$cssSettings = @'
    h1, h2, th { text-align: center; }
    table { margin: auto; font-family: Segoe UI; box-shadow: 10px 10px 5px #888; border: thin ridge grey; }
    th { background: #0046c3; color: #fff; max-width: 400px; padding: 5px 10px; }
    td { font-size: 11px; padding: 5px 20px; color: #000; }
    tr { background: #b8d1f3; }
    tr:nth-child(even) { background: #dae5f4; }
    tr:nth-child(odd) { background: #b8d1f3; }
'@
# Create the CSS our HTML Report will reference
$cssSettings | Out-File "$ouputdirectory\MIMObjectReport.css"

# Object to query
# Replace with something like this to make it more elegant http://blog.darrenjrobinson.com/scripting-queries-for-lithnet-get-mvobject-searches-into-the-microsoft-identity-manager-metaverse/
$queries = @();
$queries += New-MVQuery -Attribute accountName -Operator equals -Value "nsjones"
$queries += New-MVQuery -Attribute source -Operator equals -Value "ProdAD"
$query = Get-MVObject -Queries $queries

# Query for output in the Report
$sourcequery = $queries | Select Attribute, Operator, Value | ConvertTo-Html -Fragment

# All the metadata belong to us. Go get it
if ($query){
    # Get Objects Connectors
    $connectors = $query.CSMVLinks | select ManagementAgentName, LineageType, LineageTime
    $attributes = $query | Select-Object -Property Attributes | select -expand *

    # Create Hashtable for each MA mapping MAID to MA Name
    $managementagents = $null
    $managementagents = @{}
    foreach ($ma in $query.CSMVLinks){
        $managementagents+=@{$ma.ManagementAgentID.ToString()=$ma.ManagementAgentName}
    }

    $obj = @()
    foreach ($attr in $attributes.Keys)
    {
            try {
                 # First try expanding the attribute in case it is multivalued using a comma as a separator
                 $val = ($attributes.$attr.Values).Valuestring -join ', '
            }
            catch {
                # Otherwise we'll just take the string value as we're outputting to HTML
                $val = $attributes.$attr.Values.Valuestring
            }

            # Lookup Hashtable for MAID to get MAName
            $contributingMA = $attributes.$attr.Values.MAID.Guid.tostring()
            # Output MV Attributes for the report
            $mvattr = New-Object -TypeName PSObject
            $mvattr | Add-Member -Type NoteProperty -Name Attribute -Value $attr
            $mvattr | Add-Member -Type NoteProperty -Name Value -Value $val
            $mvattr | Add-Member -Type NoteProperty -Name "Last Modified" -Value $attributes.$attr.Values.LineageTime
            $mvattr | Add-Member -Type NoteProperty -Name ContributingMA -Value $managementagents.$contributingMA
            $obj += $mvattr
    }

    clear

    Write-Host "The User exists in the following systems:"
    Write-host $connectors.ManagementAgentName
    # Users connectors on the management agents
    $connectorsummary = $connectors | ConvertTo-Html -Fragment
    Write-Host "MIM Attribute Values for" $attributes.displayName.Values.ValueString
    $output = $obj | Sort-Object -Property Attribute
    $output

    # Users data from the MetaVerse
    $objectmetadata = $output | Select-Object -Property Attribute, ContributingMA, Value, "Last Modified"  |  ConvertTo-Html -Fragment

    # Users data from the MIM Service
    # Get MIM Service Management Agent
    $MIMServiceMA = Get-ManagementAgent | where-object {$_.category -eq "FIM" }

    # Get Users MIM Service CS Object
    $objMIMServiceDN = $query.CSMVLinks | where-object {$_.ManagementAgentName -eq $MIMServiceMA.Name} | select ConnectorSpaceDN
    $objMIMServiceCS = Get-CSObject -MA $MIMServiceMA.Name -DN $objMIMServiceDN.ConnectorSpaceDN

    # MIM Service MA CS Attributes
    $objMIMattributes = $objMIMServiceCS.SynchronizedHologram | Select-Object -Property Attributes | select -expand *

    $MIMServiceCSObj = @()
    foreach ($attribute in $objMIMattributes.Keys)
    {
            $value = $objMIMattributes.$attribute.Values -join ', '
            $msattr = New-Object -TypeName PSObject
            $msattr | Add-Member -Type NoteProperty -Name Attribute -Value $objMIMattributes.$attribute.Name
            $msattr | Add-Member -Type NoteProperty -Name "Value" -Value $value
            $msattr | Add-Member -Type NoteProperty -Name Type -Value $objMIMattributes.$attribute.Type
            $msattr | Add-Member -Type NoteProperty -Name Multivalued -Value $objMIMattributes.$attribute.Multivalued
            $MIMServiceCSObj += $msattr
    }

    $output2 = $MIMServiceCSObj | Sort-Object -Property Attribute
    $MIMServiceCSobjectmetadata = $output2 | ConvertTo-Html -Fragment

    Write-host "MIM Service Attributes"
    $output2

    # MIM Service Object
    # Find the Object by DomainName and AccountName
    $findMIMServiceObject = @{}
    $findMIMServiceObject.add("Domain", $query.Attributes.domain.Values.ValueString)
    $findMIMServiceObject.add("AccountName",$query.Attributes.accountName.Values.ValueString)
    $MIMServiceObject = Get-Resource -ObjectType $objMIMServiceCS.ObjectType -AttributeValuePairs @{"Domain" = $query.Attributes.domain.Values.ValueString; "AccountName" = $query.Attributes.accountName.Values.ValueString}

   $MIMServiceObjectMetaData = @()
   foreach ($Name in $MIMServiceObject.PSObject.Properties.Name ){
        # We only display attributes with values
        if ($MIMServiceObject.$Name){
             # Checking to see if the attr is multivalued
             if($MIMServiceObject.$Name.Value){
                $MIMServiceValue = $MIMServiceObject.$Name.Value -join ', '
             }
             else {
                $MIMServiceValue = $MIMServiceObject.$Name
             }
            # GUIDs don't read pretty
            # Let's get the DisplayName for ERE's so it actually means something
            if ($Name.Equals("ExpectedRulesList"))
            {
                $EREs = $null
                if ($MIMServiceObject.ExpectedRulesList.Value.Count -gt 1){
                    foreach ($ERE in $MIMServiceObject.ExpectedRulesList.Value){
                        $MIMServiceEREObject = Get-Resource -ObjectType ExpectedRuleEntry -AttributeName ObjectID -AttributeValue $ERE -AttributesToGet DisplayName
                        $EREs += $MIMServiceEREObject.DisplayName +"`t `t"
                        $EREs
                    }
                }
                else {
                    $MIMServiceEREObject = Get-Resource -ObjectType ExpectedRuleEntry -AttributeName ObjectID -AttributeValue $MIMServiceObject.ExpectedRulesList.Value -AttributesToGet DisplayName
                    $EREs += $MIMServiceEREObject.DisplayName
                }
                $MIMServiceValue = $EREs

                $mimserviceattr = New-Object -TypeName PSObject
                $mimserviceattr | Add-Member -Type NoteProperty -Name Attribute -Value $Name
                $mimserviceattr | Add-Member -Type NoteProperty -Name "Value(s)" -Value $MIMServiceValue
                $MIMServiceObjectMetaData += $mimserviceattr

            }
            else {
                $mimserviceattr = New-Object -TypeName PSObject
                $mimserviceattr | Add-Member -Type NoteProperty -Name Attribute -Value $Name
                $mimserviceattr | Add-Member -Type NoteProperty -Name "Value(s)" -Value $MIMServiceValue
                $MIMServiceObjectMetaData += $mimserviceattr
            }

        }
   }

    # Output MIM Service Object Data
    $MIMServiceObjOut = $MIMServiceObjectMetaData | Sort-Object -Property Attribute | ConvertTo-Html -Fragment

    # Output to HTML in ASCII so it formats in Chrome
    ConvertTo-HTML -CssUri "$ouputdirectory\MIMObjectReport.css" -Body "<h1>Object Report</h1><h2><center/>Query</h2>$sourcequery </br><b><center>NOTE: Only attributes with values are displayed.</center></b></br><h2><center/>Connector(s) Summary</h2>$connectorsummary <h2><center/>MetaVerse Data</h2>$objectmetadata <h2><center/>MIM Service CS Object Data</h2>$MIMServiceCSobjectmetadata <h2><center/>MIM Service Object Data</h2>$MIMServiceObjOut" -Title "MIM Object Report" |  Out-File  "$ouputdirectory\MIMObjectReport.html" -Encoding ascii
    Invoke-Expression "$ouputdirectory\MIMObjectReport.html"
}
else
{
    write-host "Object not found"
    ConvertTo-HTML -CssUri "$ouputdirectory\MIMObjectReport.css" -Body "<h1>Object Report</h1><h2><center/>Query</h2><b><center>The object requested was not found. Update your query and try again.</center></b></br>$sourcequery" -Title "MIM Object Report" |  Out-File  "$ouputdirectory\MIMObjectReport.html" -Encoding ascii
    Invoke-Expression "$ouputdirectory\MIMObjectReport.html"

}
	# https://github.com/lithnet/resourcemanagement-powershell
	Import-Module LithnetRMA
	# https://github.com/lithnet/miis-powershell
	Import-Module LithnetMiisAutomation

	# Output Directory
	$ouputdirectory = "c:\temp"
	# CSS for the HTML Output
	$cssSettings = @'
	h1, h2, th { text-align: center; }
	table { margin: auto; font-family: Segoe UI; box-shadow: 10px 10px 5px #888; border: thin ridge grey; }
	th { background: #0046c3; color: #fff; max-width: 400px; padding: 5px 10px; }
	td { font-size: 11px; padding: 5px 20px; color: #000; }
	tr { background: #b8d1f3; }
	tr:nth-child(even) { background: #dae5f4; }
	tr:nth-child(odd) { background: #b8d1f3; }
	'@
	# Create the CSS our HTML Report will reference
	$cssSettings \| Out-File "$ouputdirectory\MIMObjectReport.css"

	# Object to query
	# Replace with something like this to make it more elegant http://blog.darrenjrobinson.com/scripting-queries-for-lithnet-get-mvobject-searches-into-the-microsoft-identity-manager-metaverse/
	$queries = @();
	$queries += New-MVQuery -Attribute accountName -Operator equals -Value "nsjones"
	$queries += New-MVQuery -Attribute source -Operator equals -Value "ProdAD"
	$query = Get-MVObject -Queries $queries

	# Query for output in the Report
	$sourcequery = $queries \| Select Attribute, Operator, Value \| ConvertTo-Html -Fragment

	# All the metadata belong to us. Go get it
	if ($query){
	# Get Objects Connectors
	$connectors = $query.CSMVLinks \| select ManagementAgentName, LineageType, LineageTime
	$attributes = $query \| Select-Object -Property Attributes \| select -expand *

	# Create Hashtable for each MA mapping MAID to MA Name
	$managementagents = $null
	$managementagents = @{}
	foreach ($ma in $query.CSMVLinks){
	$managementagents+=@{$ma.ManagementAgentID.ToString()=$ma.ManagementAgentName}
	}

	$obj = @()
	foreach ($attr in $attributes.Keys)
	{
	try {
	# First try expanding the attribute in case it is multivalued using a comma as a separator
	$val = ($attributes.$attr.Values).Valuestring -join ', '
	}
	catch {
	# Otherwise we'll just take the string value as we're outputting to HTML
	$val = $attributes.$attr.Values.Valuestring
	}

	# Lookup Hashtable for MAID to get MAName
	$contributingMA = $attributes.$attr.Values.MAID.Guid.tostring()
	# Output MV Attributes for the report
	$mvattr = New-Object -TypeName PSObject
	$mvattr \| Add-Member -Type NoteProperty -Name Attribute -Value $attr
	$mvattr \| Add-Member -Type NoteProperty -Name Value -Value $val
	$mvattr \| Add-Member -Type NoteProperty -Name "Last Modified" -Value $attributes.$attr.Values.LineageTime
	$mvattr \| Add-Member -Type NoteProperty -Name ContributingMA -Value $managementagents.$contributingMA
	$obj += $mvattr
	}

	clear

	Write-Host "The User exists in the following systems:"
	Write-host $connectors.ManagementAgentName
	# Users connectors on the management agents
	$connectorsummary = $connectors \| ConvertTo-Html -Fragment
	Write-Host "MIM Attribute Values for" $attributes.displayName.Values.ValueString
	$output = $obj \| Sort-Object -Property Attribute
	$output

	# Users data from the MetaVerse
	$objectmetadata = $output \| Select-Object -Property Attribute, ContributingMA, Value, "Last Modified" \| ConvertTo-Html -Fragment

	# Users data from the MIM Service
	# Get MIM Service Management Agent
	$MIMServiceMA = Get-ManagementAgent \| where-object {$_.category -eq "FIM" }

	# Get Users MIM Service CS Object
	$objMIMServiceDN = $query.CSMVLinks \| where-object {$_.ManagementAgentName -eq $MIMServiceMA.Name} \| select ConnectorSpaceDN
	$objMIMServiceCS = Get-CSObject -MA $MIMServiceMA.Name -DN $objMIMServiceDN.ConnectorSpaceDN

	# MIM Service MA CS Attributes
	$objMIMattributes = $objMIMServiceCS.SynchronizedHologram \| Select-Object -Property Attributes \| select -expand *

	$MIMServiceCSObj = @()
	foreach ($attribute in $objMIMattributes.Keys)
	{
	$value = $objMIMattributes.$attribute.Values -join ', '
	$msattr = New-Object -TypeName PSObject
	$msattr \| Add-Member -Type NoteProperty -Name Attribute -Value $objMIMattributes.$attribute.Name
	$msattr \| Add-Member -Type NoteProperty -Name "Value" -Value $value
	$msattr \| Add-Member -Type NoteProperty -Name Type -Value $objMIMattributes.$attribute.Type
	$msattr \| Add-Member -Type NoteProperty -Name Multivalued -Value $objMIMattributes.$attribute.Multivalued
	$MIMServiceCSObj += $msattr
	}

	$output2 = $MIMServiceCSObj \| Sort-Object -Property Attribute
	$MIMServiceCSobjectmetadata = $output2 \| ConvertTo-Html -Fragment

	Write-host "MIM Service Attributes"
	$output2

	# MIM Service Object
	# Find the Object by DomainName and AccountName
	$findMIMServiceObject = @{}
	$findMIMServiceObject.add("Domain", $query.Attributes.domain.Values.ValueString)
	$findMIMServiceObject.add("AccountName",$query.Attributes.accountName.Values.ValueString)
	$MIMServiceObject = Get-Resource -ObjectType $objMIMServiceCS.ObjectType -AttributeValuePairs @{"Domain" = $query.Attributes.domain.Values.ValueString; "AccountName" = $query.Attributes.accountName.Values.ValueString}

	$MIMServiceObjectMetaData = @()
	foreach ($Name in $MIMServiceObject.PSObject.Properties.Name ){
	# We only display attributes with values
	if ($MIMServiceObject.$Name){
	# Checking to see if the attr is multivalued
	if($MIMServiceObject.$Name.Value){
	$MIMServiceValue = $MIMServiceObject.$Name.Value -join ', '
	}
	else {
	$MIMServiceValue = $MIMServiceObject.$Name
	}
	# GUIDs don't read pretty
	# Let's get the DisplayName for ERE's so it actually means something
	if ($Name.Equals("ExpectedRulesList"))
	{
	$EREs = $null
	if ($MIMServiceObject.ExpectedRulesList.Value.Count -gt 1){
	foreach ($ERE in $MIMServiceObject.ExpectedRulesList.Value){
	$MIMServiceEREObject = Get-Resource -ObjectType ExpectedRuleEntry -AttributeName ObjectID -AttributeValue $ERE -AttributesToGet DisplayName
	$EREs += $MIMServiceEREObject.DisplayName +"`t `t"
	$EREs
	}
	}
	else {
	$MIMServiceEREObject = Get-Resource -ObjectType ExpectedRuleEntry -AttributeName ObjectID -AttributeValue $MIMServiceObject.ExpectedRulesList.Value -AttributesToGet DisplayName
	$EREs += $MIMServiceEREObject.DisplayName
	}
	$MIMServiceValue = $EREs

	$mimserviceattr = New-Object -TypeName PSObject
	$mimserviceattr \| Add-Member -Type NoteProperty -Name Attribute -Value $Name
	$mimserviceattr \| Add-Member -Type NoteProperty -Name "Value(s)" -Value $MIMServiceValue
	$MIMServiceObjectMetaData += $mimserviceattr

	}
	else {
	$mimserviceattr = New-Object -TypeName PSObject
	$mimserviceattr \| Add-Member -Type NoteProperty -Name Attribute -Value $Name
	$mimserviceattr \| Add-Member -Type NoteProperty -Name "Value(s)" -Value $MIMServiceValue
	$MIMServiceObjectMetaData += $mimserviceattr
	}

	}
	}

	# Output MIM Service Object Data
	$MIMServiceObjOut = $MIMServiceObjectMetaData \| Sort-Object -Property Attribute \| ConvertTo-Html -Fragment

	# Output to HTML in ASCII so it formats in Chrome
	ConvertTo-HTML -CssUri "$ouputdirectory\MIMObjectReport.css" -Body "<h1>Object Report</h1><h2><center/>Query</h2>$sourcequery </br><b><center>NOTE: Only attributes with values are displayed.</center></b></br><h2><center/>Connector(s) Summary</h2>$connectorsummary <h2><center/>MetaVerse Data</h2>$objectmetadata <h2><center/>MIM Service CS Object Data</h2>$MIMServiceCSobjectmetadata <h2><center/>MIM Service Object Data</h2>$MIMServiceObjOut" -Title "MIM Object Report" \| Out-File "$ouputdirectory\MIMObjectReport.html" -Encoding ascii
	Invoke-Expression "$ouputdirectory\MIMObjectReport.html"
	}
	else
	{
	write-host "Object not found"
	ConvertTo-HTML -CssUri "$ouputdirectory\MIMObjectReport.css" -Body "<h1>Object Report</h1><h2><center/>Query</h2><b><center>The object requested was not found. Update your query and try again.</center></b></br>$sourcequery" -Title "MIM Object Report" \| Out-File "$ouputdirectory\MIMObjectReport.html" -Encoding ascii
	Invoke-Expression "$ouputdirectory\MIMObjectReport.html"

	}