Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
# Shibboleth IdP Configuration Replicator (SICR) by Matt Borja
# Note: Specify the $validNodeRegex suitable for your deployment
# Caution: Target $nodes should be placed in maintenance mode before committing to minimize service disruption.
param (
[Boolean]$commit = $false,
[String]$master = "",
[String[]]$nodes = ("", ""),
[String]$validNodeRegex = '^shib\-node\d+(\.example\.com)?$'
[String[]]$idp_folders = ("conf", "credentials", "edit-webapp", "webapp", "flows", "messages", "metadata", "static", "war"),
[String]$service = "Shibboleth 3 IdP Daemon",
function ValidNode([string]$node) {
return $node -match $validNodeRegex
function BuildIdPHome([string]$node) {
return [string]::Format("\\{0}\c$\Program Files (x86)\Shibboleth\IdP", $node)
function GetIdPPath($path, [string]$node) {
$IDP_HOME = BuildIdpHome -node $node
return [string]::Format("{0}\{1}", $IDP_HOME, $path)
# Validate $master node
If (!(ValidNode -node $master)) {
Write-Host "Invalid master ($master)"
Exit 1
# Copy directories
ForEach ($node in $nodes) {
If (!(ValidNode -node $node)) {
ForEach ($path in $idp_folders) {
$source = GetIdPPath -path $path -node $master
$destination = GetIdPPath -path $path -node $node
If ($commit) {
ROBOCOPY $source $destination /MIR
} Else {
ROBOCOPY $source $destination /MIR /L
# Restart service
If ($commit) {
ForEach ($node in $nodes) {
Write-Host "Restarting $service on $node..."
Get-Service -Name $service -ComputerName $node | Restart-Service
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.