I have been promising to get this post out there.. So here it is..
If you make extensive use of Lithnet ResourceManagement Powershell for MIM/FIM (You should if you don’t) you will probably be using the cmdlets “Search-Resources” or “Search-ResourcesPaged” which require an “-XPATH” input.
Now my xpath is real bad in for a complicated search.
Thankfully Ryan (Lithnet God) has written a few tools to make it easier for us to write xpath queries. We would use his cmdlets like New-XPathQuery , New-XPathQueryGroup and New-XPathExpression
Let’s start with simple query: Find everyone whose AccountName (string) starts with “P”
1 2 3 4 5 6 |
Import-Module lithnetrma Set-ResourceManagementClient -BaseAddress "http://fimservice:5725" $a = New-XPathQuery -AttributeName AccountName -Operator StartsWith -Value "P" $b = New-XPathExpression -ObjectType Person -QueryObject $a $b.ToString() |
Output
/Person[(starts-with(AccountName, ‘P’))]
Easy yeah?
Lets do a boolean: Find every user for whom accountDisabled (Boolean) is present
1 2 3 4 5 6 |
Import-Module lithnetrma Set-ResourceManagementClient -BaseAddress "http://fimservice:5725" $a = New-XPathQuery -AttributeName accountDisabled -Operator IsPresent $b = New-XPathExpression -ObjectType Person -QueryObject $a $b.ToString() |
Output
/Person[((accountDisabled = true) or (accountDisabled = false))]
Lets do a complex one: Find all users who Email Starts with “P” and are not disabled
1 2 3 4 5 6 7 8 9 |
Import-Module lithnetrma Set-ResourceManagementClient -BaseAddress "http://fimservice:5725" $a = New-XPathQuery -AttributeName Email -Operator StartsWith -Value "P" $b = New-XPathQuery -AttributeName accountDisabled -Operator Equals -Value $false $group = New-XPathQueryGroup -Operator And -Queries @($a,$b) $result = New-XPathExpression -ObjectType Person -QueryObject $group $result.ToString() |
Output
/Person[((starts-with(Email, ‘P’)) and (accountDisabled = False))]
You can see how you can build on this..
One final one: Find all accounts which have an email address starting with P and are not disabled or which have an AccountName and have Email containing “p@”
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
Import-Module lithnetrma Set-ResourceManagementClient -BaseAddress "http://fimservice:5725" $a = New-XPathQuery -AttributeName Email -Operator StartsWith -Value "P" $b = New-XPathQuery -AttributeName accountDisabled -Operator Equals -Value $false $c = New-XPathQuery -AttributeName AccountName -Operator IsPresent $d = New-XPathQuery -AttributeName Email -Operator Contains -Value "p@" $group1 = New-XPathQueryGroup -Operator And -Queries @($a,$b) $group2 = New-XPathQueryGroup -Operator And -Queries @($c,$d) $finalgroup = New-XPathQueryGroup -Operator Or -Queries @($group1,$group2) $result = New-XPathExpression -ObjectType Person -QueryObject $finalgroup $result.ToString() |
Output
/Person[(((starts-with(Email, ‘P’)) and (accountDisabled = False)) or ((starts-with(AccountName, ‘%’)) and (contains(Email, ‘p@’))))]
Above searches might not make sense logically in real world scenarios but what I am trying to show here is that how easy it is to build complex XPath search strings without knowing the XPath language and doing it pretty easily on Powershell.. (And don’t get me started how many times I have messed up the brackets 😛 )
Enormous potential and implantation capabilities if you come to think of it..
0 Comments