CreateGroup
Applies To: Forefront Identity Manager 2010
This is an example of a Windows PowerShell function that creates a new group in the Forefront Identity Manager (FIM) Service database. For more information, see FIM Windows PowerShell Cmdlet Examples.
CreateGroup Function
This function creates a new ImportObject object based on a Group resource type. It then uses the SetSingleValue function to add attributes to the object based on the function parameters. The new Group is added to the FIM Service database using the Import-FIMConfig cmdlet.
function CreateGroup
{
PARAM($DisplayName, $Owner, $AccountName, $Domain, $Email, $GroupType, $GroupScope, $Uri = $DefaultUri)
END
{
$NewGroup = CreateImportObject -ObjectType "Group"
SetSingleValue $NewGroup "DisplayName" $DisplayName
SetSingleValue $NewGroup "AccountName" $AccountName
SetSingleValue $NewGroup "Domain" $Domain
if($Email -ne $null)
{
SetSingleValue $NewGroup "Email" $Email
}
if($GroupScope -ne $null)
{
SetSingleValue $NewGroup "Scope" $GroupScope
}
SetSingleValue $NewGroup "Type" $GroupType
$ResolveOwner = ResolveObject -ObjectType "Person" -AttributeName "Email" -AttributeValue $Owner
SetSingleValue -ImportObject $NewGroup -AttributeName "Owner" -AttributeValue $ResolveOwner.SourceObjectIdentifier -FullyResolved 0
$ImportObjects = (,$ResolveOwner)
$ImportObjects += $NewGroup
$ImportObjects
$ImportObjects | Import-FIMConfig -Uri $Uri
}
}
The previous code assumes that the following variable is included in the script that contains the CreateGroup function:
$DefaultUri = "https://localhost:5725"
You can use the CreateGroup function as a helper function to other functions that use fewer parameters, as the CreateDistributionGroup and CreateSecurityGroup example functions demonstrate.
CreateDistributionGroup Function
This following example function creates a new ImportObject object based on a Group resource type. It then uses the SetSingleValue function to add attributes to the object based on the function parameters. The new Group is added to the FIM Service database using the Import-FIMConfig cmdlet.
The following example uses the same parameters as the CreateGroup function, except that it does not include the GroupType parameter. The function passes its parameters to the CreateGroup function, but it sets GroupType to "Distribution".
function CreateDistributionGroup
{
PARAM($DisplayName, $Owner, $AccountName, $Domain, $Email, $Uri = $DefaultUri)
END
{
CreateGroup -DisplayName $DisplayName -Owner $Owner -AccountName $AccountName -Domain $Domain -Email $Email -GroupType "Distribution" -Uri $Uri
}
}
CreateSecurityGroup Function
The following example function uses the same parameters as the CreateGroup function, except that it does not include the GroupType parameter. The function passes its parameters to the CreateGroup function, but it sets GroupType to "Security".
function CreateSecurityGroup
{
PARAM($DisplayName, $Owner, $AccountName, $Domain, $Email, $GroupScope, $Uri = $DefaultUri)
END
{
CreateGroup -DisplayName $DisplayName -Owner $Owner -AccountName $AccountName -Domain $Domain -Email $Email -GroupScope $GroupScope -GroupType "SecurityGroup" -Uri $Uri
}
}
Remarks
You can use this function as a helper function to a Windows PowerShell script that creates Group objects as part of a bulk import.
See Also
Reference
Import-FIMConfig
Concepts
FIM Windows PowerShell Cmdlet Examples
SetSingleValue
CreateImportObject
ResolveObject