CreateGroup

Article
07/11/2012

Applies To: Forefront Identity Manager 2010

This is an example of a Windows PowerShell function that creates a new group in the Forefront Identity Manager (FIM) Service database. For more information, see FIM Windows PowerShell Cmdlet Examples.

CreateGroup Function

This function creates a new ImportObject object based on a Group resource type. It then uses the SetSingleValue function to add attributes to the object based on the function parameters. The new Group is added to the FIM Service database using the Import-FIMConfig cmdlet.

function CreateGroup
{
    PARAM($DisplayName, $Owner, $AccountName, $Domain, $Email, $GroupType, $GroupScope, $Uri = $DefaultUri)
    END
    {
        $NewGroup = CreateImportObject -ObjectType "Group"
        SetSingleValue $NewGroup "DisplayName" $DisplayName
        SetSingleValue $NewGroup "AccountName" $AccountName
        SetSingleValue $NewGroup "Domain" $Domain
        if($Email -ne $null)
        {
            SetSingleValue $NewGroup "Email" $Email
        }
        if($GroupScope -ne $null)
        {
            SetSingleValue $NewGroup "Scope" $GroupScope
        }
        SetSingleValue $NewGroup "Type" $GroupType
        
        $ResolveOwner = ResolveObject -ObjectType "Person" -AttributeName "Email" -AttributeValue $Owner
        SetSingleValue -ImportObject $NewGroup -AttributeName "Owner" -AttributeValue $ResolveOwner.SourceObjectIdentifier -FullyResolved 0
        
        $ImportObjects = (,$ResolveOwner)
        $ImportObjects += $NewGroup
        $ImportObjects
        $ImportObjects | Import-FIMConfig -Uri $Uri
    }
}

The previous code assumes that the following variable is included in the script that contains the CreateGroup function:

$DefaultUri = "https://localhost:5725"

You can use the CreateGroup function as a helper function to other functions that use fewer parameters, as the CreateDistributionGroup and CreateSecurityGroup example functions demonstrate.

CreateDistributionGroup Function

This following example function creates a new ImportObject object based on a Group resource type. It then uses the SetSingleValue function to add attributes to the object based on the function parameters. The new Group is added to the FIM Service database using the Import-FIMConfig cmdlet.

The following example uses the same parameters as the CreateGroup function, except that it does not include the GroupType parameter. The function passes its parameters to the CreateGroup function, but it sets GroupType to "Distribution".

function CreateDistributionGroup
{
    PARAM($DisplayName, $Owner, $AccountName, $Domain, $Email, $Uri = $DefaultUri)
    END
    {
        CreateGroup -DisplayName $DisplayName -Owner $Owner -AccountName $AccountName -Domain $Domain -Email $Email -GroupType "Distribution" -Uri $Uri    
    }
}

CreateSecurityGroup Function

The following example function uses the same parameters as the CreateGroup function, except that it does not include the GroupType parameter. The function passes its parameters to the CreateGroup function, but it sets GroupType to "Security".

function CreateSecurityGroup
{
    PARAM($DisplayName, $Owner, $AccountName, $Domain, $Email, $GroupScope, $Uri = $DefaultUri)
    END
    {
        CreateGroup -DisplayName $DisplayName -Owner $Owner -AccountName $AccountName -Domain $Domain -Email $Email -GroupScope $GroupScope -GroupType "SecurityGroup" -Uri $Uri
    }
}

Remarks

You can use this function as a helper function to a Windows PowerShell script that creates Group objects as part of a bulk import.

CreateGroup

CreateGroup Function

CreateDistributionGroup Function

CreateSecurityGroup Function

Remarks

See Also

Reference

Concepts

Additional resources