MIMWAL: Add new users to default groups


I recently started to have a look on the Microsoft Workflow Activity Library (WAL or MIM/FIM WAL) that was given to public some time ago.

In my current projects I used the PowerShell activity in a lot of time to do things that can’t be done with OOB functions that comes with FIM/MIM.

One of those things is doing a one-time member add to default groups for new users. I’ve done this with PowerShell but you have to make use of the FIMAutomation cmdlets that do updates through FIM/MIM WebService and as everyone knows this is not the fastest way. I could get some performance enhancements using the Lithnet PowerShell Module.

So I took a look on how to do that with MIMWAL and here are the results:

First I get the binaries from http://aka.ms/MIMWAL and compiled it. It’s not that easy and you need some older specific DLL files in order to get it complied. Best way to do this is reading the default documentation and complete it with the hint’s of Ike’s blog post on installing MIMWAL. He has also the files as a package you need.

You need to use the Update Resource activity in a new workflow and configure it like this:

MIMWAL default groups1

The Queries part is used to do an lookup of the groups you want to add the user to. Key is a handle for the returned objects you will use to update those later on.

Since you need to modify the ExplicitMember attribute which is multivalue you must use the InsertValues function. The Target are the searched groups in the Queries part and you can reference them by using the [//Queries/Key/Attribute] xpath expression.

Thats nearly all, you can now use that workflow as an action workflow in an MPR that triggers on Create Resource of ObjectType Person.

 

Advertisements

About Peter Stapf
Senior Consultant Identity and Access MVP (Enterprise Mobility)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: