ADFSToolbox

1.0.5

widSyncModule/AdfsWidSyncModule.psm1

                                function Get-AdfsWidServiceStateSummary

{

    $stsWMIObject = (Get-WmiObject -Namespace root\ADFS -Class SecurityTokenService)

    #Create SQL Connection

    $connection = new-object system.data.SqlClient.SqlConnection($stsWMIObject.ConfigurationDatabaseConnectionString);

    $connection.Open()

    $query = "SELECT * FROM IdentityServerPolicy.ServiceStateSummary";

    $sqlcmd = $connection.CreateCommand();

    $sqlcmd.CommandText = $query;

    $result = $sqlcmd.ExecuteReader();

    $table = new-object "System.Data.DataTable"

    $table.Load($result)

    $table | ft

} 

function Reset-AdfsWidServiceStateSummarySerialNumbers

{

    $stsWMIObject = (Get-WmiObject -Namespace root\ADFS -Class SecurityTokenService)

    #Create SQL Connection

    $connection = new-object system.data.SqlClient.SqlConnection($stsWMIObject.ConfigurationDatabaseConnectionString);

    $connection.Open()

    $update = "UPDATE IdentityServerPolicy.ServiceStateSummary SET [SerialNumber] = '0'";

    $sqlcmd = $connection.CreateCommand();

    $sqlcmd.CommandText = $update;

    $sqlcmd.CommandTimeout = 600000;

    $rowsAffected = $sqlcmd.ExecuteNonQuery()

    Write-Host $rowsAffected "rows have been affected by the reset of SerialNumber column"

} 

function Invoke-WidSync

{

    param (

        [Parameter(Mandatory=$false)]

        [switch] $Force

    )

    if ( -not $force )

    {

        Write-Host "You must use the 'Force' parameter" -ForegroundColor Yellow

        return

    }

    $role = (Get-AdfsSyncProperties).role

    $LastSyncStatus = (Get-AdfsSyncProperties).LastSyncStatus

    if ($role -eq "SecondaryComputer")

    {

        if ($LastSyncStatus -eq '0')

        {

            Write-Host "Resetting the serialnumber column of ServiceStateSummary table to force a full WID sync" -ForegroundColor Green

            Write-Host "ServiceStateSummary table content before reset:" -ForegroundColor Green

            Get-AdfsWidServiceStateSummary

            Write-Host "Resetting the serialnumber of ServiceStateSummary table" -ForegroundColor Green

            Reset-AdfsWidServiceStateSummarySerialNumbers

            Write-Host "ServiceStateSummary table content after reset:" -ForegroundColor Green

            Get-AdfsWidServiceStateSummary

            Write-Host "The full sync will occur on this AD FS Secondary server during the next normal sync poll (by default it occurs every 5 minutes)" -ForegroundColor Green

        } 

        else 

        {

            Write-Host "The last sync status was not sucessful. Cannot force WID sync." -ForegroundColor Yellow

        }

    }

    else

    {

        Write-Host "This AD FS server is not a secondary server. Please run this cmdlet on your secondary server." -ForegroundColor Yellow

    }

}

Export-ModuleMember -Function Invoke-WidSync;