Fortytwo.IAM.ActiveDirectory.UserProvisioning

0.1.0

Public/Sync-UserProvisioningConnectorData.ps1

                                <#

.SYNOPSIS

    Synchronizes Active Directory users into the Fortytwo IAM Core connector.

#>

function Sync-UserProvisioningConnectorData {

    [CmdletBinding()]

    param (

        [Parameter(Mandatory = $false)]

        $MaxDeletes = 500,

        [Parameter(Mandatory = $false)]

        $MaxCreates = 500,

        [Parameter(Mandatory = $false)]

        $MaxUpdates = 5000

    )

    process {

        Start-ConnectorSyncSession

        Write-ConnectorVerbose "Getting all users from all included OUs..."

        $Script:IncludedOUs | ForEach-Object {

            Write-ConnectorVerbose "Getting users from OU: $_"

            Get-ADUser -SearchBase $_ -Filter * -Properties $Script:UserProperties | 

            Select-Object -Property *, @{Name = "ObjectGUID"; Expression = { $_.ObjectGUID.ToString() } }, @{Name = "ObjectSID"; Expression = { $_.ObjectSID.ToString() } } -ExcludeProperty "nTSecurityDescriptor", "sid", "objectSid", "objectGuid", "PropertyNames" |

            ForEach-Object { Build-ConnectorObject -ExternalId $_.ObjectGUID -ObjectType "user" -Data ($_ | ConvertTo-Json | ConvertFrom-Json -AsHashtable) } |

            Add-ConnectorSyncSessionObject

        }

        Write-ConnectorVerbose "Calculating sync session operations..."

        $Operations = Get-ConnectorSyncSessionOperation

        $Statistics = $Operations | Get-ConnectorSyncSessionOperationStatistics

        if ($Statistics.Create -gt $MaxCreates) {

            Write-ConnectorError "Number of create operations ($($Statistics.Create)) exceeds the maximum limit of $MaxCreates. No operations will be performed. Please review the operations and adjust the limits if necessary." -Throw

            return

        }

        if ($Statistics.Update -gt $MaxUpdates) {

            Write-ConnectorError "Number of update operations ($($Statistics.Update)) exceeds the maximum limit of $MaxUpdates. No operations will be performed. Please review the operations and adjust the limits if necessary." -Throw

            return

        }

        if ($Statistics.Delete -gt $MaxDeletes) {

            Write-ConnectorError "Number of delete operations ($($Statistics.Delete)) exceeds the maximum limit of $MaxDeletes. No operations will be performed. Please review the operations and adjust the limits if necessary." -Throw

            return

        }

        if ($Operations) {

            Write-ConnectorVerbose "Completing operations for connector sync session..."

            $Operations | Complete-ConnectorSyncSessionOperation

        }

        else {

            Write-ConnectorVerbose "No operations to perform for connector sync session."

        }

        Write-ConnectorVerbose "Connector sync session completed."

    }

}