Fortytwo.IAM.ActiveDirectory.UserProvisioning

0.3.0

Public/Sync-UserProvisioningConnectorData.ps1

                                <#

.SYNOPSIS

    Synchronizes Active Directory users into the Fortytwo IAM Core connector.

#>

function Sync-UserProvisioningConnectorData {

    [CmdletBinding()]

    param (

        [Parameter(Mandatory = $false)]

        $MaxDeletes = 500,

        [Parameter(Mandatory = $false)]

        $MaxCreates = 500,

        [Parameter(Mandatory = $false)]

        $MaxUpdates = 5000

    )

    process {

        Start-ConnectorSyncSession

        Write-ConnectorVerbose "Getting all users from all included OUs..." -Verbose:$VerbosePreference

        $Script:IncludedOUs | ForEach-Object {

            $IncludedOU = $_ # $IncludedOU = $Script:IncludedOUs | Get-Random -Count 1

            Write-ConnectorVerbose "Getting users from OU: $IncludedOU" -Verbose:$VerbosePreference

            Get-ADUser -SearchBase $IncludedOU -Filter * -Properties $Script:UserProperties | 

            Select-Object -Property *, @{Name = "ObjectGUID"; Expression = { $_.ObjectGUID.ToString() } }, @{Name = "ObjectSID"; Expression = { $_.ObjectSID.ToString() } } -ExcludeProperty "nTSecurityDescriptor", "sid", "objectSid", "objectGuid", "PropertyNames", "msExchMailboxSecurityDescriptor", "msExchMailboxGuid", "telexNumber", "msExchPoliciesIncluded", "dSCorePropagationData", "logonHours" |

            ForEach-Object { 

                Write-Debug "Building connector object for $($_.DistinguishedName)"

                Build-ConnectorObject -ExternalId $_.ObjectGUID -ObjectType "user" -Data ($_ | ConvertTo-Json | ConvertFrom-Json -AsHashtable) 

            } |

            Add-ConnectorSyncSessionObject

        }

        Write-ConnectorVerbose "Calculating sync session operations..." -Verbose:$VerbosePreference

        $Operations = Get-ConnectorSyncSessionOperation

        $Statistics = $Operations | Get-ConnectorSyncSessionOperationStatistics

        if ($Statistics.Create -gt $MaxCreates) {

            Write-ConnectorError "Number of create operations ($($Statistics.Create)) exceeds the maximum limit of $MaxCreates. No operations will be performed. Please review the operations and adjust the limits if necessary." -Throw

            return

        }

        if ($Statistics.Update -gt $MaxUpdates) {

            Write-ConnectorError "Number of update operations ($($Statistics.Update)) exceeds the maximum limit of $MaxUpdates. No operations will be performed. Please review the operations and adjust the limits if necessary." -Throw

            return

        }

        if ($Statistics.Delete -gt $MaxDeletes) {

            Write-ConnectorError "Number of delete operations ($($Statistics.Delete)) exceeds the maximum limit of $MaxDeletes. No operations will be performed. Please review the operations and adjust the limits if necessary." -Throw

            return

        }

        if ($Operations) {

            Write-ConnectorVerbose "Completing operations for connector sync session..." -Verbose:$VerbosePreference

            $Operations | Complete-ConnectorSyncSessionOperation -Verbose:$VerbosePreference

        }

        else {

            Write-ConnectorVerbose "No operations to perform for connector sync session." -Verbose:$VerbosePreference

        }

        Write-ConnectorVerbose "Connector sync session completed." -Verbose:$VerbosePreference

    }

}