is way to get list of links that applied to Managed units and policies in file

richa kumari said:

import and export will not work in linked objects that need to be done manually

Can you please explain a bit more about what you need that is not working?

 Hi richa kumari 

Are you trying to get a list of all the Administration Policies that are linked to a particular object (in your case Managed units)?

The is an example script as below, which is found within the SDK supplied with the install media, if this component has been installed you'll find it as below (version for example could be 8.1)

C:\Program Files\One Identity\Active Roles\<Version>\SDK\Samples\ADSI Provider\Policy Object

The script below is called APOLinks.ps1 in the Policy Objects folder

# Set DN of the directory object in question.
$TargetObjectDN = "CN=DistrGroup,OU=Sales,DC=mycompany,DC=com"

$APLinksContainerDN = "CN=AP Links,CN=Configuration"
$APLinkType = "edsPolicyObjectLink"

Connect-QADService -Proxy

$TargetObject = Get-QADObject $TargetObjectDN

$FoundLinks = Get-QADObject -Type $APLinkType -SearchRoot $APLinksContainerDN -SearchAttributes @{"edsaSecObjectGUID"=$TargetObject.Guid.ToString()}

"`nPolicy Objects that are linked to the object `'$TargetObjectDN`'"
foreach($FoundLink in $FoundLinks)
{
	$Guid = [Guid]$FoundLink.Item("edsaAPOGUID")
	$PolicyObject = Get-QADObject $Guid
	"Policy Object DN: " +	
	$PolicyObject.DN
	$Guid = [Guid]$FoundLink.Item("edsaSecObjectGUID")
	$InheritedObject = Get-QADObject $Guid
	"Inherited from: " +
	$InheritedObject.DN
	"----------------------------------------------------"
}

You only need to change the $TargetObjectDN value, this you should set to the ManagedUnit you want a list of Access Policy Links for on line 2, you shouldn't need to change anything else in the script.