DESCRIPTION
This sample demonstrates how to use PowerShell to add a new value ('zzz') to ARS PGV policy's possible value list
Note This code may use functions from the Active Roles Script Policy Best Practices. Please, follow the link to obtain instructions and code for those functions.
SCRIPT
#*********************************************************************************
# THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
# EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
#
# IF YOU WANT THIS FUNCTIONALITY TO BE CONDITIONALLY SUPPORTED,
# PLEASE CONTACT ONE IDENTITY PROFESSIONAL SERVICES.
#*********************************************************************************
##----- get the policy object from ARS -----
$obj = [ADSI]'EDMS://CN=Sample Policy,CN=Administration,CN=Policies,CN=Configuration'
##----- get string with the PVG (35) rule (2) -----
$rule = $obj._NewEnum | where {$_.Type -eq 35} | %{$_._NewEnum} | where {$_.Name -eq 2} | %{$_.Value}
##----- convert the string to XML -----
$xml = [xml]$rule
##----- get possible values from the XML -----
$values = $xml.PVGRules.PVRuleItem.value | %{$_.'#text'}
##----- add a new possible value and sort -----
$values = $values + 'zzz' | sort
##----- update the XML with the new possible values -----
$xml.PVGRules.PVRuleItem.InnerXML = $values | %{ '<value linkID="or" displayName="">' + $_ + '</value>' }
##----- get string with the new rule -----
$rule = $xml.OuterXml
##----- update the PVG (35) rule( 2) -----
$obj._NewEnum | where {$_.Type -eq 35} | %{$_._NewEnum} | where {$_.Name -eq 2} | %{$_.Value = $rule}
##----- apply changes to ARS ------
$obj.CommitChanges()
#***** END OF CODE ***************************************************************