This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Creating Powershell connection to Target System using the rest api

 Hi Team,

I am new to One Identity Manager and have the task to use PowerShell connector to connect target system.

Steps I performed so far after referring the Powershell documentation provided by 1IM

1. In the synchronisation Editor, I have selected a Powershell Connector

2. It asks for connector definition file, I can understand there is a sample file provided but as a rookie, it is a bit difficult to understand

This is the Create User Script which I will be using to connect the target system, It will be great if you guys provide me the steps to incorporate this code into connector definition file, I have attached the xml file 

<?xml version="1.0" encoding="utf-8" ?>
<!--
	Some header data definint the id, the version and the description of this connector
-->
<PowershellConnectorDefinition Id="SampleConnector" Version="1.0" Description="Sample Powershell Connector (AD)">

	<!--
		Include plugin libraries for custom conversions
		Custom converters can contain code to:
			1. Convert output of a commandlet to a connector value (see IPSObjectValueConverter interface)
			2. Convert connector values/modifications to cmdlet parameters (see IPSParameterConverter interface)
	-->	
	<PluginAssemblies>
		<!--<Assembly Path="VI.Projector.Exchange.Common.dll" />-->
	</PluginAssemblies>

	<!--
		Define connection parameters that shall be queried from the user when
		creating a new connection. Set the IsSensibleData attribute to true for passwords etc.
	-->
	<ConnectionParameters>
		<ConnectionParameter Name="Domaincontroller" Description="Domaincontroller for the connection" />
		<ConnectionParameter Name="OrganizationalUnit" Description="Distinguished name of the organizational unit" />	
		<ConnectionParameter Name="Username" Description="Username for the Active Directory connection" />
		<ConnectionParameter Name="Password" Description="Password" IsSensibleData="true" />
	</ConnectionParameters>

	<!--
		The initialization section contains all settings that are used for setting
		up the runtime powershell session.
	-->
	<Initialization>

		<!--
			Specify custom script commandlets. Those commandlets are available throughout the whole
			powershell session of the connector and can be used like regular commands
		-->
		<CustomCommands>

			<CustomCommand Name="Get-D1IMADGroupMember">
			<![CDATA[
			param(
				[parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
				[ValidateNotNullOrEmpty()]
				[String]$Identity
			)

			$memberDNs = @()
			$memberGuids = @()
			
			foreach($m in Get-ADGroupMember $Identity)
			{
				$memberDNs += $m.DistinguishedName
				$memberGuids += $m.ObjectGUID.ToString()
			}
			
			New-Object PSObject -Property @{ 
				MemberGuids = $memberGuids
				MemberDNs = $memberDNs
				}	
			
			]]>
			</CustomCommand>

			<CustomCommand Name="Set-D1IMADGroupMember">
			<![CDATA[
			param(
				[parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
				[ValidateNotNullOrEmpty()]
				[String]$Identity,

				[parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
				[string[]]$Members
			)

			Set-ADGroup -Identity $Identity -Replace @{Member=$Members}
			]]>
			</CustomCommand>	  

			<CustomCommand Name="Set-D1IMADUserEnabled">
				<![CDATA[
				param(
					[parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
					[ValidateNotNullOrEmpty()]
					[String]$Identity,

					[parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
					[Bool]$Enabled
				)
				
				if($Enabled) { 
					Enable-ADAccount -Identity $identity
				} else {
					Disable-ADAccount -Identity $identity
				}
			]]>
			</CustomCommand>

			<CustomCommand Name="Connect-D1IMADSession">
				<![CDATA[
				param(
					[parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
					[ValidateNotNullOrEmpty()]
					[String]$TargetServer,

					[parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
					[ValidateNotNullOrEmpty()]
					[String]$User,

					[parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
					[ValidateNotNullOrEmpty()]
					[String]$Password,
					
					[parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
					[ValidateNotNullOrEmpty()]
					[String]$RootOU	
				)
				# Disable loading the default AD drive
				$Env:ADPS_LoadDefaultDrive = 0
				Import-Module ActiveDirectory
				$secPwd = ConvertTo-SecureString $Password -AsPlainText:$true -force
				$cred = New-Object System.Management.Automation.PsCredential -ArgumentList $User,$secPwd
				$parms = @{
					PSProvider = "ActiveDirectory"
					Server = $TargetServer
					Credential = $cred
					Root = "//RootDSE/$RootOU"
					Scope = "Global"
					Name = "TempDriveName"
				}
				
				New-PSDrive @parms
				cd TempDriveName:
			]]>
			</CustomCommand>

			<CustomCommand Name="Close-D1IMADSession">
				<![CDATA[
					cd C:
					Remove-PSDrive TempDriveName
				]]>
			</CustomCommand>	  

		</CustomCommands>

		<!-- 
			List of all commands that are mapped in the schema types. This can either be built-in powershell commandlets
			or commandlets that are loaded from modules, remote sessions or snapins. If you import sessions or modules using the
			prefix parameter, you need to specify the commands including the prefix i.e. Get-PrefixADUser
		-->
		<PredefinedCommands>
			<Command Name="Get-ADUser" />
			<Command Name="New-ADUser" />
			<Command Name="Set-ADUser" />
			<Command Name="Remove-ADUser" />
			<Command Name="Get-ADGroup" />
			<Command Name="New-ADGroup" />
			<Command Name="Set-ADGroup" />
			<Command Name="Remove-ADGroup" />
			<Command Name="Unlock-ADAccount" />
			<Command Name="Set-ADAccountPassword" />
			<Command Name="Rename-ADObject" />
			<Command Name="Add-ADGroupMember" />
			<Command Name="Remove-ADGroupMember" />
		</PredefinedCommands>

		<!--
			The following section contains the sequence of commands, that are executed when ...
				... the powershell session is established (connect)
				... the powershell session is closed (disconnect)
		-->
		<EnvironmentInitialization>

			<!--
		Commands to be executed when the powershell runspace is created
	  -->
			<Connect>
				<!--
					A commandsequence contains 1 to n commands that are executed successively. They do not
					share a common pipeline which means that the output of one command is not available to 
					the successive command. The commands are executed in the order specified by the "Order"
					attribute.
				-->
				<CommandSequence>
					<Item Command="Connect-D1IMADSession" Order="1">
						<!--
							A "SetParameter" is one way to pass parameter values to a powershell command. 
							Attributes:
							"Param" = contains the target Parameter
							"Source" = the source for the value. Available sources are
								"ConnectionParameter" ... value is taken from a passed connection parameter)
								"FixedValue" ... a fixed value
								"FixedArray" ... a fixed array of values
								"SwitchParameter" ... a Powershell switch Parameter
								"GlobalVariable" ... value of a global variable
							"Value" = meaning depends on "Source"
								if source is "ConnectionParameter" then "Value" contains the name of the connection parameter
								if source is "SwitchParameter" then "Value" can be omitted/has no effect
								if source is "FixedValue" then "Value" contains a fixed value
								if source is "FixedArray" then "Value" contains a comma seperated list of elements that are passed as an array
								if source is "GlobalVariable" then "Value" contains the name of the variable to use. 
											  To set a global variable use $global:<name> = <value>
							
							Another way to map parameters are described in the Schema section
						-->
						<SetParameter Param="TargetServer" Source="ConnectionParameter" Value="DomainController" />
						<SetParameter Param="User" Source="ConnectionParameter" Value="Username" />
						<SetParameter Param="Password" Source="ConnectionParameter" Value="Password" />
						<SetParameter Param="RootOU" Source="ConnectionParameter" Value="OrganizationalUnit" />
					</Item>
				</CommandSequence>
			</Connect>

			<!--
		Commands to be executed when the runspace is closed (free resources etc.)
	  -->
			<Disconnect>
				<CommandSequence>
					<Item Command="Close-D1IMADSession" Order="1" />
				</CommandSequence>
			</Disconnect>

		</EnvironmentInitialization>
	</Initialization>

	<!--
		The Schema section describes how commandlet input/output is mapped to schema types
	-->
	<Schema>

		<!--
		Definition of a schema class 'user'
		-->
		<Class Name="User">
			<!--
				Definition of Properties, at least one property needs to be marked as IsUniqueKey.
			-->
			<Properties>

				<!--
					A Property element contains the definition of Schema property. 
					Attributes:
						"Name" = The name of the property
						"DataType" = The data type (valid values are String, Int, Bool, DateTime)
						"IsUniqueKey" = indicates, that the property can be used to identify an object instance
						"IsMandatory" = indicates, that the property is mandatory
						"IsAutofill" = indicates, that the value of this property is created by the system
						"IsDisplay" = indicates, that the value of this property is used as a display
						"IsRevision" = indicates, that the value of this property is used as revision
				-->
				<Property Name="Sid" DataType="String" IsUniqueKey="true" IsMandatory="true" IsAutoFill="true">
					<!--
						The "CommandMappings" sections specifies, to which commandlet the value of this property shall be mapped.
						Attributes:
							"ToCommand" = Name of the command
							"Parameter" = Name of the parameter
							"UseOldValue" = (Optional) if the Property was modified, use the old value during the mapping (useful for renames)
							"Converter" = (Optional) the IPSParameterConverter implementation that should be used to apply a value (Projector modification) to the command
							"ModType" = (Optional) The type of modification that can be handled by this command. Valid values are "Add", "Remove", "Replace" while "Add"
										and "Remove" only apply to properties that are multi valued. If no ModType is specified, it is assumed, that the command can handle
										all types of modifications. You must also define only one command per type.
						
						Make sure, that at least one Property that is marked as "IsUniqueKey" is mapped to each of the commands that are used by this class
					-->
					<CommandMappings>
						<Map ToCommand="Set-ADUser" Parameter="Identity" UseOldValue="false"/>
						<Map ToCommand="Get-ADUser" Parameter="Identity"/>
						<Map ToCommand="Set-D1IMADUserEnabled" Parameter="Identity"/>
						<Map ToCommand="Unlock-ADAccount" Parameter="Identity"/>
						<Map ToCommand="Remove-ADUser" Parameter="Identity"/>
						<Map ToCommand="Set-ADAccountPassword" Parameter="Identity"/>
					</CommandMappings>
					<!--
						The "ReturnBindings" sections defines, which commandlet return the value for this property
						Attributes:
							"CommandResultOf" = Name of the command returning the value
							"Path" = path in the returned object to use. Path can be
								a property ... i.e. Name
								a element of an array ... i.e. MultiElements[0]
								a scalar function call ... i.e. SID.ToString()
								or a combination of those i.e. MultiElements[0].ToString()
								more "path" handlers might be implemented in future versions 
							"Converter" = (Optional) the name of a IPSObjectValueConverter that shall be used to convert the output
					-->
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADUser" Path="SID.ToString()" />
						<Bind CommandResultOf="New-ADUser" Path="SID.ToString()" />
					</ReturnBindings>
				</Property>

				<!--DistinguishedName-->
				<Property Name="DistinguishedName" DataType="String" IsUniqueKey="true" IsDisplay="true" IsMandatory="true" IsAutoFill="true">
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADUser" Path="DistinguishedName" />
						<Bind CommandResultOf="New-ADUser" Path="DistinguishedName" />
					</ReturnBindings>
				</Property>

				<!--ObjectGuid-->
				<Property Name="ObjectGuid" DataType="String" IsUniqueKey="true" IsMandatory="true" IsAutoFill="true">
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADUser" Path="ObjectGuid.ToString()" />
					</ReturnBindings>
					<CommandMappings>
						<Map ToCommand="Rename-ADObject" Parameter="Identity" />
					</CommandMappings>
				</Property>			

				<!--Enabled-->
				<Property Name="Enabled" DataType="Bool">
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADUser" Path="Enabled" />
						<Bind CommandResultOf="New-ADUser" Path="Enabled" />
					</ReturnBindings>
					<!--
						The "ModifiedBy" sections defines, which commandlet actually writes the value to the system
						Attributes:
							"Command" = Name of the command writing the 
					-->					
					<ModifiedBy>
						<ModBy Command="Set-D1IMADUserEnabled" />
					</ModifiedBy>
					<CommandMappings>
						<Map ToCommand="Set-D1IMADUserEnabled" Parameter="Enabled" />
					</CommandMappings>
				</Property>

				<!--Password-->
				<Property Name="Password" DataType="String">
					<ModifiedBy>
						<ModBy Command="Set-ADAccountPassword" />
					</ModifiedBy>
					<CommandMappings>
						<Map ToCommand="Set-ADAccountPassword" Parameter="NewPassword" Converter="ToSecureString" />
					</CommandMappings>
				</Property>

				<!--GivenName-->
				<Property Name="GivenName" DataType="String">
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADUser" Path="GivenName" />
						<Bind CommandResultOf="New-ADUser" Path="GivenName" />
					</ReturnBindings>
					<ModifiedBy>
						<ModBy Command="Set-ADUser" />
					</ModifiedBy>	  
					<CommandMappings>
						<Map ToCommand="Set-ADUser" Parameter="GivenName" />
					</CommandMappings>
				</Property>	

				<!--Surname-->
				<Property Name="Surname" DataType="String">
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADUser" Path="Surname" />
						<Bind CommandResultOf="New-ADUser" Path="Surname" />
					</ReturnBindings>
					<ModifiedBy>
						<ModBy Command="Set-ADUser" />
					</ModifiedBy>	  
					<CommandMappings>
						<Map ToCommand="Set-ADUser" Parameter="Surname" />
					</CommandMappings>
				</Property>	

				<!--Name-->
				<Property Name="Name" DataType="String" IsMandatory="true">
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADUser" Path="Name" />
					</ReturnBindings>
					<ModifiedBy>
						<ModBy Command="Rename-ADObject" />
					</ModifiedBy>	  
					<CommandMappings>
						<Map ToCommand="Rename-ADObject" Parameter="NewName" />
						<Map ToCommand="New-ADUser" Parameter="Name" />
					</CommandMappings>
				</Property>

				<!--SamAccountName-->
				<Property Name="SamAccountName" DataType="String">
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADUser" Path="SamAccountName" />
					</ReturnBindings>
					<ModifiedBy>
						<ModBy Command="Set-ADUser" />
					</ModifiedBy>	  
					<CommandMappings>
						<Map ToCommand="Set-ADUser" Parameter="SamAccountName" />
					</CommandMappings>
				</Property>	

				<!--UserPrincipalName-->
				<Property Name="UserPrincipalName" DataType="String">
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADUser" Path="UserPrincipalName" />
					</ReturnBindings>
					<ModifiedBy>
						<ModBy Command="Set-ADUser" />
					</ModifiedBy>	  
					<CommandMappings>
						<Map ToCommand="Set-ADUser" Parameter="UserPrincipalName" />
					</CommandMappings>
				</Property>

				<!--Manager-->
				<Property Name="Manager" DataType="String">
					<!--Defines that the property is a reference. For each possible target of the reference an element has to be created
					containing the target schema class as well as the property that can be used for reference resolution
					-->
					<ReferenceTargets>
						<ReferenceTarget Class="User" Property="DistinguishedName" />
					</ReferenceTargets>
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADUser" Path="Manager" />
					</ReturnBindings>
					<ModifiedBy>
						<ModBy Command="Set-ADUser" />
					</ModifiedBy>	  
					<CommandMappings>
						<Map ToCommand="Set-ADUser" Parameter="Manager" />
					</CommandMappings>
				</Property>
				
				<!--
				Sample for defining revision properties. The maximum of usnChanged/usnCreated over all
				elements will be used.
				-->
				
				<!--usnChanged-->
				<Property Name="usnChanged" DataType="Int" IsRevision="true">
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADUser" Path="usnChanged" />
					</ReturnBindings>
				</Property>				

				<!--usnCreated-->
				<Property Name="usnCreated" DataType="Int" IsRevision="true">
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADUser" Path="usnCreated" />
					</ReturnBindings>
				</Property>				
				
			</Properties>

			<!--
				The read configuration is mandatory. It defines the ListingCommand which is used to pull
				a list of all objects of this type from the system. Furthermore, the additional commandsequence
				defines the list of commands, that need to be executed to fully load a single object with all
				properties defined in the schema
			-->
			<ReadConfiguration>
				<ListingCommand Command="Get-ADUser">
					<SetParameter Param="Filter" Source="FixedValue" Value="*" />
					<SetParameter Param="Properties" Source="FixedArray" Value="usnChanged,usnCreated" />
				</ListingCommand>
				<CommandSequence>
					<Item Command="Get-ADUser" Order="1" >
						<SetParameter Param="Properties" Source="FixedArray" Value="manager,extensionattribute1,usnChanged,usnCreated" />
					</Item>
				</CommandSequence>
			</ReadConfiguration>

			<!--
				The MethodConfiguration section describes all methods that are available for this class. In order to stay compatible with
				the D1IM Projector, you schould use the name
					- Insert -> Commands that create a new object
					- Update -> Commands that modify an exisiting object
					- Delete -> Commands that delete an exisiting object
			-->	  
			<MethodConfiguration>
				<!--Define a method named "Insert"-->
				<Method Name="Insert">
					<!--An "Insert" consists of the following command calls-->
					<CommandSequence>
						<Item Command="New-ADUser" Order="1">
							<SetParameter Param="PassThru" Source="SwitchParameter" Value="" />
						</Item>
						<!--
							The Condition "ModificationExisits" causes, that this command is only executed, 
							if one or more propert(ies) were set, that are written by this command.
						-->
						<Item Command="Set-ADAccountPassword" Order="2" Condition="ModificationExists"/>
						<Item Command="Set-D1IMADUserEnabled" Order="3" Condition="ModificationExists"/>
						<Item Command="Set-ADUser" Order="4" Condition="ModificationExists"/>
					</CommandSequence>
				</Method>
				<Method Name="Update">
					<CommandSequence>
						<Item Command="Set-ADUser" Order="1" Condition="ModificationExists">
							<SetParameter Param="PassThru" Source="SwitchParameter" Value="" />
						</Item>
						<Item Command="Set-ADAccountPassword" Order="2" Condition="ModificationExists"/>
						<Item Command="Set-D1IMADUserEnabled" Order="3" Condition="ModificationExists"/>
						<Item Command="Rename-ADObject" Order="4" Condition="ModificationExists"/>
					</CommandSequence>
				</Method>
				<Method Name="Delete">
					<CommandSequence>
						<Item Command="Remove-ADUser" Order="1" />
					</CommandSequence>
				</Method>
				<Method Name="Unlock">
					<CommandSequence>
						<Item Command="Unlock-ADAccount" Order="1" />
					</CommandSequence>
				</Method>
			</MethodConfiguration>
		</Class>

		<Class Name="Group">
			<Properties>
				<!-- SID -->
				<Property Name="Sid" DataType="String" IsUniqueKey="true" IsMandatory="true" IsAutoFill="true">
					<CommandMappings>
						<Map ToCommand="Set-ADGroup" Parameter="Identity"/>
						<Map ToCommand="Get-ADGroup" Parameter="Identity"/>
						<Map ToCommand="Remove-ADGroup" Parameter="Identity"/>
					</CommandMappings>
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADGroup" Path="SID.ToString()" />
						<Bind CommandResultOf="New-ADGroup" Path="SID.ToString()" />
					</ReturnBindings>
				</Property>

				<!--DistinguishedName-->
				<Property Name="DistinguishedName" DataType="String" IsUniqueKey="true" IsDisplay="true" IsMandatory="true" IsAutoFill="true">
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADGroup" Path="DistinguishedName" />
						<Bind CommandResultOf="New-ADGroup" Path="DistinguishedName" />
					</ReturnBindings>
				</Property>

				<!--ObjectGuid-->
				<Property Name="ObjectGuid" DataType="String" IsUniqueKey="true" IsMandatory="true" IsAutoFill="true">
					<CommandMappings>
						<Map ToCommand="Get-D1IMADGroupMember" Parameter="Identity"/>
						<Map ToCommand="Add-ADGroupMember" Parameter="Identity"/>
						<Map ToCommand="Remove-ADGroupMember" Parameter="Identity"/>
						<Map ToCommand="Set-D1IMADGroupMember" Parameter="Identity"/>
					</CommandMappings>
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADGroup" Path="ObjectGuid.ToString()" />
					</ReturnBindings>
				</Property>			

				<!--Name-->
				<Property Name="Name" DataType="String" IsMandatory="true">
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADGroup" Path="Name" />
					</ReturnBindings>
					<ModifiedBy>
						<ModBy Command="Rename-ADObject" />
					</ModifiedBy>	  
					<CommandMappings>
						<Map ToCommand="Rename-ADObject" Parameter="NewName" />
						<Map ToCommand="New-ADGroup" Parameter="Name" />
					</CommandMappings>
				</Property>

				<!--SamAccountName-->
				<Property Name="SamAccountName" DataType="String">
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADGroup" Path="SamAccountName" />
					</ReturnBindings>
					<ModifiedBy>
						<ModBy Command="Set-ADGroup" />
					</ModifiedBy>	  
					<CommandMappings>
						<Map ToCommand="Set-ADGroup" Parameter="SamAccountName" />
					</CommandMappings>
				</Property>	

				<!--GroupCategory-->
				<Property Name="GroupCategory" DataType="String">
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADGroup" Path="GroupCategory.ToString()" />
					</ReturnBindings>
					<ModifiedBy>
						<ModBy Command="Set-ADGroup" />
					</ModifiedBy>	  
					<CommandMappings>
						<Map ToCommand="Set-ADGroup" Parameter="GroupCategory" />
					</CommandMappings>
				</Property>			

				<!--GroupScope-->
				<Property Name="GroupScope" DataType="String" IsMandatory="true">
					<ReturnBindings>
						<Bind CommandResultOf="Get-ADGroup" Path="GroupScope.ToString()" />
					</ReturnBindings>
					<ModifiedBy>
						<ModBy Command="Set-ADGroup" />
					</ModifiedBy>	  
					<CommandMappings>
						<Map ToCommand="Set-ADGroup" Parameter="GroupScope" />
					</CommandMappings>
				</Property>	

				<!-- MemberDNs -->
				<Property Name="Members" DataType="String" IsMultivalue="true">
					<ReferenceTargets>
						<ReferenceTarget Class="User" Property="DistinguishedName" />
						<ReferenceTarget Class="Group" Property="DistinguishedName" />
					</ReferenceTargets>
					<ReturnBindings>
						<Bind CommandResultOf="Get-D1IMADGroupMember" Path="MemberDNs" />
					</ReturnBindings>
					<ModifiedBy>
						<ModBy Command="Add-ADGroupMember" />
						<ModBy Command="Remove-ADGroupMember" />
						<ModBy Command="Set-D1IMADGroupMember" />
					</ModifiedBy>	  
					<CommandMappings>
						<Map ToCommand="Add-ADGroupMember" Parameter="Members" ModType="Add" />
						<Map ToCommand="Remove-ADGroupMember" Parameter="Members" ModType="Remove" />
						<Map ToCommand="Set-D1IMADGroupMember" Parameter="Members" ModType="Replace" />
					</CommandMappings>		  
				</Property>		

			</Properties>

			<ReadConfiguration>
				<ListingCommand Command="Get-ADGroup">
					<SetParameter Param="Filter" Source="FixedValue" Value="*" />
				</ListingCommand>
				<CommandSequence>
					<Item Command="Get-ADGroup" Order="1" />
					<Item Command="Get-D1IMADGroupMember" Order="2" />
				</CommandSequence>
			</ReadConfiguration>

			<!--
		[Todo] explain method configuration
		- Special Insert/Update/Delete!!!
	  -->	  
			<MethodConfiguration>
				<Method Name="Insert">
					<CommandSequence>
						<Item Command="New-ADGroup" Order="1">
							<SetParameter Param="PassThru" Source="SwitchParameter" Value="" />
						</Item>
						<Item Command="Set-ADGroup" Order="2" Condition="ModificationExists"/>
						<Item Command="Add-ADGroupMember" Order="3" Condition="ModificationExists"/>
						<Item Command="Remove-ADGroupMember" Order="4" Condition="ModificationExists"/>
						<Item Command="Set-D1IMADGroupMember" Order="5" Condition="ModificationExists"/>
					</CommandSequence>
				</Method>
				<Method Name="Update">
					<CommandSequence>
						<Item Command="Set-ADGroup" Order="1" Condition="ModificationExists">
							<SetParameter Param="PassThru" Source="SwitchParameter" Value="" />
						</Item>
						<Item Command="Add-ADGroupMember" Order="2" Condition="ModificationExists"/>
						<Item Command="Remove-ADGroupMember" Order="3" Condition="ModificationExists"/>
						<Item Command="Set-D1IMADGroupMember" Order="4" Condition="ModificationExists"/>
						<Item Command="Rename-ADObject" Order="5" Condition="ModificationExists"/>
					</CommandSequence>
				</Method>
				<Method Name="Delete">
					<CommandSequence>
						<Item Command="Remove-ADGroup" Order="1" />
					</CommandSequence>
				</Method>
			</MethodConfiguration>
		</Class>	

	</Schema>

</PowershellConnectorDefinition>

 

------------------------------------------------------------------------------------
$site = "http://LocalHost/Test"
$api = "$site/api/v1"

$creds = @{
username = "12345"
password = "12345"
grant_type = "password"
}

$token = ""

$response = Invoke-RestMethod "$site/oauth2/token" -Method Post -Body $creds
$token = $response.access_token;

Write-Host $token

$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Authorization", "Bearer $token")

# create user
Write-Host ""
Write-Host "----- Create a User -----"

$timestamp = Get-Date
$userCreateArgs = @{
userName = "sandys"
password = "********"
DisplayName = "Sandys"
enabled = $true
} | ConvertTo-Json

$user = Invoke-RestMethod "$api/users" -Headers $headers -Method Post -ContentType "application/json" -Body $userCreateArgs
Write-Host "New User ID : " $user.id
}

---------------------------  Connector DefinITION FILE------------------------------

 

 

  • Create User Script into target system using powershell

    $site = "http://LocalHost/Test"
    $api = "$site/api/v1"

    $creds = @{
    username = "12345"
    password = "12345"
    grant_type = "password"
    }

    $token = ""

    $response = Invoke-RestMethod "$site/oauth2/token" -Method Post -Body $creds
    $token = $response.access_token;

    Write-Host $token

    $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
    $headers.Add("Authorization", "Bearer $token")

    # create user
    Write-Host ""
    Write-Host "----- Create a User -----"

    $timestamp = Get-Date
    $userCreateArgs = @{
    userName = "sandys"
    password = "********"
    DisplayName = "Sandys"
    enabled = $true
    } | ConvertTo-Json

    $user = Invoke-RestMethod "$api/users" -Headers $headers -Method Post -ContentType "application/json" -Body $userCreateArgs
    Write-Host "New User ID : " $user.id
    }