C# Create Management Policy Rule (MPR) with FIM 2010 Resource Management Client

The developers of the Codeplex project for the FIM 2010 Resource Management Client (http://fim2010client.codeplex.com/) did a great job providing a tool that is straightforward to use and easy to learn.

One thing I could not find an example for was creating a management policy rule. It didn’t take too long to figure out, but I thought I’d post the code here.

There are functions to do the following:

– Create a Set
– Retrieve the ObjectID of the Set
– Create the MPR

I only needed one specific type of MPR, so the code isn’t ideal, but may help someone get started a little faster than I did.

==========
CREATE SET
==========
public void CreateSet(string sSetName, string sFilter)
{
using (DefaultClient client = new DefaultClient())
{

credentials = new NetworkCredential(“user”, “pwd”, “domain”);
client.ClientCredential = credentials;
client.RefreshSchema();

RmSet set = new RmSet()
{
DisplayName = sSetName,
Filter = @”” + sFilter + “”
};

RmReference newSetId = client.Create(set);

}

}

=================
GET SET OBJECT ID
=================
private RmReference GetSetObjectID(string sDisplayName)
{

RmReference sObjectID = null;
credentials = new NetworkCredential(“user”, “password”, “domain”);
using (DefaultClient client = new DefaultClient())
{

client.ClientCredential = credentials;

lblResults.Text = “/Set[DisplayName='” + sDisplayName + “‘]”;

foreach (RmSet set in client.Enumerate(“/Set[DisplayName='” + sDisplayName + “‘]”))
{
sObjectID = set.ObjectID;

}

}

return sObjectID;
}

==========
CREATE MPR
==========
public void CreateMPR(string sMPRName, string sRequestorSet, string sTargetSet)
{
using (DefaultClient client = new DefaultClient())
{

credentials = new NetworkCredential(“user”, “password”, “domain”);
client.ClientCredential = credentials;
client.RefreshSchema();

RmResource mprNew = new RmResource();

mprNew.ObjectType = “ManagementPolicyRule”;
mprNew.DisplayName = sMPRName;
//Grant Right
var keyGrantRight = new RmAttributeName(“GrantRight”);
if (!mprNew.Attributes.ContainsKey(keyGrantRight))
{
var attributeValueGrantRight = new RmAttributeValueSingle();
//Have to add the attribute to the user since the request would not have returned it.
mprNew.Attributes.Add(keyGrantRight, attributeValueGrantRight);
}
mprNew[“GrantRight”].Value = “true”;

//Action Parameter
var keyActionParameter = new RmAttributeName(“ActionParameter”);
if (!mprNew.Attributes.ContainsKey(keyActionParameter))
{
var attributeValueActionParameter = new RmAttributeValueSingle();

mprNew.Attributes.Add(keyActionParameter, attributeValueActionParameter);
}
mprNew[“ActionParameter”].Value = “*”;

//ActionType – Multivalued attribute
var keyActionType = new RmAttributeName(“ActionType”);
if (!mprNew.Attributes.ContainsKey(keyActionType))
{
var attributeValueActionType = new RmAttributeValueMulti();
mprNew.Attributes.Add(keyActionType, attributeValueActionType);
}
mprNew[“ActionType”].Values.Add(“Create”);
mprNew[“ActionType”].Values.Add(“Delete”);
mprNew[“ActionType”].Values.Add(“Modify”);
mprNew[“ActionType”].Values.Add(“Read”);
mprNew[“ActionType”].Values.Add(“Add”);
mprNew[“ActionType”].Values.Add(“Remove”);

//Principal Set
var keyPrincipalSet = new RmAttributeName(“PrincipalSet”);
if (!mprNew.Attributes.ContainsKey(keyPrincipalSet))
{
var attributeValuePrincipalSet = new RmAttributeValueSingle();

mprNew.Attributes.Add(keyPrincipalSet, attributeValuePrincipalSet);
}
mprNew[“PrincipalSet”].Value = GetSetObjectID(sRequestorSet);

//Resource Current Set
var keyResourceCurrentSet = new RmAttributeName(“ResourceCurrentSet”);
if (!mprNew.Attributes.ContainsKey(keyResourceCurrentSet))
{
var attributeValueResourceCurrentSet = new RmAttributeValueSingle();

mprNew.Attributes.Add(keyResourceCurrentSet, attributeValueResourceCurrentSet);
}
mprNew[“ResourceCurrentSet”].Value = GetSetObjectID(sTargetSet);

//Resource Final Set
var keyResourceFinalSet = new RmAttributeName(“ResourceFinalSet”);
if (!mprNew.Attributes.ContainsKey(keyResourceFinalSet))
{
var attributeValueResourceFinalSet = new RmAttributeValueSingle();

mprNew.Attributes.Add(keyResourceFinalSet, attributeValueResourceFinalSet);
}
mprNew[“ResourceFinalSet”].Value = GetSetObjectID(sTargetSet);

//Management Policy Rule Type
var keyManagementPolicyRuleType = new RmAttributeName(“ManagementPolicyRuleType”);
if (!mprNew.Attributes.ContainsKey(keyManagementPolicyRuleType))
{
var attributeValueManagementPolicyRuleType = new RmAttributeValueSingle();

mprNew.Attributes.Add(keyManagementPolicyRuleType, attributeValueManagementPolicyRuleType);
}
mprNew[“ManagementPolicyRuleType”].Value = “Request”;

RmReference newMprId = client.Create(mprNew);
}
}

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s