Strange happenings when trying to use Target's (Person) ObjectSID

Sep 17, 2013 at 11:02 AM
Hello,

I am using FIM 2010 R2 and the latest version of the PowerShell Workflow Activity

I am having trouble when retrieving the Target's (Person) ObjectSID

At first I tried to add it as a value in the Workflow Dictionary using a Function Evaluator before the PowerShell activity. However every time I did this the PowerShell wouldn't fire...? I confirmed that ObjectSID was the issue by running the same PowerShell Activity but changing and/or removing ObjectSID lookups... All those in the 'test' set have an ObjectSID as imported from Active Directory


I next tried to use the ObjectSID as retrieved when you retrieve the entire Target object. The following is an example of that code:
$Target= Export-FimConfig -Custom ("/*[ObjectID='{0}']" -F $fimwf.TargetId.Guid) | Convert-FimExportToPSObject
$Target.ObjectSID
AQUAAAAAAAUVAAAA1u7/iCIBtngCifraqe4CAA==
The final line of text is the format with which SIDs are being returned.... I need to be able to double check against Active Directory this user exists and cannot do that with the SID in its 'current' format...

Does anyone know why my first attempt happened or ideally how to get the expected SID format from what I currently have...?

Thanks
M12
Sep 17, 2013 at 1:30 PM
I don't have an answer for why I couldn't pull the ObjectSID into the Workflow Dictionary but here is how to use the returned value from exporting the entire 'Target'
$Target= Export-FimConfig -Custom ("/*[ObjectID='{0}']" -F $fimwf.TargetId.Guid) | Convert-FimExportToPSObject

$TargetUser = [System.Convert]::FromBase64String($Target.ObjectSID)

$TargetUserSID = (New-Object System.Security.Principal.SecurityIdentifier($TargetUser, 0)).toString()

Get-ADUser -Identity $TargetUserSID
Works bea-u-ti-fully
Sep 18, 2013 at 4:12 PM
Sep 19, 2013 at 9:12 AM
Yes... the solution I posted to both forums gave me a fix but I still couldn't use a Function Evaluator in the Workflow to add the ObjectSID to the Workflow Dictionary

Thanks for this awesome extension to FIM; it has allowed me to very rapidly deploy a solution without needing any code/rules extensions!
Sep 19, 2013 at 4:52 PM

Awesome! Would love if you could post a review for the project on CodePlex.

-Craig