SailPoint IdentityNow PowerShell Module

I’ve just published v1 of my SailPoint IdentityNow PowerShell Module.

NOTE: This is not an official SailPoint IdentityNow PowerShell Module.


  • Easy command-line use, after setting default configuration options and securely saving them to the current user’s profile.
  • Get an IdentityNow Organisation and Get / Update an Organisation Configuration
  • Search IdentityNow Users
  • Search IdentityNow Users Profiles
  • Search IdentityNow Entitlements
  • Create / Get / Update / Remove IdentityNow Access Profiles
  • Create / Get / Start IdentityNow Certification Campaigns
  • Get IdentityNow Certification Campaign Reports (output to file or return as PSObject)
  • Create / Get / Update / Remove IdentityNow Governance Groups
  • Create / Get / Update / Remove IdentityNow Roles
  • Get / IdentityNow Sources
  • Get Accounts from an IdentityNow Source
  • Create / Update / Remove IdentityNow Source Account (Flat File / Delimited Sources)
  • Get / Complete IdentityNow Tasks
  • Get IdentityNow Virtual Appliance Clusters (and clients (VA’s))
  • Get / Update IdentityNow Applications
  • ….
[Keep reading] “SailPoint IdentityNow PowerShell Module”

Multi-Threading Granfeldt PowerShell Management Agent Imports

As I’m sure you are familiar (with my many posts on the topic), the Granfeldt PowerShell Management Agent is extremely flexible. When used to integrate Microsoft Identity Manager with modern REST API’s it is easy to retrieve pages of results from a REST API and process the objects through the Management Agent. However sometimes you need to integrate Microsoft Identity Manager with an API (e.g. a SOAP WebService) that doesn’t provide functionality to page results.… [Keep reading] “Multi-Threading Granfeldt PowerShell Management Agent Imports”

ChatOps for Microsoft Identity Manager

A Bot or ChatOps for Microsoft Identity Manager is something I’ve had in the back of my mind for just over two years. More recently last year I did build the Voice Assistant for Microsoft Identity Manager as a submission for an IoT Hackathon. But what is ChatOps?

ChatOps is a collaboration model that connects people, tools, process, and automation into a transparent workflow. This flow connects the work needed, the work happening, and the work done in a persistent location staffed by the people, bots, and related tools.[Keep reading] “ChatOps for Microsoft Identity Manager”

What’s wrong with removing a RouteTable association with AzureAz Powershell

Originally published on Lucian’s blog, Follow Lucian on Twitter @LucianFrango.


For a change recently, I needed to disassociate Azure RouteTable’s from subnets, specifically: I needed to this at scale. It wasn’t a matter of a couple of RouteTable’s. Rather, the design had close to a RouteTable per subnet (with many subnets across many VNETs). The environment is also spread across multiple logical zone types and VNETs are also spread across multiple subscriptions.… [Keep reading] “What’s wrong with removing a RouteTable association with AzureAz Powershell”

Darren’s PowerShell Snippets Volume 2

This is my PowerShell Snippets Volume 2. A collection of PowerShell commands for tasks that I don’t perform often and can’t recall easily from memory. Those ‘I know I’ve worked this out before’ type moments. Volume 1 is available here.

A quick recap.

I live in PowerShell and my memory is pretty good. There are a number of common PowerShell commands and one-liners or functions that I use a lot and I can remember them.[Keep reading] “Darren’s PowerShell Snippets Volume 2”

An Azure MFA Management Agent for User MFA Reporting using Microsoft Identity Manager

Microsoft as part of the uplift in Authentication Methods capability have extended the Graph API to contain User Azure MFA information. My customers have been requesting MFA User Reporting data for some time. How many users are registered for Azure MFA? What and how many methods are they registered with? The new Graph API functions provide this information and we no longer have to use the legacy MSOLUser PowerShell cmdlet to obtain the strongAuthenticationMethods information. The new API’s provide;

Azure MFA User Reporting Management Agent

With this new functionality exposed, I’ve built an Azure MFA Management Agent for Microsoft Identity Manager to consume information from the credentialRegistrationDetails API, which can then be used in Identity Workflows to trigger notifications to users that don’t have enough registered methods (e.g.… [Keep reading] “An Azure MFA Management Agent for User MFA Reporting using Microsoft Identity Manager”

Automating RACF Administration with PowerShell

Automating RACF Administration with PowerShell? Yes, I’m writing this post from the past as it is 2019 and certain technologies are not in my job description anymore like Faxing Solutions and Mainframe Administration. I guess its been one of those months. Recently I needed to automate some RACF Administration tasks. Naturally I wanted to perform this with my favourite scripting tool, PowerShell.

After much searching, I couldn’t find any references to anyone doing such a thing.… [Keep reading] “Automating RACF Administration with PowerShell”

Microsoft Identity Manager PowerShell Management Agent for Oracle Internet Directory

Why a FIM/MIM PowerShell Management Agent for Oracle Internet Directory? Why not just use the Generic LDAP Connector for Microsoft Identity Manager? I needed an integration solution that was able to update an Oracle Database behind Oracle Internet Directory. That meant I required a solution that was able to use LDAP to get visibility as to who/what was in OID, but then make updates into an Oracle DB. That functionality I wanted to be contained on a single Management Agent, not an MA for the Database and another for LDAP.… [Keep reading] “Microsoft Identity Manager PowerShell Management Agent for Oracle Internet Directory”

Azure NSG security rule management like a boss with PowerShell and CSVs

Originally this blog post was posted on Lucian’s blog. Check it out, or check him out on @LucianFrango on Twitter.

* * *

Network Security Groups (NSG) are pretty good. I don’t mind them that much as for what they are, they do a good job. Designing them can be a little tricky, having to know all the nuances of working with them. When it comes to implementing them, changing them at scale… well that’s where things can be a little tiresome.… [Keep reading] “Azure NSG security rule management like a boss with PowerShell and CSVs”

Querying Oracle Internet Directory (LDAP) with PowerShell

If you are an IT Professional it is highly likely you are very familiar with Microsoft Active Directory and in turn PowerShell and LDAP. At some point though you may need to integrate with another LDAP directory such as Oracle Internet Directory and you find it isn’t as straight forward as Active Directory and the rich tooling it comes with. I’ve had to create interfaces with numerous LDAP directories over the years but its been quite a long time since I had to integrate with Oracle Internet Directory.… [Keep reading] “Querying Oracle Internet Directory (LDAP) with PowerShell”