When users change their passwords at a connected data source, the password change is first imported into the Forefront Identity Manager Synchronization Service (FIM Synchronization Service) connector space for that data source. The password is then synchronized with the metaverse and exported to the other connected data sources. The MIIS_PasswordChangeHistorySource Class class contains the password change history from the originating connected data source.

The following examples show how to search for password change requests from the originating connected data source.

Search by User

The following Microsoft Visual Basic Scripting Edition (VBScript) example shows how to retrieve the password change history for a specified user from the data source that requested the change.

Visual Basic Script  Copy Code
Option Explicit

On Error Resume Next

Const PktPrivacy = 6	' Authentication level

Dim Service			 ' Service object
Dim queryString		 ' SQL Query string
Dim userName			' sAMAccountName of the user
Dim domainName		' User domain
Dim errorString		 ' Error string
Dim statusString		' Status string
Dim CSUsers			 ' Connector space user collection
Dim User				' Connector space user
Dim changeHistories	 ' Change history collection
Dim changeHistory	 ' Change history member

userName = "jeffsmith"
domainName ="fabrikam"

Set Service = GetObject("winmgmts:{authenticationLevel=PktPrivacy}!root\MicrosoftIdentityIntegrationServer")
If err.number<>0 then 
	errorString = "Could not retrieve service object: "
	errorString = errorString & Err.Description
	ErrorHandler(errorString)
End If

queryString = "Select * From MIIS_CSObject WHERE Domain = "
queryString = queryString & "'" & domainName & "' "
queryString = queryString & "and account = '" & userName & "'"
Set CSUsers = Service.ExecQuery(queryString)

If err.number <> 0 then
	errorString = "Could not find the user: "
	errorString = errorString & err.Description
	ErrorHandler(errorString)
End If

If CSUsers.Count = 0 then 
	statusString = "No users with that sAMAccountName."
	ErrorHandler(statusString)
End If 

For each User in CSUsers

	queryString = "Select * from MIIS_PasswordChangeHistorySource WHERE " &_
	queryString = queryString & "CsGuid = '"
	queryString = queryString & User.Guid & "'"
	Set changeHistories = Service.ExecQuery(queryString)

	If err.number <> 0 then
		errorString = "Could not retrieve password change history: " 
		errorString = errorString & Err.Description
		ErrorHandler(errorString)
	End If

	If changeHistories.Count = 0 then
		statusString = "There are no password change histories for the " 
		statusString = statusString & "user " & User.Account & "."
		WScript.Echo statusString
	Else
		For Each changeHistory in changeHistories
			statusString = "Change History for this user "
			statusString = statusString & userName &":"
			WScript.Echo statusString
			WScript.Echo changeHistory.eventDetails
		Next
	End If
Next
Sub ErrorHandler (ErrorMessage)
	WScript.Echo ErrorMessage
	WScript.Quit(1)
End Sub

Search by Time

The following VBScript example shows how to retrieve the password change history for any change request made after September 16, 2004.

Visual Basic Script  Copy Code
Option Explicit

On Error Resume Next

Const PktPrivacy = 6	' Authentication level
Dim Service			 ' Service object
Dim queryString		 ' SQL Query string
Dim errorString		 ' Error string
Dim timePeriod		' Time string
Dim changeHistories	 ' Change history collection
Dim changeHistory	 ' Change history member

Set Service = GetObject("winmgmts:{authenticationLevel=PktPrivacy}!root\MicrosoftIdentityIntegrationServer")
If err.number<>0 then 
	errorString = "Could not retrieve service object: "
	errorString = errorString & Err.Description
	ErrorHandler(errorString)
End If

timePeriod = "2004-09-16"
queryString = "Select * From MIIS_PasswordChangeHistorySource WHERE MIISReceiveTime > '"
queryString = queryString & timePeriod & "'"

Set changeHistories = Service.ExecQuery(queryString)

If err.number <> 0 then
	errorString = "Could not retrieve password change history: " 
	errorString = errorString & Err.Description
	ErrorHandler(errorString)
End If

If changeHistories.Count = 0 then
	WScript.Echo "There are no password changes requested after "
	WScript.Echo timePeriod & "."
	WScript.Quit(0)
End If

For Each changeHistory in changeHistories
	WScript.Echo changeHistory.eventDetails
Next

Sub ErrorHandler (ErrorMessage)
	WScript.Echo ErrorMessage
	WScript.Quit(1)
End Sub

Search by Management Agent

The following VBScript example shows how to retrieve the password change history from the originating connected data source for a specified management agent.

Visual Basic Script  Copy Code
Option Explicit

On Error Resume Next

Const PktPrivacy = 6	' Authentication level
Dim Service			 ' Service object
Dim queryString		 ' SQL Query string
Dim errorString		 ' Error string
Dim statusString		' Status string
Dim ManagementAgentSet  ' Management agent collection
Dim ManagementAgent	 ' Management agent member
Dim changeHistories	 ' Change history collection
Dim changeHistory	 ' Change history member

Set Service = GetObject("winmgmts:{authenticationLevel=PktPrivacy}!root\MicrosoftIdentityIntegrationServer")

If err.number<>0 then 
	errorString = "Could not retrieve service object: "
	errorString = errorString & Err.Description
	ErrorHandler(errorString)
End If

queryString = "Select * From MIIS_ManagementAgent"

Set ManagementAgentSet = Service.ExecQuery(queryString)

If err.number <> 0 then
	errorString = "Could not retrieve management agent collection: " 
	errorString = errorString & Err.Description
	ErrorHandler(errorString)
End If 

If ManagementAgentSet.Count = 0 then
	statusString = "There are no management agents on this server."
	ErrorHandler(statusString)
End If

For Each ManagementAgent in ManagementAgentSet
	queryString = "Select * From MIIS_PasswordChangeHistorySource WHERE MaGuid = '"
	queryString = queryString & ManagementAgent.Guid & "'"

	Set changeHistories = Service.ExecQuery(queryString)

	If err.number <> 0 then
		errorString = "Could not retrieve password change history: " 
		errorString = errorString & Err.Description
		ErrorHandler(errorString)
	End If

	If changeHistories.Count = 0 then
		statusString = "There are no password change histories for the " 
		statusString = statusString & ManagementAgent.Name
		statusString = statusString & " management agent."
		WScript.Echo statusString
	Else

		For Each changeHistory in changeHistories
			statusString = "Change History for the "
			statusString = statusString & ManagementAgent.Name
			statusString = statusString & " management agent."
			WScript.Echo statusString
			WScript.Echo changeHistory.eventDetails
		Next
	End If
Next

Sub ErrorHandler (ErrorMessage)
	WScript.Echo ErrorMessage
	WScript.Quit(1)
End Sub

Search by Reference GUID

The following VBScript example shows how to retrieve the password change history for a specified reference GUID from the originating server. In this example, the reference GUID is supplied. You can obtain the reference GUID from the MIIS_PasswordChangeHistoryTarget Class class or the MIIS_PasswordChangeQueue Class class. You can pass the value to this script to track the password change history from the originating connected data source to the target data sources.

Visual Basic Script  Copy Code
Option Explicit

On Error Resume Next

Const PktPrivacy = 6	' Authentication level
Dim Service			 ' Service object
Dim queryString		 ' SQL Query string
Dim errorString		 ' Error string
Dim statusString		' Status string
Dim refGuid			 ' Reference Guid string
Dim changeHistories	 ' Change history collection
Dim changeHistory	 ' Change history member

' In this example, the reference GUID is supplied.
' In practice, the reference GUID can be obtained from the
' MIIS_PasswordChangeHistoryTarget or the MIIS_PasswordChangeQueue
' classes and be passed to this script.

refGuid = "{B6F6FEB7-0EB7-45D9-B4CB-3B6B02CA9023}"

Set Service = GetObject("winmgmts:{authenticationLevel=PktPrivacy}!root\MicrosoftIdentityIntegrationServer")

If err.number<>0 then 
	errorString = "Could not retrieve service object: "
	errorString = errorString & Err.Description
	ErrorHandler(errorString)
End If
   
queryString = "Select * From MIIS_PasswordChangeHistorySource WHERE "
queryString = queryString & "ReferenceGuid = '"

queryString = queryString & refGuid & "'"

Set changeHistories = Service.ExecQuery(queryString)

If err.number <> 0 then
	errorString = "Could not retrieve password change history: " 
	errorString = errorString & Err.Description
	ErrorHandler(errorString)
End If

If changeHistories.Count = 0 then
	statusString = "There are no password change histories for the " 
	statusString = statusString & "reference Guid "
	statusString = statusString & refGuid & "."
	WScript.Echo statusString
Else
	For Each changeHistory in changeHistories
		statusString = "Change History for Reference Guid: "
		statusString = statusString & refGuid
		statusString = statusString & "."
		WScript.Echo statusString
		WScript.Echo changeHistory.eventDetails
	Next
End If

Sub ErrorHandler (ErrorMessage)
	WScript.Echo ErrorMessage
	WScript.Quit(1)
End Sub

See Also

[an error occurred while processing this directive]