IDM Designer - Removing disabled rules with PowerShell

over 2 years ago


We inherited an environment with a lot of policy rules marked as disabled in the Policy Builder within IDM Designer. Within these rules there are also nested disabled conditions and actions, which in order to be seen need to be expanded in the GUI. We wanted to find a way to remove these rules without going through the tedious task of expanding hundreds of rules.


We created a PowerShell script that iterates through every .xml file and looks for the specified XPath expression and delete all nodes that matches the expression.

The files are saved in the in the OEM encoding type which takes the default encoding for MS-DOS, in our case ANSI. Different -Encoding values can be found on Microsoft docs here.

Do note that IDM Designer does not seem to like any other encoding than ANSI for the xml files.

$ErrorActionPreference = "stop"
Set-Location $PSScriptRoot
$counter = 0
# Iterate through all files that are .xml
$files = Get-ChildItem '.' -Recurse *.xml | ? {
Test-Path $_.FullName -PathType Leaf
$xml = New-Object -TypeName XML
# Load the file
try {
$selector = $null
try {
# Collect all nodes
$selector = Select-XML -Xml $xml -XPath '//*[@disabled="true"]'
if ($selector -ne $null)
# If they exist, iterate through them and remove
Foreach($item in $selector)
Write-Host $_.FullName
# Remove the node
$null = $item.Node.ParentNode.RemoveChild($item.node)
# Save the file
# Probably possible to combine the three lines below, right now we're saving twice.
$content = Get-Content $_.FullName
$content | Out-File $_.FullName -Encoding OEM
catch {$_.Exception.message}
Write-Host $counter "occurences of disabled='true' found"

After usage and import of the project again the disabled rules are removed:


Perform a backup of your Designer project: Right Click your Project > Copy Project

Save the script as <scriptname>.ps1 and place it at the root of your project backup directory and run it with CMD:

powershell .\<scriptname>.ps1

Windows might complain about running scripts depending on which execution policy is set. The execution policy can be changed to a less restrictive one with:
powershell Set-ExecutionPolicy <execution policy value>.

Execution policy values can be found here.

More information about Set-ExecutionPolicy can be found here.

When the script is finished the backup project can be imported, verify that the disabled rules are removed.


NetIQ Designer 4.7

C:\Windows\system32> powershell $PSVersionTable.PSVersion

Major Minor Build Revision
----- ----- ----- --------
5 1 17134 590


How To-Best Practice
Comment List
Related Discussions