MIM Event Broker Forum
Welcome to the community forum for MIM Event Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.
I know this is somewhere on the roadmap, but I thought I'd give you a specific example of how I would like to use this to lookup the Operation List name for a corresponding guid from within a PowerShell script. I know this method exists on the WCF endpoint because it is exposed in the WSDL. However it is not a simple exercise to access this from PowerShell.
For the time being I have a work-around which relies on looking up the Event Broker registry key to determine the extensibility file path, then querying the operations extensibility xml directly. However the limitation here is that this will only work if the script is running locally on the Event Broker service host.
Now that this has been proven in Identity Broker we'll look at this for MIM Event Broker.
Event Broker agent wizard leads to "The server is unwilling to process the request" exception for specific OU
When an OU is configured for an AD agent that is NOT the domain root (e.g. "OU=Employees,DC=mim2016,DC=local") we get the following exception when the generated incoming operation list is activated:
Operation faulted: The server is unwilling to process the request. - Please see the log viewer for more details.
This is because the AD Sync Changes check operation uses the full DN for the "Domain" property instead of the DC part only (i.e. "DC=mim2016,DC=local").
To avoid this error the AD sync changes operation needs to extract the DC DN from the full DN supplied.
Fixed in 4.0
Presently the TO address supports only a single target email address. However this field is multi-valued in the sendmail API and the logger could easily be extended to support this. There is no tooltip on this field so it was not intuitive that this restriction applied - however attempts using "," and ";" delimiters both failed. Work-arounds include setting up multiple loggers, or using a distribution list. However there are times when this would still be handy - especially when d-lists are not easily modified or the requirement is only temproary.
Added ability to have logs emailed to multiple addresses. Will be included in the next release.
With the release of Ryan Newington's latest Lithnet miis-powershell module it occurred to me that it may be possible in some scenarios (e.g. full imports vs. delta imports) to leverage the progress bar idea for the Event Broker console.
To be investigated during UI rewrite.
The native AD MA for the FIM Sync service has long had an optional configuration section for preferred DCs, so that administrators can nominate an ordered list of preferred DCs to connect to for imports/exports. When this is used with Event Broker, especially in forests where there are delays in AD replication between DCs, the result can be that Event Broker detects a change before it is replicated to the DC from which FIM is connecting. This generally results in a missed change.
A feature to configure the AD agent exactly in line with that in the corresponding AD MA is suggested here.
Hi. Can someone please help me with information on the use of the Refresh MAs button shown in the second of the above screenshots? I understand the intent of this button might be to resolve an issue I have presently where both the MA and Run Profile IDs specified in the <Extended> node of the operation extensibility file no longer seem to match the MIM IDs. I was hoping that the button will help me reset these all to the correct values, but the button doesn't seem to be having any affect, and I can't find any documentation on the use of this button to confirm this is the intent.
Incidentally I've also tried using this feature when porting extensibility configuration from one MIM sync server to another where the MA and run profile names are the same but the guids different - however in this case both source and target MIM IDs are identical. In Production the UNIFYNow configuration is working fine in the source environment, but it fails for ALL MA/Run Profile combinations in the target system with the following exception:
Operation faulted: Attempting to check for exports in non-existent management agent with id 6c582b25-f84e-4d85-830e-ab0e36bcd020 - Please see the log viewer for more details.
Hi Bob, what version are you running? This sounds similar to an issue that was fixed in v4.0.4 (https://voice.unifysolutions.net/communities/5/topics/3566-non-existant-management-agents-after-upgrading-from-v3-to-v4).
I am trying to use production EB configuration to restore UAT for a customer. I have followed the instructions on Voice for migrating between environments which is essentially to install a fresh EB and then copy the Extensibility files across, modifying as required to match the new environment. When I do this though, whilst the service will start the web site http://localhost:80 is unavailable. The version in production is 4.0.0.RTM matching the version deployed in UAT.
Investigating your config has shown that the customer is hosting the UI through IIS.
To replicate production, follow the instructions at the link below for configuring the product with IIS:
If you wish to use the embedded web server, follow the instructions at the link below, noting that the embedded web server is deprecated as of UNIFYNow version 4.x:
Failed UNIFYNow SQL operation with error: Operation faulted: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
We have a operation list which is currently failing and will only run successfully after restarting the UNIFYNow service, not sure of the exact cause of the root error but any subsequent runs fail immediately with the error:
|Operation faulted: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.|
Operation e681ce94-daf3-4c29-b6cc-f9d03f55cce8 failed in operation list with id df1696a0-948e-41e8-939f-4b48509b5508 for the following reason. This is retry number 0: System.Data.SqlClient.SqlException (0x80131904): Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.<br> at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)<br> at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)<br> at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)<br> at System.Data.SqlClient.SqlCommand.RunExecuteNonQueryTds(String methodName, Boolean async, Int32 timeout, Boolean asyncWrite)<br> at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(TaskCompletionSource`1 completion, String methodName, Boolean sendToPipe, Int32 timeout, Boolean asyncWrite)<br> at System.Data.SqlClient.SqlCommand.ExecuteNonQuery()<br> at Unify.Framework.Data.AdoNetDataControl.ExecuteNonQuery(String commandText, IEnumerable`1 parameters, CommandType commandType)<br> at Unify.Product.EventBroker.OperationListExecutorBase.RunNextOperations(IEnumerator`1 operationEnumerator)<br>ClientConnectionId:a38cf1d2-62c1-4c4e-8270-29b04c876079<br>Error Number:18456,State:1,Class:14
The operation will run successfully after the restart and after some period will start failing.
It is once it starts failing that the above error is shown.
There doesn't appear to be any evidence that UNIFYNow isn't functioning correctly. If any new information is presented please add it and I'll reopen the issue.
Currently, UNIFYNow only supports the ability to execute one check operation against an operation list.
It would be good if the ability to run multiple check operations, with an AND or OR clause against them, was made available.
One benefit of this for the MIM product, is the execution of an MA containing multiple adapters, when any of the contained adapters have changes available.
Customer support service by UserEcho