MIM Event Broker Forum
Welcome to the community forum for MIM Event Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.
Generate default display name for Operation List Execute operations in Event Broker 3.2
When adding an Operation List Execute to an operation list there is no useful display name generated - such as the name of the operation list. It is necessary to manually override the display name otherwise it just appears as Operation List.
Can this be changed to be like the Run Profile operation where it generates Management Agent: My MA - DIDS as the display name.
E.g. Operation List: <Name of Operation List>
AD Sync Get Changes: Collection was modified
Via email with Bob Bradley:
Operation bccdc996-f23b-46a0-87ad-607a093ce096 failed in operation list with id add13e6e-e8b3-4336-b9aa-b9c62943a855 for the following reason. This is retry number 0: Unify.Framework.UnifyEngineException: Error in stored values engine attempting to write to storage, see the inner exception. ---> System.InvalidOperationException: Collection was modified; enumeration operation may not execute. at System.Collections.Generic.Dictionary`2.Enumerator.MoveNext() at WriteArrayOfKeyValueOfGroupedNameValueCollectionKeyanyType70DdoCVIToXml(XmlWriterDelegator, Object , XmlObjectSerializerWriteContext , CollectionDataContract ) at System.Runtime.Serialization.CollectionDataContract.WriteXmlValue(XmlWriterDelegator xmlWriter, Object obj, XmlObjectSerializerWriteContext context) at System.Runtime.Serialization.XmlObjectSerializerWriteContext.SerializeAndVerifyType(DataContract dataContract, XmlWriterDelegator xmlWriter, Object obj, Boolean verifyKnownType, RuntimeTypeHandle declaredTypeHandle, Type declaredType) at System.Runtime.Serialization.XmlObjectSerializerWriteContext.SerializeWithXsiType(XmlWriterDelegator xmlWriter, Object obj, RuntimeTypeHandle objectTypeHandle, Type objectType, Int32 declaredTypeID, RuntimeTypeHandle declaredTypeHandle, Type declaredType) at System.Runtime.Serialization.XmlObjectSerializerWriteContext.InternalSerialize(XmlWriterDelegator xmlWriter, Object obj, Boolean isDeclaredType, Boolean writeXsiType, Int32 declaredTypeID, RuntimeTypeHandle declaredTypeHandle) at System.Runtime.Serialization.XmlObjectSerializerWriteContext.InternalSerializeReference(XmlWriterDelegator xmlWriter, Object obj, Boolean isDeclaredType, Boolean writeXsiType, Int32 declaredTypeID, RuntimeTypeHandle declaredTypeHandle) at WriteStoredValueCollectionToXml(XmlWriterDelegator , Object , XmlObjectSerializerWriteContext , ClassDataContract ) at System.Runtime.Serialization.ClassDataContract.WriteXmlValue(XmlWriterDelegator xmlWriter, Object obj, XmlObjectSerializerWriteContext context) at System.Runtime.Serialization.DataContractSerializer.InternalWriteObjectContent(XmlWriterDelegator writer, Object graph, DataContractResolver dataContractResolver) at System.Runtime.Serialization.DataContractSerializer.InternalWriteObject(XmlWriterDelegator writer, Object graph, DataContractResolver dataContractResolver) at System.Runtime.Serialization.XmlObjectSerializer.WriteObjectHandleExceptions(XmlWriterDelegator writer, Object graph, DataContractResolver dataContractResolver) at System.Runtime.Serialization.XmlObjectSerializer.WriteObject(XmlDictionaryWriter writer, Object graph) at System.Runtime.Serialization.XmlObjectSerializer.WriteObject(Stream stream, Object graph) at Unify.Framework.StoredValues.IsolatedStoredValuesEngineBase.<>c__DisplayClass14_0.<SaveStoredValuesCollection>b__0() at Unify.Framework.ExtensionMethods.WaitOnMutex(Mutex mutex, Action work) at Unify.Framework.StoredValues.IsolatedStoredValuesEngineBase.SaveStoredValuesCollection(IStoredValueCollection storedValueCollection) --- End of inner exception stack trace --- at Unify.Framework.StoredValues.IsolatedStoredValuesEngineBase.SaveStoredValuesCollection(IStoredValueCollection storedValueCollection) at Unify.Product.EventBroker.ADSyncChangesPlugIn.GetChanges(DirectorySearcher searcher) at Unify.Product.EventBroker.ADChangesPlugInBase.Check() at Unify.Product.EventBroker.OperationListExecutorBase.RunCheck(ICheckOperationFactoryInformation checkOperation)<span></span>
Event Broker 3.2 runs disabled operation list
When there are two operations lists in Event Broker, e.g. Operation List (OL) A includes a step to run Operation List B. When OL A is enabled however OL B is disabled, OL B is still run by OL A. I would have expected the disabled status of OL B to be honoured.
Event Broker 3.2 RestAPIAgentSendRequestFailedException error running IDB 5.1 Connector
Running an Identity Broker connector from Identity Broker (Import All) - the connector import is started however the error below appears after approx. 90 secs resulting in the Operation List being terminated prematurely - the Connector import however continues running in the background.
Operation 35db6bcb-6055-42e2-8e0d-e8e9f922929b failed in operation list with id 8b481868-b4da-4712-84ad-80bc959cf111 for the following reason. This is retry number 0: Unify.Product.EventBroker.RestAPIAgentSendRequestFailedException: The sending of the request failed. See the inner exception for more information. ---> System.Threading.Tasks.TaskCanceledException: A task was canceled. at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Unify.Product.EventBroker.RestAPIAgent.<SendPostRequestAsync>d__3.MoveNext() --- End of inner exception stack trace --- at Unify.Product.EventBroker.RestAPIPlugIn.Execute() at Unify.Product.EventBroker.OperationListExecutorBase.RunNextOperations(IEnumerator`1 operationEnumerator) |
Cannot find an object with identity: 'none'
Receiving the following errors when EvB attempts to run an operation.
20160824,01:17:38,UNIFY FIM Event Broker,Logging Engine,Information,Log file started.,Minimal20160824,01:17:38,UNIFY FIM Event Broker,Agent Engine,Information,Scheduled job to perform a FIMAgentRefreshRequest on agent FIM Agent succeeded.,Normal 20160824,03:17:38,UNIFY FIM Event Broker,Agent Engine,Information,Scheduled job to perform a FIMAgentRefreshRequest on agent FIM Agent succeeded.,Normal 20160824,05:17:38,UNIFY FIM Event Broker,Agent Engine,Information,Scheduled job to perform a FIMAgentRefreshRequest on agent FIM Agent succeeded.,Normal 20160824,05:44:34,UNIFY FIM Event Broker,Operations,Error,"Operation abc6ccb0-3d9b-44ed-aab5-8acb839dc9db failed in operation list with id 812f51cd-cab4-47fc-afcd-713e1d51b6dc for the following reason. This is retry number 0: System.Runtime.Remoting.ServerException: Operation for management agent with id fb727b8b-d927-4124-80ad-f0f73ed7df84 with name FIFS failed with result stopped-user-termination-from-wmi-or-ui at Unify.Product.EventBroker.FIMAgent.ExecuteRunProfile(IStoredValueCollection storedValuesCollection, Guid agentId, Guid managementAgentId, Guid runProfileId) at Unify.Product.EventBroker.RunProfilePlugIn.Execute() at Unify.Product.EventBroker.OperationListExecutorBase.RunNextOperations(IEnumerator`1 operationEnumerator)",Normal 20160824,05:44:38,UNIFY FIM Event Broker,Operations,Error,"Operation cd255717-52a1-4ba7-bfd0-394abc7fdd1d failed in operation list with id 812f51cd-cab4-47fc-afcd-713e1d51b6dc for the following reason. This is retry number 0: System.Runtime.Remoting.ServerException: Operation for management agent with id fb727b8b-d927-4124-80ad-f0f73ed7df84 with name E failed with result stopped-user-termination-from-wmi-or-ui at Unify.Product.EventBroker.FIMAgent.ExecuteRunProfile(IStoredValueCollection storedValuesCollection, Guid agentId, Guid managementAgentId, Guid runProfileId) at Unify.Product.EventBroker.RunProfilePlugIn.Execute() at Unify.Product.EventBroker.OperationListExecutorBase.RunNextOperations(IEnumerator`1 operationEnumerator)",Normal 20160824,05:44:43,UNIFY FIM Event Broker,Operations,Error,"Operation 682e1c97-8044-47c7-b4b0-88da5c57c8e1 failed in operation list with id 812f51cd-cab4-47fc-afcd-713e1d51b6dc for the following reason. This is retry number 0: System.Management.Automation.CmdletInvocationException: Cannot find an object with identity: 'none' under: 'DC=corp,DC=DomainName,DC=gov,DC=au'. ---> Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException: Cannot find an object with identity: 'none' under: 'DC=corp,DC=DomainName,DC=gov,DC=au'. at Microsoft.ActiveDirectory.Management.Commands.ADFactoryUtil.GetObjectFromIdentitySearcher(ADObjectSearcher searcher, ADEntity identityObj, String searchRoot, AttributeSetRequest attrs, CmdletSessionInfo cmdletSessionInfo, String[]& warningMessages) at Microsoft.ActiveDirectory.Management.Commands.ADFactory`1.GetExtendedObjectFromIdentity(T identityObj, String identityQueryPath, ICollection`1 propertiesToFetch, Boolean showDeleted) at Microsoft.ActiveDirectory.Management.Commands.ADGetCmdletBase`3.ADGetCmdletBaseProcessCSRoutine() at Microsoft.ActiveDirectory.Management.CmdletSubroutinePipeline.Invoke() at Microsoft.ActiveDirectory.Management.Commands.ADCmdletBase`1.ProcessRecord() --- End of inner exception stack trace --- at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input) at System.Management.Automation.RunspaceInvoke.Invoke(String script, IEnumerable input, IList& errors) at Unify.Product.EventBroker.PowerShellScriptPlugInBase.ExecuteScript() at Unify.Product.EventBroker.PowerShellScriptPlugIn.Execute() at Unify.Product.EventBroker.OperationListExecutorBase.RunNextOperations(IEnumerator`1 operationEnumerator)",Normal 20160824,07:17:38,UNIFY FIM Event Broker,Agent Engine,Information,Scheduled job to perform a FIMAgentRefreshRequest on agent FIM Agent succeeded.,Normal 20160824,09:17:38,UNIFY FIM Event Broker,Agent Engine,Information,Scheduled job to perform a FIMAgentRefreshRequest on agent FIM Agent succeeded.,Normal 20160824,11:17:38,UNIFY FIM Event Broker,Agent Engine,Information,Scheduled job to perform a FIMAgentRefreshRequest on agent FIM Agent succeeded.,Normal 20160824,13:17:38,UNIFY FIM Event Broker,Agent Engine,Information,Scheduled job to perform a FIMAgentRefreshRequest on agent FIM Agent succeeded.,Normal 20160824,14:05:05,UNIFY FIM Event Broker,Operations,Error,"Operation 682e1c97-8044-47c7-b4b0-88da5c57c8e1 failed in operation list with id 812f51cd-cab4-47fc-afcd-713e1d51b6dc for the following reason. This is retry number 0: System.Management.Automation.CmdletInvocationException: Cannot find an object with identity: 'none' under: 'DC=corp,DC=DomainName,DC=gov,DC=au'. ---> Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException: Cannot find an object with identity: 'none' under: 'DC=corp,DC=DomainName,DC=gov,DC=au'. at Microsoft.ActiveDirectory.Management.Commands.ADFactoryUtil.GetObjectFromIdentitySearcher(ADObjectSearcher searcher, ADEntity identityObj, String searchRoot, AttributeSetRequest attrs, CmdletSessionInfo cmdletSessionInfo, String[]& warningMessages) at Microsoft.ActiveDirectory.Management.Commands.ADFactory`1.GetExtendedObjectFromIdentity(T identityObj, String identityQueryPath, ICollection`1 propertiesToFetch, Boolean showDeleted) at Microsoft.ActiveDirectory.Management.Commands.ADGetCmdletBase`3.ADGetCmdletBaseProcessCSRoutine() at Microsoft.ActiveDirectory.Management.CmdletSubroutinePipeline.Invoke() at Microsoft.ActiveDirectory.Management.Commands.ADCmdletBase`1.ProcessRecord() --- End of inner exception stack trace --- at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input) at System.Management.Automation.RunspaceInvoke.Invoke(String script, IEnumerable input, IList& errors) at Unify.Product.EventBroker.PowerShellScriptPlugInBase.ExecuteScript() at Unify.Product.EventBroker.PowerShellScriptPlugIn.Execute() at Unify.Product.EventBroker.OperationListExecutorBase.RunNextOperations(IEnumerator`1 operationEnumerator)",Normal 20160824,15:17:38,UNIFY FIM Event Broker,Agent Engine,Information,Scheduled job to perform a FIMAgentRefreshRequest on agent FIM Agent succeeded.,Normal 20160824,17:17:38,UNIFY FIM Event Broker,Agent Engine,Information,Scheduled job to perform a FIMAgentRefreshRequest on agent FIM Agent succeeded.,Normal 20160824,18:19:00,UNIFY FIM Event Broker,Operations,Warning,The operation list of name Home Drive provisioning with id bb45e338-6945-4a18-9d04-0040444ce173 is disabled. As such it cannot be run.,Normal 20160824,19:17:38,UNIFY FIM Event Broker,Agent Engine,Information,Scheduled job to perform a FIMAgentRefreshRequest on agent FIM Agent succeeded.,Normal 20160824,21:17:38,UNIFY FIM Event Broker,Agent Engine,Information,Scheduled job to perform a FIMAgentRefreshRequest on agent FIM Agent succeeded.,Normal 20160824,23:17:38,UNIFY FIM Event Broker,Agent Engine,Information,Scheduled job to perform a FIMAgentRefreshRequest on agent FIM Agent succeeded.,Normal 20160825,00:00:04,UNIFY FIM Event Broker,Logging Engine,Information,Log file completed.,Minimal
Hi Matthew,
This is a bug with the PowerShell script. Please check there.
Thanks.
Subsequent EvB Operations do not wait for PowerShell Script Operations to complete before start
Scenario: Run Profile Operation, followed by a PowerShell Script Operation, followed by a Run Profile Operation;
The Run Profile Operation is executed, Success/Failure is evaluated, PowerShell command then runs. The 2nd Run Profile Operation appears to occur immediately, without a wait for the PowerShell operation to complete. There does not appear to be any evaluation of if it was Success/Fail.
Hi Matt,
I'm not the best at PowerShell but as I understand it, your script is a Pipeline script (i.e. it defines BEGIN, PROCESS and END), and as such is inappropriate for use as an operation (which isn't part of a pipeline).
Event Broker 3.2 check changes errors with Identity Broker 5.1 RC
I've upgraded IDB5.0.4 to 5.1 RC in the TAFE development environment and it now appears that the Event Broker 3.2 IDB Check Changes functionality no longer works.
Getting the following errors:
|
| An error occured when attempting to execute a function against the agent with the id 0c78b1fa-7b21-435c-b374-537221a38db4: System.ServiceModel.Security.MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate'. ---> System.Net.WebException: The remote server returned an error: (401) Unauthorized. at System.Net.HttpWebRequest.GetResponse() at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) --- End of inner exception stack trace --- Server stack trace: at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory`1 factory) at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory`1 factory, WebException responseException, ChannelBinding channelBinding) at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at IIdentityServiceCollector.GetAllAdapters(GetAllAdaptersRequest request) at Unify.Product.EventBroker.IdentityBroker41Communicator.GetAllAdapters() at Unify.Product.EventBroker.AgentRequestResponseEngine.IdBAgentGetAdapterNamesRequestAction(IAgent agent, XElement details, Guid agentId) at Unify.Product.EventBroker.AgentRequestResponseEngine.ExecuteRequest(IAgent agent, XElement details, Guid agentId) at Unify.Product.EventBroker.AgentEngineRepository.ExecuteAgainstAgent(Guid agentId, XElement details) at Unify.Product.EventBroker.AgentEngine.ExecuteAgainstAgent(Guid agentId, XElement details) at Unify.Product.EventBroker.AgentEngineLoggingDecorator.ExecuteAgainstAgent(Guid agentId, XElement details) |
If that works, can you then try reverting the above change and then instead editing an element in %EB Install Directory%\Services\Unify.Service.Event.exe.config
Under configuration > system.serviceModel > bindings > basicHttpBinding > binding [name="IdentityBroker4Binding"]
change to the below
<security mode="TransportCredentialOnly">...</security>
and inside that
<transport clientCredentialType="Windows"/>
Azure AD check operation
When a FIM Event Broker configuration includes an incoming operation list for the WAAD (OOTB Windows Azure AD) connector, a check operation is required which can be used to poll AAD for changes.
Closing as UNIFYNow is in maintenance mode, so no feature requests are currently slated.
Expected Behavior around polling incorrect credentials on AD Agents
Hi Gents,
We've had an issue in PROD at DET - essentially as part of a new deployment, EVB configuration from DEV was deployed, the service started and then left for a period with the scheduler in a paused/stopped state. The credentials for the agents were not updated at that time.
In this case, the credentials on a bunch of the AD agents used the same account names as in DEV but (obviously) different passwords. Also DET has an across the board policy on service accounts including lockouts.
As such, after running in this state for a while, we discovered that the AD service accounts in-use had become locked out/disabled. Unfortunately for us, one of those accounts was also shared by the VIS service which ended in a number of outages :(
What we're asking however, is this expected behavior of the Agent? What is the polling interval between credential checks? And should this be reviewed (perhaps something like if the last 1-2 checks failed, don't poll again until the agent is updated) or should polling be performed at all?
Hi Richard,
Yes, this is expected behaviour. The scheduler stops operation lists from being executed; it does not stop everything (as EB has numerous schedules that are required for its operation, as well as actions that occur at startup to ensure that locally cached information is correct).
Would following best practice and keeping services accounts mapped to single applications solve this particular problem? Or, if EB was desired to be stopped completely, couldn't the service have been stopped? Or would you feel there'd be some benefit to us looking at evaluating what is and isn't stopped when the scheduler is stopped?
Thanks.
Reinstate Operation List Play Button
In the upgrade to version 3.2 we lost the green play button that appears against each Operation List on the dashboard - in favour of a consolidated "Actions" button. While I understand that this helps in context sensitive operations (e.g. Execute not visible while list is executing) I find that during testing in particular it is annoying to have to click twice for just this one thing I do repeatedly - and I'm sure other users of the console would do likewise in an operations context.
This sounds like a very minor change - but I am noticing how annoying it is to have to continually do this - so I figure it must be the same for others.
Customer support service by UserEcho
