On behalf of Mark Southwell (InTACT):

Request ability to control Identity Broker imports (full and sync) against connectors. InTACT would prefer a centralised scheduling for this ability.

While I'm sure this screen works, when I was first presented with it I had no idea what to do.

Clicking on a field gave me a description, but that was just taking a punt that's what I had to do.

Unsure why I should need to enter a server name when dealing with a local server, or even why I am even able to enter the server name.

In IE8, the width of the text input boxes is inconsistent, disconcertingly so.

Whether or not to use the below fields for database connection. Otherwise, enter a database connection string.

The above quote is nonsense, the description needs to make sense.

The full name of the server being connected to.

What name? It's nickname? This needs to be much more specific.

The name of this agent

This is not particularly helpful either - perhaps saying "The name used to refer to this agent in operations"

Connection string description should be more descriptive, perhaps "The ADO.NET connection string of the FIM/ILM database". Additionally, this text box should be disabled when using the other method.

The name of the FIM database server

Again, this should be more descriptive. What name? The host name? Does it also need to include the SQL instance name if not the default?

The name of the FIM database.

Why not have buttons that prefill this with the two common ones for FIM and ILM? I'm using ILM for this work, so I had to go and find out what the database name is.

I don't like the description of the SQL connection type, either. "Whether or not" is not really a good start to a description.

Again, using Windows authentcation, why can I put in credentials in?

When you configure agents it'd be cool to have a test button rather than having to save the config to see if it's working.

After using EvB 3 at DET a little bit I have a few suggestions.

The Operation Lists page can get really messy. It would be great if we could sort the operations and/or group them by Management Agent. Or even being able to re-order the list differently to the order they were entered.

When configuring operation lists it would be good if there was a label that showed where you are. For example something up the top that says Operation Lists > AD_Incoming > schedule. It might just be me but copying config from a list in another doc I kept getting lost.

The Exclusion Groups being defined with operation lists make it impossible to run delta import checks on everything all the time with no exclusion then if something is imported to run a delta sync as a trigger (because for the delta sync to be a trigger it has to be in an operation list by itself and then there's no check operation to kick it off.) So it would be good to either have individual operations within in an operation list to have their own exclusion status or alternatively a check operation for Pending Imports similar to the check operation for pending exports would also work.

I'm confused about the "Create" button in the main Agents screen.

It only seems to serve a purpose when you want to create a type of agent that's at the top of the list. If I select a type from the drop down, it creates it immediately without me requiring to press "Create"

Can we improve this so it's clearer what's actually happening?

We have a AD DIDS operation in event broker

On dashboard it says there is an error

But in verbose log there is no error

20150729,00:09:16,UNIFY FIM Event Broker,Operation List Executor,Information,Operation list MonashAD - DIDS started,Verbose
20150729,00:09:17,UNIFY FIM Event Broker,Operation List Executor,Information,Completed Management Agent: MonashAD - Run Profile: DIDS operation with id f0986d76-16df-4996-93e7-cc1dc8ba0326 in operation list MonashAD - DIDS,Verbose
20150729,00:09:17,UNIFY FIM Event Broker,Operation List Executor,Information,Completed Active Directory Commit operation with id 4f484b80-25ca-453c-9940-541a6b84d376 in operation list MonashAD - DIDS,Verbose
20150729,00:09:17,UNIFY FIM Event Broker,Operation List Executor,Information,Operation list MonashAD - DIDS finished,Verbose

Looks like a commit error

My question is

1) For the account being used for AD Listener, what rights does it need? (https://unifysolutions.jira.com/wiki/display/EB32/Active+Directory)

2) What could be failing for AD Commit - Log says successful.

I am experiencing the following error if I click the 'Select Management Agent' link in the breadcrumb while editing an existing Operation in an operation list.

Server Error in '/' Application.
--------------------------------------------------------------------------------

The resource cannot be found. 
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable.  Please review the following URL and make sure that it is spelled correctly. 

Requested URL: /Operation/CreateRunProfileOperationSelectManagementAgent


--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.272 

Reproduction steps are:
1 Navigate to the Operations Page
2 Open an existing Operation List with at least one configured Operation
3 If required, stop the Operation List
4 Select an operation of type 'Run Profile' (Runs a FIM MA) and choose 'Edit Operation'
5 On the 'Select Management Agent' page do not change the Management Agent. Hit 'Update'.
6 On the second 'Select Maangement Agent' page (where run profile information can be supplied), at the breadcrumb near the top of the page click 'Select Management Agent'. See attached screnshot

Expected Outcome: A page loads

Actual Outcome: 404 Error

Not: I havent tested this when creating a new management agent operation from scratch. Since a similar/identical page loads, the error may or may not occur there also.

In Event Broker 2.x, connections to outside systems were handled in two ways:

• The details of a single FIM database instance were saved in configuration, and Event Broker had to be installed on the same machine due to no WMI configuration flexibility.
• The details to other systems (IDB, AD, SQL Server, etc) were stored separately in operation configurations. Details were often duplicated across many operations, configured differently for each of them and sensitive information (eg passwords) stored in plain text.

Event Broker v3.0 should solve this problem by using "Agents". An agent should contain all the information required to connect to a particular type of system in a secure manner. PlugIns can then request instances of an agent and use this information to connect to the target system. For example:

• A FIM Agent should contain the database and WMI details necessary to connect to an instance of FIM.
• An Identity Broker Agent should contain the location of the WCF endpoints and any credentials necessary to access them.

A bonus of this approach is that the Event Broker service can now be installed on any machine and even multi-target FIM instances.

In the logs for an outgoing export in Event Broker(version 2.2) to Active Directory there are some errors appearing as in the attached screenshot. There are exports being run so I'm not sure if this is a problem but I can't find any further information on the error, in event viewer or in Jira. I'm doing a health check on the Virgin solution so just investigating if this could be an issue.

It would be great for it to be able to schedule in T-SQL scripts when nothing else is running & delay run profiles when the T-SQL scripts are running. As a stretch target, recognising when various FIM & UNIFY dbs require reindexing & run appropriate scripts would be awesome.