In the event that Event Broker cannot contact the ILM service for whatever reason (service is off/unresponsive), masses of DCOM errors are thrown to the System log in the Windows Event Viewer:

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.

This is likely an artifact of WMI communication failing. If possible, it would be good to remove this issue, and if not, then it should be noted with the documentation. Consequentially, this is worth looking at for v3.0

This question from IBM resource at DET - building the FIM solution. I could not find mention of the FIM portal in the 2.2.3 doco.

What is the change detection plug-in/method used for FIM Portal MA?

Currently we have configured EvB in the following manner for FIM Portal MA.
Outgoing Operation

• Run Profile - Export
• Run Profile - Delta Import and Delta Synchronization (DIDS)

Scenario:
EvB is running. A new user is created in the source system and imported into the Sync Service. The Outgoing operation for FIM MA is fired by Event Broker but when the DIDS is run there are no further changes. What we are expecting is that there will be a pending target system ERE for the user.
In this case flow a value to an attribute in the target system.

So my question is what is the standard configuration or plug-in used for detecting changes in the FIM Portal.

Thanks

I'm experiencing some issues with delta changes with the event broker changes plugin and just want to check whether there is some additional steps or advice that I should follow in regards to configuring it.

The scenario is that I have an approval workflow that will trigger the event broker changes plugin to notify FIM once a change is approved. If I select a single attribute to approve this functions fine, FIM is notified of the delta and the change is imported.

Where I am having an issue is if multiple approvals are pending and I select several of them at once and approve in one action, it seems there is a high probability that only one of the changes will make it into FIM. The delta import appears to fire at the completion of processing the first request and the second one is approved while this delta is running and gets lost and no event is triggered to run a second delta.

I had the FIM Incomming operation configured without a schedule but have now enabled one as a work around for this but I want to check whether there is a likely issue with how I have configured Event broker or if there is a timing issue.

As far as configuration is concerned, the FIM Incoming operation just executes a Delta Import Delta Sync with no check operations. It is set to "Queue Missed". The changes being triggered above are all on the one object (changing multiple attributes of one User, but the approval seems to do them sequentially as each attribute is its own approval request)

Edit: Event Broker and the Changes Plugin are on 3.0.1

edit 2: Please see additional clarrification bellow. I should have said there are two workflows and that accepting one causes the action to trigger, not that the trigger is on an approval workflow.

Customer reported he was unable to run PowerShell scripts from Event Broker. We tried both the PowerShell Script and PowerShell Execute activities and the error was always along the lines of "file not found".

Initially he had the script in the root of drive E:. I had him move it to E:\test but EB still couldn't find it. Then we tried drive C: and this time EB found the script and ran it correctly.

As the customer is using Win 2012 and IIS 8 there is perhaps a compatibility issue?

After installing Event Broker on Production, the FIM agent is failing with the following error message:
The test of Agent FIM (238a0962-e8f2-41c6-acb0-4bcf7fa2ff1f) failed with message:
System.Data.SqlClient.SqlException (0x80131904): Cannot open database "FIMSynchronizationService" requested by the login. The login failed.
Login failed for user 'INTERNAL\FIMAdminUser'.
at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning()
at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
at System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)
at System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, Boolean redirectedUserInstance, SqlConnection owningObject, SqlConnectionString connectionOptions, TimeoutTimer timeout)
at System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, TimeoutTimer timeout, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance)
at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance)
at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnection owningConnection, DbConnectionPool pool, DbConnectionOptions options)
at System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory)
at System.Data.SqlClient.SqlConnection.Open()
at Unify.Product.EventBroker.FIMAgent.TestConnection()
at Unify.Product.EventBroker.AgentEngine.Notify(ITestAgentConnectionMessage message)

Have already compared the installation to the Integration env.(which works) and could not find what might be the reason it's not working on Productions.

I would appreciate any advice.

Regards,

Meni Ariely

I think it'd be useful to be able to manually trigger an operation list while keeping the scheduler disabled. When making changes to an IAM solution specifically, it is usually desirable to manually run operations to ensure that everything is functioning before enabling the scheduled tasks. Some clients have a number of powershell scripts etc that are run alongside imports/exports which makes triggering the process in FIM directly a hassle.

This would allow consultants to run targeted operation lists on certain systems, without triggering exports to systems that a scheduled delta cycle may. It can also be difficult to disable the deltas...I had a situation just now where upon starting the scheduler the next delta cycle was set to start in 1 second, not giving me time to disable the operaton.

Installation completed but service won't start. Following two messages in Event Log:

Log Name: Application
Source: .NET Runtime
Date: 18/10/2011 9:08:38 AM
Event ID: 1026
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: PRDAPP101VS.act.gov.au
Description:
Application: Unify.Service.Event.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: Unify.Framework.WinEventLogWriterException
Stack:
at Unify.Framework.WinEventLogWriterBase.WriteLogEntryBase(Unify.Framework.ILogEntry)
at Unify.Framework.LogWriterBase.WriteLogEntry(Unify.Framework.ILogEntry)
at Unify.Product.EventBroker.EventBrokerService.LogServerError(Unify.Framework.ILogEntry)
at Unify.Product.EventBroker.EventBrokerService.Dispose(Boolean)
at System.ComponentModel.Component.Dispose()
at System.ServiceProcess.ServiceBase.Run(System.ServiceProcess.ServiceBase[])
at Unify.Product.EventBroker.EventServiceBootStrap.Main()

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name=".NET Runtime" />
<EventID Qualifiers="0">1026</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2011-10-17T22:08:38.000000000Z" />
<EventRecordID>6256</EventRecordID>
<Channel>Application</Channel>
<Computer>PRDAPP101VS.act.gov.au</Computer>
<Security />
</System>
<EventData>
<Data>Application: Unify.Service.Event.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: Unify.Framework.WinEventLogWriterException
Stack:
at Unify.Framework.WinEventLogWriterBase.WriteLogEntryBase(Unify.Framework.ILogEntry)
at Unify.Framework.LogWriterBase.WriteLogEntry(Unify.Framework.ILogEntry)
at Unify.Product.EventBroker.EventBrokerService.LogServerError(Unify.Framework.ILogEntry)
at Unify.Product.EventBroker.EventBrokerService.Dispose(Boolean)
at System.ComponentModel.Component.Dispose()
at System.ServiceProcess.ServiceBase.Run(System.ServiceProcess.ServiceBase[])
at Unify.Product.EventBroker.EventServiceBootStrap.Main()
</Data>
</EventData>
</Event>

Log Name: Application
Source: Application Error
Date: 18/10/2011 9:08:39 AM
Event ID: 1000
Task Category: (100)
Level: Error
Keywords: Classic
User: N/A
Computer: PRDAPP101VS.act.gov.au
Description:
Faulting application name: Unify.Service.Event.exe, version: 3.0.0.4, time stamp: 0x4e0ab726
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp: 0x4e21213c
Exception code: 0xe0434352
Fault offset: 0x000000000000cacd
Faulting process id: 0x1b24
Faulting application start time: 0x01cc8d1940ee9977
Faulting application path: C:\Program Files\UNIFY Solutions\Event Broker\Services\Unify.Service.Event.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report Id: 90f2cc09-f90c-11e0-a4cb-005056b40047
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2011-10-17T22:08:39.000000000Z" />
<EventRecordID>6257</EventRecordID>
<Channel>Application</Channel>
<Computer>PRDAPP101VS.act.gov.au</Computer>
<Security />
</System>
<EventData>
<Data>Unify.Service.Event.exe</Data>
<Data>3.0.0.4</Data>
<Data>4e0ab726</Data>
<Data>KERNELBASE.dll</Data>
<Data>6.1.7601.17651</Data>
<Data>4e21213c</Data>
<Data>e0434352</Data>
<Data>000000000000cacd</Data>
<Data>1b24</Data>
<Data>01cc8d1940ee9977</Data>
<Data>C:\Program Files\UNIFY Solutions\Event Broker\Services\Unify.Service.Event.exe</Data>
<Data>C:\Windows\system32\KERNELBASE.dll</Data>
<Data>90f2cc09-f90c-11e0-a4cb-005056b40047</Data>
</EventData>
</Event>

I have created ADDS MA with the following configuration:
Name: ADDS MA-AHG
Server: localhost
Username: FIM\Administrator
Password and Confirmpassword: xxxxx
Authentication: Secure

I have also tried Basic authentication.

(Note: The FIM\Administrator use is used to run the Event Broker service)

Both result in error:

5/2/2011 11:30:31 PM Warning
 UNIFY Event Broker Agent Engine The test of Agent ADDS MA-AHG (32c0ad55-b955-42c0-9194-fd73e2752fb7) failed with message:
System.Runtime.InteropServices.COMException (0x80005000): Unknown error (0x80005000)
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_SchemaEntry()
at Unify.Product.EventBroker.ADAgent.TestConnection()
at Unify.Product.EventBroker.AgentEngine.Notify(ITestAgentConnectionMessage message) 

2011 11:31:30 PM Error
 UNIFY Event Broker Operations Operation c58cb9c6-0c81-4929-bb99-c49180754641 failed in operation list with id 9852408e-0606-44a7-81a2-8766d08e28ce for the following reason. This is retry number 0: System.Runtime.InteropServices.COMException (0x80005000): Unknown error (0x80005000)
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_AdsObject()
at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)
at System.DirectoryServices.DirectorySearcher.FindOne()
at Unify.Product.EventBroker.ADChangesPlugIn.GetChanges(DirectorySearcher searcher)
at Unify.Product.EventBroker.ADChangesPlugInBase.Check()
at Unify.Product.EventBroker.StandardOperationListExecutor.RunCheck(ICheckOperationFactoryInformation checkOperation) 

I could not find anything that I am obviously omitted based on the documentation at https://unifysolutions.jira.com/wiki/display/EB300/Active+Directory

Could someone please assist.

The GUIDs in the logging cannot be resolved to an operation by the end user.
Example below.

Operation 30295b4a-61cc-41ef-a910-15a67fe4f7ab failed in operation list with id d780cfe0-10cd-423c-a667-38f747c80391 for the following reason. This is retry number 0: System.Runtime.Remoting.ServerException: Operation for management agent with id 6c3b4c9c-8410-40b1-8b7a-b84ec0105ab3 with name Export failed with result stopped-extension-dll-exception
 at Unify.Product.EventBroker.FIMAgent.ExecuteRunProfile(IStoredValueCollection storedValuesCollection, Guid agentId, Guid managementAgentId, Guid runProfileId)
 at Unify.Product.EventBroker.RunProfilePlugIn.Execute()
 at Unify.Product.EventBroker.OperationListExecutorBase.RunNextOperations(IEnumerator`1 operationEnumerator)

Currently, the log file is the major source for following events and activity (outside of operation list activity). An alert system should be created that notifies the user of important events, such as:

• An operation list failing unexpectedly
• License expiration (including a warning before it expires)
• Agents whose connection details are not configured correctly

It should also provide helpful tips and information, such as:

• Notifying the user when no FIM Agent is configured
• Notifying the user when operation lists will never be fired or have no operations

Alerts should be raised automatically when necessary and removed from the list when they have been resolved - however, the user should also be able to ignore/hide alerts they are not interested in.