A particular set of group configurations can prevent the user from the use of core system functionality.

If a field is populated with data for which the length surpasses the maximum content string length quota - and it is not caught by the controller before being sent to the service - an exception will be thrown {and will not be gracefully caught by EventBroker.

This can have serious ramifications - first consider the following example:

• A group is created with a name or description that breaches the above Maximum content string length quota
• It is not caught by the Controller, and a potentially dangerous set of user input is sent to the service.
• The service considers this input as valid - and registers it against the configuration engine.
• However, the Maximum content string length quota will now throw an exception whenever the dangerous input is displayed on screen.
• Using the example of a dangerously configured group, this includes:
  • The groups index page
  • The group edit / update page
  • The operation list home page
    And any other page that needs to retrieve the configuration of a dangerously configured group.
    Consider extrapolating this problem to any potentially unprotected fields.

The icon for the UNIFY Event Broker Management Studio.url file appears correctly in the shortcut in the Start Menu, but not in the Event Broker directory itself.

I have an instance of ADAM running on the legacy ILM server which is required to be retained in the new FIM configuration where FIM Sync is a remote Win2008 server. FIM Sync can perform read/write actions to this instance of ADAM, and I can perform LDAP binds using LDP.EXE in the context of a specified service account TESTINTERNAL\miisadamsvc.
However when I create an EvB agent for this ADAM service the following error is always shown in the EvB logs:

The test of Agent Legacy ADAM (73063509-8fdd-436c-8855-d0525dbb2ff1) failed with message:
System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable.
at System.DirectoryServices.Protocols.LdapConnection.Connect()
at System.DirectoryServices.Protocols.LdapConnection.BindHelper(NetworkCredential newCredential, Boolean needSetCredential)
at Unify.Product.EventBroker.OpenLDAPAgent.TestConnection()
at Unify.Product.EventBroker.AgentEngine.Notify(ITestAgentConnectionMessage message)

Parameters set are as follows:
Name: Legacy ADAM
Server: act01ilm01.testinternal.govt/DC=deh,DC=gov,DC=au (I have tried just with the server but that fails, and the working codeless framework requires this full instance path so I figure this should too)
Authentication: Negotiate (I have tried Basic and all other options)
Username: TESTINTERNAL\miisadamsvc

Remote LDP binding with the same user from the EvB server as above works fine:

0 = ldap_set_option(ld, LDAP_OPT_ENCRYPT, 1)
res = ldap_bind_s(ld, NULL, &NtAuthIdentity, NEGOTIATE (1158)); // v.3
	{NtAuthIdentity: User='miisadamsvc'; Pwd=<unavailable>; domain = 'testinternal'}
Authenticated as: 'TESTINTERNAL\miisadamsvc'.
-----------

I installed Event broker (UNIFY FIM Event Broker v3.1.0 RTM x64.msi) version v3.1.0 on Server 2012 (AD) with FIM 2010 R2 version 4.1.3.419.0, I used stranded installation guide from Jira as follows:
1. For the service account the FIM Event Broker service will operate, the service account must have the following:
(Account used is called “svc_fim_tst_Ebroker”)
2. • Open the command prompt with administrative privileges and run the command:
 “netsh.exe http add urlacl url=http://+:59990/ user=VUW\ svc_fim_tst_Ebroker
3.Ensure the service account has Membership in the FIMSyncAdmins group;
4.Run the UNIFY FIM Event Broker setup program (UNIFY Event Broker for FIM v3.1.0 RTM.msi);
5.Set the Service start Automatically and Start the service.
6.(http://localhost:8081/)

Clicking on the default link returns
•Make sure the web address http://localhost:8080 is correct.
•Look for the page with your search engine.
•Refresh the page in a few minutes.

Is there something I have missed ? followed the same process in server 2008 and worked last time I configured it.

In order to accommodate the tendency for clients to want to specify which disk log files are written to, it is desirable that the location of log files is made configurable. Presently it appears only the logDaysToKeep property can be set, and I have this at the default 5 value in a shared lab environment. Log files are presently being written to c:\Program Files\UNIFY Solutions\Event Broker\Services\Logs, and so as a mitigation strategy to avoid excessive disk usage I have set this up as a compressed folder.

The Event Broker 3.0 service/scheduler has been in place and running for 3 days now (in what amounts to a shared development environment between DEEWR developers and us the FIM implementors). In that short time we now have 15 Mb across 3 log files, todays presently showing 13,371 log file entries. By the time we stabilize at 5 days of logs, we will have between 25 and 30 Mb of logs in 5 files ... unless we want to increase the number of days ... and it's not beyond the realms of possibility that this could be upwards of 90 days.

All other solution log file locations are configurable, and this should be no different.

No real urgency - just a consideration for the next release, where I imagine the full gammit of logging options available to Identity Broker (including Windows Event logs) are probably going to be considered anyway.

P.S. No work should be billable to the client in this case - the issue is raised by myself and has not been brought to the attention of the client (but will no doubt come up when we do our first deployment).

When ADO.Net is used to connect to a SQL store, the only "Windows Integrated Security" option available for a windows service is to use the windows service account itself. This is overly restrictive, especially for DET where there are a number of XMAs connecting to SQL databases with credentials other than the FIM sync service, which is also used as the Event Broker 2.3 service account. This has been achieved through using a SQL.Data.Sqlclient connection in lieu of ADO.Net ... as per this TechNet article: http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlconnectionstringbuilder.aspx ... and as explained in this 3rd party tutorial: http://www.dotnetperls.com/sqlclient

I am completing the FIM specs for an install and all FIM software requirements need .NET 3.5 (or 3.5.1) (well the install guide says .NET 3.0 for servers other than the Sync server)

Question - I see that EB V3.0 requires .NET 4.0 which means collocated on a FIM Server will require .NET 4.0

Please confirm

TIA

Based on the Event Broker license request instruction client's site code is required.

I would like to know where I can obtain the client's site code for AHG so that I can in request for the Event Broker license for their Dev/UAT environment deployment?

In addition, based on my understanding of the Event Broker lincense request instruction

• When the client purchased Event Broker do they do not automatically get an Event Broker license as part of the product delivery.
• Thus the client will need make a request for an Event Broker license whether directly to licensing@unifysolutions.net.

If I understanding this process correctly then do I need to wait for the client to initiate this request before I can lodge an Event Broker license request in the Jira system?

Thank you.

We have a job that runs every 10 Minutes every day. We set it up NOT to run between 22:00:00 and 06:00:00 on the day(s) of Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday .
This time exception does not work on Sunday. The job start running at 00:07 in the middle of another job and continues ALL Sunday.

How can we fix that?
We are running version FIMEventBroker 3.1.0

Regards,

Meni Ariely

I perform the following steps and result in the below error.

1 - Create ADDS Agent
2 - Create an Operation List named "Test Outgoing".
3 - Add Check Operation and select Outgoing Pending Operation Operation, click Create.
4 - Select ADDS MA as the Management Agent and click Create.
5 - Click the Edit Check Operation for this newly create Check Operation. The below error occurred/displayed.

Error
System.NullReferenceException: Object reference not set to an instance of an object.
at ASP._Page_Views_Operation_Index_cshtml.<>c__DisplayClass1.<RenderGroups>b__0(TextWriter __razor_helper_writer) in c:\Program Files\UNIFY Solutions\Event Broker\Web\Views\Operation\Index.cshtml:line 39
at ASP._Page_Views_Operation_Index_cshtml.Execute() in c:\Program Files\UNIFY Solutions\Event Broker\Web\Views\Operation\Index.cshtml:line 19
at System.Web.WebPages.WebPageBase.ExecutePageHierarchy()
at System.Web.Mvc.WebViewPage.ExecutePageHierarchy()
at System.Web.WebPages.StartPage.ExecutePageHierarchy()
at System.Web.WebPages.WebPageBase.ExecutePageHierarchy(WebPageContext pageContext, TextWriter writer, WebPageRenderingBase startPage)
at System.Web.Mvc.ViewResultBase.ExecuteResult(ControllerContext context)
at System.Web.Mvc.ControllerActionInvoker.<>c__DisplayClass1c.<InvokeActionResultWithFilters>b__19()
at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilter(IResultFilter filter, ResultExecutingContext preContext, Func`1 continuation)
at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultWithFilters(ControllerContext controllerContext, IList`1 filters, ActionResult actionResult)
at System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName)