Active Directory Changes operation return False
I have made the change in ADDS by updating a user account that is included in the AD Container being managed by Active Directory Change's Check Operations.
The log entry in the Event Broker indicated that the Checking Operation return False, while it should be true
5/16/2011 4:59:30 PM Information UNIFY Event Broker Operation List Executor Operation list Test Op List - AD MA - Incoming started 5/16/2011 4:59:30 PM Information UNIFY Event Broker Operation List Executor Running check operation Active Directory Changes for operation list Test Op List - AD MA - Incoming 5/16/2011 4:59:30 PM Information UNIFY Event Broker Operation List Executor Check operation Active Directory Changes for operation list Test Op List - AD MA - Incoming returned False 5/16/2011 4:59:30 PM Information UNIFY Event Broker Operation List Executor Operation list Test Op List - AD MA - Incoming finished
When I go the ADDS MA in FIM Sync Manager I can perform "Delta Import" successfully with the correct update as expected.
I am not sure why the Active Directory Changes Check Operation is not picking the change.
I have ADDS on the local machine.
1 - I created an Active Directory Agent with the following details
Name: ADDS Agent
Confirm Password: xxx
2 - I created the an Operation List called "Test Op List - AD MA - Incoming"
I then added the following:
- Added Check Operation - Active Directory Changes Operation
- Select Agent: ADDS Agent
- Filter: (objectType=*)
- Organization Unit Name: OU=Lab,DC=FIM,DC=UNS,DC=COM
- Check Tombstone: No
- Added Operations
- Management Agent: FIM_ADDS_chris21_MA-AHG - Run Profile: Delta Sync
- Management Agent: FIM_ADDS_chris21_MA-AHG - Run Profile: Delta Import and Delta Sync
- Active Directory Commit
For the Filter I have also tried using "(&(objectClass=user)(objectType=person))" and "(&(objectClass=user)(objectType=person))' without any success.
Could someone please advise me what I did wrong here.
Customer support service by UserEcho
This is the ADDS where user being modified, in the container OU=Users,OU=AHG,OU=chris21,OU=Lab,DC=FIM,DC=UNS,DC=COM which is below the OU=Lab,DC=FIM,DC=UNS,DC=COM container.
I know you're busy with the tree stuff but can you take a look at this when you get a chance.
I appreciate all the effort you've gone in to testing Event Broker like this, as well as the information you've provided here. Two things to check:
The log I provided are the one that is relevant to ADDS Agent and Op List. There is no error or warning log in the Event Broker.
The change that I made was modifying the "DisplayName" value.
Pass back to Matthew with response.
I've attempted to replicate this problem as best I can, but have been unsuccessful. I did the following:
As such, I have been unable to reproduce the issue using seemingly the exact same scenario.
A few other things to check:
I'd be available to arrange a LiveMeeting to have a closer look and try to work out what is happening. Let me know when you would be available to discuss this
Now is most timely, since I have just boot up the VM.
I'll send out the invite in a tick.
During Live Meeting session with Matthew we did the following tests and observation:
We then clear out the AD Changes Check Operation Filter by setting it to blank (empty). The default filter is generated as "(&(objectClass=user)(objectCategory=person))".
We are not certain why clearing the Filter seem to resolve this issue.
Matthew suggest that may have something to do with when I am uninstalling the older version of Event Broker v22.214.171.124 and install the new version v126.96.36.199 it picked up the old settings which may caused this issue.
Matthew, mentioned that he may need to investigate the upgrade scenario further to see whether this is an upgrade related issue.
Thanks Matthew for your help.
As an addendum to Shane's comment above:
A few more checks remain to try to replicate the issue, otherwise we'll have to wait and see if it occurs elsewhere:
I have been unable to reproduce this error given a number of attempts.
Clearing the internal stored values collection did not prevent Event Broker from operating. Reinstalling the Event Broker service also did not prevent operation from occurring, and from changes being detected.
EB-293prevented the Active Directory operations from functioning correctly in the alpha releases, and such this work was incorporated into Beta 1 (188.8.131.52). This may have been a contributor, but I could not find any configuration changes that would have prevented older configuration from functioning correctly.
Marked as resolved as I am unable to reproduce this behaviour, and have had Active Directory operations functioning correctly in multiple environments using the AD Changes operation. Please reopen or recreate the issue if this behaviour reoccurs.
I agreed with the decision. Thus closing this issue.
I currently have this issue with an ADAM instance which the operation was working against succeeded. Investigating
After quite some investigation between myself and Tony, we found that the issues we were experiencing were due to either:
The documentation has been suitably updated with a troubleshooting article and each of the operations (Active Directory Changes and Active Directory Sync Changes) have also been updated appropriately.
Tony, please confirm if these documentation updates will suitably address potential issues clients may experience.
Revised documentation confirmed as representative of encountered problems and respective solution.