Identity Broker Forum
Welcome to the community forum for Identity Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.
Failed to export to AD
I have the below error when trying to export to AD. It may be due to the exporting volume.
20180121,00:00:00,UNIFY Identity Broker,Logging Engine,Information,Log file started.,Minimal
20180121,00:16:39,UNIFY Identity Broker,Link,Error,"Request to sync changes on link failed.
Request to sync changes on link AD Link (4a76f3ba-6c07-4d9a-9f96-c7dc14fff2e6) in direction incoming failed with message Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding. [Count:158178]. Duration: 00:16:54.0665482
Error details:
System.Data.SqlClient.SqlException (0x80131904): Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding. ---> System.ComponentModel.Win32Exception (0x80004005): The wait operation timed out
at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
at System.Data.SqlClient.SqlDataReader.TrySetMetaData(_SqlMetaDataSet metaData, Boolean moreInfo)
at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
at System.Data.SqlClient.SqlDataReader.TryConsumeMetaData()
at System.Data.SqlClient.SqlDataReader.get_MetaData()
at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString)
at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async, Int32 timeout, Task& task, Boolean asyncWrite, SqlDataReader ds)
at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, TaskCompletionSource`1 completion, Int32 timeout, Task& task, Boolean asyncWrite)
at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method)
at System.Data.SqlClient.SqlCommand.ExecuteReader(CommandBehavior behavior, String method)
at System.Data.SqlClient.SqlCommand.ExecuteDbDataReader(CommandBehavior behavior)
at System.Data.Linq.SqlClient.SqlProvider.Execute(Expression query, QueryInfo queryInfo, IObjectReaderFactory factory, Object[] parentArgs, Object[] userArgs, ICompiledSubQuery[] subQueries, Object lastResult)
at System.Data.Linq.SqlClient.SqlProvider.ExecuteAll(Expression query, QueryInfo[] queryInfos, IObjectReaderFactory factory, Object[] userArguments, ICompiledSubQuery[] subQueries)
at System.Data.Linq.SqlClient.SqlProvider.System.Data.Linq.Provider.IProvider.Execute(Expression query)
at System.Data.Linq.DataQuery`1.System.Collections.Generic.IEnumerable<T>.GetEnumerator()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
at Unify.Framework.Data.LinqWhereQuery`5.GetEnumerator()
at Unify.Product.Plus.LinkSynchronizer`2.<ProcessFilters>d__10.MoveNext()
at Unify.Product.Plus.JoinExecutor`2.Execute(IEnumerable`1 sourceEntities, IQueryable`1 targetEntities)
at Unify.Product.Plus.LinkSynchronizer`2.JoinAndMap(IEnumerable`1 filterResult, IDictionary`2 changesDict)
at Unify.Product.Plus.Link.SynchronizeLockerChanges(IEnumerable`1 changes)
at Unify.Framework.Notification.NotifierDecoratorBase.Notify[TResult](ITaskNotificationFactory notificationFactory, Func`1 function)
at Unify.Product.Plus.LinkAuditingDecorator.SynchronizeLockerChanges(IEnumerable`1 changes)
at Unify.Product.Plus.LockerToAdapterSynchronizationJob.RunBase()
at Unify.Product.Plus.SynchronizationJobExecutor.<ThreadAction>d__8.MoveNext()
ClientConnectionId:d630c91c-5b93-44fe-ad1a-8e0b6dc2d624
Error Number:-2,State:0,Class:11",Normal
20180121,00:16:39,UNIFY Identity Broker,SyncEngine,Information,"Request to sync locker to adapter errored.
Synchronization job failed syncing 158178 changes on the 'AD Link' link from the locker to adapter with the reason Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding.. Job ID: acf66fc4-57f8-47ae-8baf-fd121dee8efa Duration: 00:16:54.0665482
Error details:
System.Data.SqlClient.SqlException (0x80131904): Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding. ---> System.ComponentModel.Win32Exception (0x80004005): The wait operation timed out
at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
at System.Data.SqlClient.SqlDataReader.TrySetMetaData(_SqlMetaDataSet metaData, Boolean moreInfo)
at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
at System.Data.SqlClient.SqlDataReader.TryConsumeMetaData()
at System.Data.SqlClient.SqlDataReader.get_MetaData()
at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString)
at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async, Int32 timeout, Task& task, Boolean asyncWrite, SqlDataReader ds)
at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, TaskCompletionSource`1 completion, Int32 timeout, Task& task, Boolean asyncWrite)
at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method)
at System.Data.SqlClient.SqlCommand.ExecuteReader(CommandBehavior behavior, String method)
at System.Data.SqlClient.SqlCommand.ExecuteDbDataReader(CommandBehavior behavior)
at System.Data.Linq.SqlClient.SqlProvider.Execute(Expression query, QueryInfo queryInfo, IObjectReaderFactory factory, Object[] parentArgs, Object[] userArgs, ICompiledSubQuery[] subQueries, Object lastResult)
at System.Data.Linq.SqlClient.SqlProvider.ExecuteAll(Expression query, QueryInfo[] queryInfos, IObjectReaderFactory factory, Object[] userArguments, ICompiledSubQuery[] subQueries)
at System.Data.Linq.SqlClient.SqlProvider.System.Data.Linq.Provider.IProvider.Execute(Expression query)
at System.Data.Linq.DataQuery`1.System.Collections.Generic.IEnumerable<T>.GetEnumerator()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
at Unify.Framework.Data.LinqWhereQuery`5.GetEnumerator()
at Unify.Product.Plus.LinkSynchronizer`2.<ProcessFilters>d__10.MoveNext()
at Unify.Product.Plus.JoinExecutor`2.Execute(IEnumerable`1 sourceEntities, IQueryable`1 targetEntities)
at Unify.Product.Plus.LinkSynchronizer`2.JoinAndMap(IEnumerable`1 filterResult, IDictionary`2 changesDict)
at Unify.Product.Plus.Link.SynchronizeLockerChanges(IEnumerable`1 changes)
at Unify.Framework.Notification.NotifierDecoratorBase.Notify[TResult](ITaskNotificationFactory notificationFactory, Func`1 function)
at Unify.Product.Plus.LinkAuditingDecorator.SynchronizeLockerChanges(IEnumerable`1 changes)
at Unify.Product.Plus.LockerToAdapterSynchronizationJob.RunBase()
at Unify.Product.Plus.SynchronizationJobExecutor.<ThreadAction>d__8.MoveNext()
ClientConnectionId:d630c91c-5b93-44fe-ad1a-8e0b6dc2d624
If you've been performing a large number of changes and importing fresh data, the database is likely requiring some maintenance. See https://voice.unifysolutions.net/forums/7-identity-broker-knowledge/topics/2936-identity-broker-database-recommendations/
Viewing changes in IDB Plus
It would be very useful to view the changes that are going to happen to verify data transformation.
Hi Huu,
Great idea, I've added this as an item to the backlog.
how to map Date to Timestamp from Adapter to Locker
An vice versa? Is there any built in transformation or is has to be done by powershell task?
Hi Huu,
There is currently no way to do this directly. As you suggest, you could use a PowerShell task in the Synchronization stage to apply the mapping, or alternatively you could use a Time Offset Transformation in the adapter to generate a Timestamp field. We may look at easier ways to accomplish type conversions in the future, but it would more likely be by converting the type in an adapter transformation.
Out of curiosity, what is the use case?
How deprovisioning work in IDB Plus?
It is outgoing provisioning and deprovisioning: Locker-AD Link-AD Adapter - AD User Connector - AD OU
Assume that Locker has 2000 users and there are 3000 users in AD OU--> 3000 in AD Adapter.
After Import All in AD User Connector and Baseline Sync in AD Link, 1500 users in Locker join 1500 in AD Adapter.
In this case, 500 new users will be created in AD because of outgoing provisioning. How about 1500 not-joined users in AD, will they be removed due to outgoing deprovisioning?
Hi Huu,
No, such entities shouldn't be deprovisioned during a baseline. A baseline effectively simulates a change to every entity on both sides of the link, but deprovisioning only occurs when an entity is removed from the source context (i.e. a change is registered against an entity that no longer exists in the context).
Health Check Uptime for IDaaS only shows past 24 hours
This is probably fine for the customer facing thing - but I think we need to have something for our own purposes that gives a little more information than this.
Graphs for IDaaS will be reviewed and redesigned with the pending migration to the new UNIFYMonitor.
Provisions in Last Month graph should be bar chart instead of line chart
This graph is confusing - if it's the "last month" - where's the last month? I also think it would be better as a bar graph.
Graphs for IDaaS will be reviewed and redesigned with the pending migration to the new UNIFYMonitor.
Link Connector Errors is poorly designed
This graph is misleading - this is total connector messages. We need to rethink what this section of the graph is trying to say.
Graphs for IDaaS will be reviewed and redesigned with the pending migration to the new UNIFYMonitor.
Configuring Identity Broker Plus v5.2.1 via API's only
Looking for guidance on how to configure IdB Plus via API's only. Thanks in advance.
Hi Adam,
See APIs. If you visit the Swagger endpoint you can see documentation on the API operations available to you. For the default API endpoint, this should be http://localhost:59991/IdentityBroker/swagger
Code Samples for Identity Broker Plus v5.1 PowerShell Tasks
Hello - I'm looking for Sample scripts to perform post-provisioning and pre-provisioning PowerShell scripts as part of IDB Plus. Knowledge base articles show some basic info on syntax but would like to see sample scripts which then could be customized.
Thanks for the suggestion, Dilip.
I've added an example to the bottom of PowerShell Task.
Baseline & Sync Procedure for IdB Chris21 LITE
When wanting to synchronize IdB Chris21 LITE with and out of sync AD, I am running the following two items:
1. AD Baseline
2. AD Syncronize
Before I run the above tasks, should Chris21 and/or AD Realtime Change Processing be disabled?
UNIFY Identity Broker Management Studio v0.0.5 Revision
Plugins:
* MS AD 4.1.3.0
* Chris 21 Connector 4.1.1.0
Customer support service by UserEcho
