Identity Broker Forum

Welcome to the community forum for Identity Broker.

Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.

0
Under review

UNIFYBroker Connector/GetConnector API call returns ID for deleted Connector Group

I deleted a Connector Group in UNIYFBroker (using the Web UI) and now the API returns an invalid ID in the ConnectorGroups array in the response to Connector/GetConnector for a Connector which used to be a member of that group.

Using the latest UNIFYBroker release.

0
Fixed

Adapter with a Foreign Multivalue Group can't be enabled and no schema rows show in the UI

Adrian Corston 6 months ago in UNIFYBroker SDK and UNIFYCore updated by Bob Bradley 3 months ago 9

I added a Foreign Multivalue Group transform to an Adapter and the schema rows no longer showed.  When I then enabled the Adapter an error appeared: "Object reference not set to an instance of an object at Unify.Product.IdentityBroker.TemplateDistinguishedNameParser.ParseTemplate".

Connector "Owners":

Connector "Things":

Adapter:


Here is the transform (against the Owners connector):

When I attempt to enable the Adapter this error appears:

If I remove the Transform then the Adapter's schema re-appears:

If I attempt to edit the Transform an error appears:

Logs & Extensibility attached to next comment.

0
Under review

REST API returns null ExtendedUrn for SCIM gateways

Adrian Corston 7 months ago in UNIFYBroker SDK and UNIFYCore updated by Matthew Davis (Engineering Manager) 7 months ago 1

The UNIFYBroker API returns null for SCIM gateways:

This is not the case for other gateway types, e.g. LDAP (example above).

0
Not a bug

REST API Link/PowerShell/UpdateProvisioningTask fails with error ""

Adrian Corston 7 months ago in UNIFYBroker SDK and UNIFYCore updated by Matthew Davis (Engineering Manager) 7 months ago 4

Using swagger I see the following error when I call the Link/PowerShell/UpdateProvisioningTask function:

The full response body is:

{
"Message": "An error has occurred.",
"ExceptionMessage": "Index was out of range. Must be non-negative and less than the size of the collection.\r\nParameter name: index",
"ExceptionType": "System.ArgumentOutOfRangeException",
"StackTrace": " at System.ThrowHelper.ThrowArgumentOutOfRangeException(ExceptionArgument argument, ExceptionResource resource)\r\n at System.Collections.Generic.List`1.set_Item(Int32 index, T value)\r\n at Unify.Product.Plus.LinkEngine.<>c__DisplayClass92_0.<UpdateProvisioningTask>b__0()\r\n at Unify.Product.Plus.LinkEngine.<>c__DisplayClass161_0.<ConfigurationChange>b__0()\r\n at Unify.Framework.ExtensionMethods.WaitOnMutex(Mutex mutex, Action work)\r\n at Unify.Product.Plus.LinkEngine.UpdateProvisioningTask(Guid linkId, Boolean incoming, ProvisioningStep step, IProvisioningTaskInformation taskInformation)\r\n at Unify.Product.Plus.LinkEngineAuditingDecorator.UpdateProvisioningTask(Guid linkId, Boolean incoming, ProvisioningStep step, IProvisioningTaskInformation taskInformation)\r\n at Unify.Product.Plus.LinkEngineNotifierDecorator.<>c__DisplayClass50_0.<UpdateProvisioningTask>b__0()\r\n at Unify.Framework.Notification.NotifierDecoratorBase.Notify(ITaskNotificationFactory notificationFactory, Action action)\r\n at Unify.Product.Plus.LinkControllerBase.InnerUpdateProvisioningTask[TExtended](Guid linkId, Boolean incoming, ProvisioningStep step, Guid taskId, IProvisioningTaskApiInformation`1 taskInformation, XElement extended)\r\n at Unify.Product.Plus.LinkController.UpdatePowerShellProvisioningTask(Guid linkId, Boolean incoming, ProvisioningStep step, Guid taskId, PowerShellProvisioningTaskApiInformation taskInformation)\r\n at lambda_method(Closure , Object , Object[] )\r\n at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ActionExecutor.<>c__DisplayClassc.<GetExecutor>b__6(Object instance, Object[] methodParameters)\r\n at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ExecuteAsync(HttpControllerContext controllerContext, IDictionary`2 arguments, CancellationToken cancellationToken)\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.Controllers.ApiControllerActionInvoker.<InvokeActionAsyncCore>d__0.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.Controllers.ActionFilterResult.<ExecuteAsync>d__2.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.Filters.AuthorizationFilterAttribute.<ExecuteAuthorizationFilterAsyncCore>d__2.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.Filters.AuthorizationFilterAttribute.<ExecuteAuthorizationFilterAsyncCore>d__2.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.Dispatcher.HttpControllerDispatcher.<SendAsync>d__1.MoveNext()"
}

I will attach my configuration extensibility files to the next comment.

0

Link/GetProvisioningInformation REST API returns structure with two nested Extended attribute

JSON objects returned by a REST API call to Link/GetProvisioningInformation contains task informations with two nested Extended attributes.  As a comparison point, only one Extended attribute may be specified in the task information object when calling Link/PowerShell/AddProvisioningTask, so this seems inconsistent and may be wrong.


Also, as a minor point the Example value for this call is not particularly helpful - it looks like an XML data structure converted to JSON and doesn't reflect the structure of data the call typically returns on a live system.

0
Completed

Managing the Broker Service restart

Bob Bradley 11 months ago in UNIFYBroker SDK and UNIFYCore updated by Matthew Davis (Engineering Manager) 10 months ago 1

In troubleshooting SAP connectivity I am repeatedly making changes to the Unify.Service.Connect.exe.config file and restarting Broker - but being careful not to start until the existing process has completely stopped - which usually takes about 30 seconds in my environment.

I got tired of doing this manually and wrote the following simple script - which must be run from an Administrator PS session:

cls

[bool]$isRunning = [bool](Get-Process "Unify.Service.Connect" -ErrorAction SilentlyContinue)

if ($isRunning) {

net stop service.connect

}

[int]$counter = 0

while ($isRunning) {

$counter++

Write-Host "Waiting [$counter] seconds for service to shut down ..."

Start-Sleep 1

$isRunning = [bool](Get-Process "Unify.Service.Connect" -ErrorAction SilentlyContinue)

}

net start service.connect

I hope others find this useful too!

Answer

Hey Bob,
Thanks for that script - very helpful.

The other option that you have is using the Unify.Service.Connect.Debug.exe file (and associated config) when you're attempting to develop. The files are identical OOTB, the debug.exe just runs the 'service' as a console app instead of as a service.

The behaviour should be identical, but saves you having to start and stop the service each time you want to make a change. You can simply close the console app, make your changes in the debug.exe.config file, then start it up again and see how it goes. Once you've got your changes working, you can migrate them over to the normal exe.config file for ongoing use. This may make development to that file simpler, but the above script is definitely useful for minor changes.

0
Not a bug

LDAP search on multivalue attribute returns incorrect data

Bob Bradley 11 months ago in UNIFYBroker SDK and UNIFYCore updated by Beau Harrison (Senior Software Engineer) 11 months ago 1

The following shows a search result which incorrectly returns all org unit records where none of the inspected results actually matched the search criteria:

***Searching...

ldap_search_s(ld, "OU=orgUnits,DC=IdentityBroker", 2, "(hierarchy=50002000)", attrList, 0, &msg)

Matched DNs: OU=orgUnits,DC=IdentityBroker

Getting 1000 entries:

Dn: CN=50022695,OU=orgUnits,DC=IdentityBroker

costCentre: 0000045240;

costCentreGroup: CCCA;

costCentreID: d567d5b9d344523618fc25cc2efe70e7;

costCentreIDRef: CN=0000045240,CN=CCCA,OU=costCentres,DC=IdentityBroker;

costCentreText: International Climate Law;

createTimestamp: 30/11/2019 1:36:03 PM AUS Eastern Daylight Time;

distinguishedName: CN=50022695,OU=orgUnits,DC=IdentityBroker;

entryUUID: 08e5d654-d8a2-4b41-a516-00bd457a93b9;

EXTOBJID: 50022695;

hashDN: 60451482495227d7d95601c180bcceac;

hierarchy (7): 50000100; 50000500; 50022601; 50022677; 50022687; 50022692; 50022695;

hierarchyRef (7): CN=50000100,OU=orgUnits,DC=IdentityBroker; CN=50000500,OU=orgUnits,DC=IdentityBroker; CN=50022601,OU=orgUnits,DC=IdentityBroker; CN=50022677,OU=orgUnits,DC=IdentityBroker; CN=50022687,OU=orgUnits,DC=IdentityBroker; CN=50022692,OU=orgUnits,DC=IdentityBroker; CN=50022695,OU=orgUnits,DC=IdentityBroker;

longText: International Climate Law Section;

modifyTimestamp: 2/12/2019 10:23:42 PM AUS Eastern Daylight Time;

objectClass: orgUnit;

objectEndDate: 99991231000000.000Z;

objectID: 50022695;

objectStartDate: 20071203000000.000Z;

OBJECTTYPE: O;

orgLevel: 7;

orgLevelName: Section;

OU: orgUnits;

parentOrgID: 50022692;

parentOrgIDRef: CN=50022692,OU=orgUnits,DC=IdentityBroker;

PLANSTAT: 1;

PLANVERS: 01;

shortText: DCC ID;

status: Active;

subschemaSubentry: CN=orgUnits,cn=schema;

0
Planned

OU case renames not working

Bob Bradley 12 months ago in UNIFYBroker SDK and UNIFYCore updated 11 months ago 2

When I changed the case of an OU name in an adapter from OrgUnits to orgUnits, the data returned subsequently over the LDAP interface was not adjusted accordingly.  I believe I tried each of the following without success (but you may want to prove this for yourself):

  1. restarting the IdB service
  2. deleting the adapter and reloading it
  3. deleting the connector and adapter data and reloading them both

Eventually I had to go into the Broker SQL table (container names I think it was), locate the offending record, and update it there.

0
Not a bug

UNIFYBroker logo rendered incorrectly in IE11

Bob Bradley 12 months ago in UNIFYBroker SDK and UNIFYCore updated 12 months ago 2

The UNIFYBroker logo and label is not resizing correctly in IE.

Answer

IIS setup not loading external dependencies correctly, in this case CSS files. Logo displays correctly using the inbuilt web server. Investigation required to determine incorrect IIS configuration.

0
Not a bug

Log Search not returning results

Richard Green 1 year ago in UNIFYBroker SDK and UNIFYCore updated by Matthew Davis (Engineering Manager) 10 months ago 4

Hi Gents, 

This is another issue possibly related to https://voice.unifysolutions.net/communities/6/topics/3846-connector-entity-search-screen-issue

A support client has raised an incident around log search in UnifyBroker. 

In short, it's not working. Putting in a search query, and hitting the search button, nothing happens.

Browser used is IE11. Environment is locked down so no other browser is available.

Installed version of UNIFYBroker is 5.3.1.1.

Answer

Closing due to no response. Feel free to re-open the ticket if the issue persists.