Identity Broker Forum

Welcome to the community forum for Identity Broker.

Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.

0
Answered

Identity Broker Service Installation/Upgrade Setup Wizard Ended Prematurely

Adam Aurisch 7 years ago updated by anonymous 7 years ago 2

Identity Broker Service Installation/upgrade Setup Wizard Ended Prematurely. Here are the version details:

Current Version • Identity Broker Service v4.1.4 RTM x64

Target Version

• Identity Broker Service v5.1.0.2 RTM x64

Please see the attached screenshots.


Image 4364Image 4365

Answer
anonymous 7 years ago

No response. Also cannot reproduce.

0
Answered

Attempting to import binary attribute failing

Hayden Gray 7 years ago updated by anonymous 7 years ago 9

I'm trying to read a read a binary attribute (Image) from an adapter into a PowerShell script, and am currently getting an exception in IdB - which i suspect is due to an image being too large. I have tried altering the MaxReceivedMessageSize field in the Unify.Service.Connect.exe.config under the <basicHttpBinding> element but the error message doesn't seem to change (i.e. the message size quota value in the error message, doesn't change regardless of the value I put in the MaxReceivedMessageSize field).

Identity Broker Version 4.1.5

Change detection engine import all items failed. Change detection engine import all items for connector Image Resize failed with reason An exception has been thrown when reading the stream.. Duration: 00:01:59.4399428 Error details: System.Management.Automation.CmdletInvocationException: An exception has been thrown when reading the stream. ---> System.IO.IOException: An exception has been thrown when reading the stream. ---> System.ServiceModel.CommunicationException: The maximum message size quota for incoming messages (204003200) has been exceeded. To increase the quota, use the MaxReceivedMessageSize property on the appropriate binding element. ---> System.ServiceModel.QuotaExceededException: The maximum message size quota for incoming messages (204003200) has been exceeded. To increase the quota, use the MaxReceivedMessageSize property on the appropriate binding element. --- End of inner exception stack trace ---


Answer
anonymous 7 years ago

Thanks guys, increasing the buffer size on the consuming service solved the issue.

0
Answered

Adapter Transformation Trigger Behaviour

Daniel Walters 7 years ago updated by anonymous 7 years ago 3

Question about what triggers an adapter transformation to recalculate. Say I have a PowerShell adapter transformation that calculates the DN of a manager. Will that transformation only run again if the underlying connector is updated? If not, will an Import All on the connector trigger the adapter transformation to fire even on objects with no change in the connector?

Answer
anonymous 7 years ago

Hi Daniel,

All transformations run when an entity is determined to have changed, see Change Detection for details. PowerShell transformations do not participate in the change detection process. However if you are calculating a manager DN based on another attribute on the adapter entity (e.g. the manager's detnumber or name), then the change to that attribute itself would trigger a change.

If the manager's details are retrieved via a Join Transformation, then any change to the attributes in the Join Criteria of both the entity in the base connector or to any entity in the relational connector which would join to the base entity will trigger a change.

The only issue you should encounter with changes not being automatically triggered for a PowerShell transformation would be if you are actually retrieving information from an external system as part of the transformation. There is currently no way for a PowerShell transformation to monitor external systems for changes.

Please let me know if you need further clarification.

0
Fixed

"The method or operation is not implemented" during reflection

Matthew Woolnough 7 years ago updated by anonymous 7 years ago 6
20170622,04:40:15,UNIFY Identity Broker,Adapter,Error,"Adapter
Adapter d68b1c92-f699-4484-b543-328a0607375a page errored on page reflection. Duration: 00:00:01.6547524. Error: System.NotImplementedException: The method or operation is not implemented.
   at Unify.Product.IdentityBroker.EntityIdBIDTemplateDistinguishedNameComponentExecutor.GetKey()
   at System.Linq.Enumerable.<selectmanyiterator>d__16`2.MoveNext()
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at System.Linq.Enumerable.<selectmanyiterator>d__16`2.MoveNext()
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at System.Linq.Enumerable.WhereEnumerableIterator`1.MoveNext()
   at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
   at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
   at Unify.Product.IdentityBroker.KnownEntityBase`3.GetBaseKeysIter(TKey key)
   at Unify.Product.IdentityBroker.KnownEntityBase`3.GetValueOriginInformation(TKey key)
   at Unify.Product.IdentityBroker.EntityToEntityValueOriginsAdapter`2.<>c__DisplayClass3_0.<transform>b__0(GroupedNameValueCollectionKey schemaKey)
   at System.Linq.Enumerable.<selectmanyiterator>d__16`2.MoveNext()
   at System.Linq.Enumerable.<selectmanyiterator>d__16`2.MoveNext()
   at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
   at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
   at Unify.Product.IdentityBroker.Adapter.WriteReflectionPageAdapterChanges(IAdapterEntityPartitionUpdatableContext adapterContext, IDictionaryTwoPassDifferenceReport`4 report, IAdapterEntity[] newAdapterEntities)
   at Unify.Product.IdentityBroker.Adapter.ReflectChangesInner()
   at Unify.Product.IdentityBroker.Adapter.ReflectChanges()
   at Unify.Product.IdentityBroker.AdapterAuditingDecorator.ReflectChanges()
   at Unify.Product.IdentityBroker.AdapterNotifierDecorator.ReflectChanges()
   at Unify.Product.IdentityBroker.ReflectAdapterOnChangeDueJob.<runbase>b__9_0(IOperationalAdapter adapter).
Answer
anonymous 7 years ago

Please try placing the following file Unify.IdentityBroker.Entity.Schema.dll into the Services directory and restarting the service.

0
Answered

Connector Test Harness Not Working v5.1.0 with IdB Plus

Daniel Walters 7 years ago updated by anonymous 7 years ago 7

I've attempted to install the Connector Test Harness . I unzipped the folder and placed the files in the web bin as directed. After a restart of the service there is no PlugIns link in the menu bar. I navigated manually to http://localhost:8008/plugin and it served a page but with just a title saying PlugIns and nothing else.

Installed components:

  • Identity Broker 5.1.0
  • Identity Broker Plus 5.1.0
  • Identity Broker for Chris21 5.1.0
  • Identity Broker for Active Directory 5.1.0
Answer
anonymous 7 years ago

Hi Daniel,

Can you please remove Unify.IdentityBroker.Connector.TestHarness.dll from the Web\bin directory and instead add Unify.Connect.Web.Connector.TestHarness.dll

0
Answered

How do I convert the stored bigintvalue to a datetime?

Carol Wapshere 7 years ago updated by anonymous 7 years ago 3

I'm doing some data analysis and need to get a datetime value out of the IdB database where it is stored as a BigIntValue. How do I convert this to a readable format? I found a select query that would convert Unix time but it didn't work on these values (Arithmetic overflow error). Anyway the IdB values look different to those examples.

Answer
anonymous 7 years ago

They are .NET ticks (UTC). TicksToTime.ps1

However, keep in mind that operations directly against the database are not supported and could also change/break between versions.

0
Completed

System.FormatException: Guid should contain 32 digits with 4 dashes (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx).

Bob Bradley 7 years ago updated by anonymous 7 years ago 6

The above exception was thrown when searching for a DN in the adapter space.

3 issues:

  1. While perfectly reasonable that such a search is nonsensical at a low enough level, the user experience is horrible.  No error should be thrown at all, just no results returned.  If, however, an error has to be returned it should be in the form of a user friendly message on the page (or in the old days this would have been in a dialog) - without the ugly stack trace.
  2. It is not clear from the search page how one should search for the DN of an object that appeared in the logs.  The alignment of the data grid with the column header was skewed and I incorrectly guessed that the column header for IdBId might have been the DN header.
  3. I was unable to clear the adapter entity search filter after this error.

Using: UNIFY Identity Broker Management Studio v5.0.5 Revision #0

Full error message as follows:

System.FormatException: Guid should contain 32 digits with 4 dashes (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx).
   at System.Guid.GuidResult.SetFailure(ParseFailureKind failure, String failureMessageID, Object failureMessageFormatArgument, String failureArgumentName, Exception innerException)
   at System.Guid.TryParseGuidWithNoStyle(String guidString, GuidResult& result)
   at System.Guid.TryParseGuid(String g, GuidStyles flags, GuidResult& result)
   at System.Guid.Parse(String input)
   at Unify.Connect.Web.GuidIdentifierEntitySearchUtility`1.<.ctor>b__3(AdapterEntityValueCollectionKey schemaKey, String value, IDictionary`2 schema)
   at Unify.Connect.Web.OperatorEntitySearchUtility`1.EntityConversion(AdapterEntityValueCollectionKey schemaKey, String value, IDictionary`2 schemaConfiguration)
   at Unify.Connect.Web.IdentifierEntitySearchUtilityBase`1.GenerateSearchFunction(IIdentifierEntitySearchInformation searchInformation, IDictionary`2 schema)
   at Unify.Connect.Web.IdentifierEntitySearchUtility`2.GenerateSearchFunction(IIdentifierEntitySearchInformation searchInformation, IDictionary`2 schema)
   at Unify.Connect.Web.EntitySearchContainerContext`1.<>c__DisplayClass8.<Evaluate>b__2(IQueryable`1 entity)
   at Unify.Connect.Web.AndEntitySearchContainerOperatorContext`1.Evaluate(IQueryable`1 leftSideQuery, IQueryable`1 rightSideQuery, EntityEvaluator`2 innerQueryableEvalution)
   at Unify.Connect.Web.EntitySearchContainerContext`1.GenerateQueryableFunction(String contextDescriptor, String operator, IQueryable`1 leftSideQuery, EntityEvaluator`2 queryableEvaluation, IQueryable`1 outerQuery)
   at Unify.Connect.Web.EntitySearchContainerContext`1.Evaluate(IEntitySearchContainerInformation contextInformation, IDictionary`2 schema, IQueryable`1 innerQuery, IQueryable`1 outerQuery)
   at Unify.Connect.Web.EntitySearchContainerContext`1.<>c__DisplayClass4.<>c__DisplayClass6.<Evaluate>b__1(IQueryable`1 queryable)
   at Unify.Connect.Web.AndEntitySearchContainerOperatorContext`1.Evaluate(IQueryable`1 leftSideQuery, IQueryable`1 rightSideQuery, EntityEvaluator`2 innerQueryableEvalution)
   at Unify.Connect.Web.EntitySearchContainerContext`1.GenerateQueryableFunction(String contextDescriptor, String operator, IQueryable`1 leftSideQuery, EntityEvaluator`2 queryableEvaluation, IQueryable`1 outerQuery)
   at Unify.Connect.Web.EntitySearchContainerContext`1.<>c__DisplayClass4.<Evaluate>b__0(IEntitySearchContainerInformation innerContainer)
   at Unify.Framework.Visitor.Visit[T](IEnumerable`1 visitCollection, Action`2 visitor)
   at Unify.Connect.Web.EntitySearchContainerContext`1.Evaluate(IEntitySearchContainerInformation contextInformation, IDictionary`2 schema, IQueryable`1 innerQuery, IQueryable`1 outerQuery)
   at Unify.Connect.Web.IdentityBrokerEntitySearchController.CurrentBusinessEntities[TInEntity,TOutEntity](IQueryable`1 source, EntityRetrievalInformation information, IDictionary`2 valueSearchUtility, IDictionary`2 entityOrderFunctions, IEntitySearchContainerContext`2 searchContainerContext)
   at Unify.Connect.Web.IdentityBrokerEntitySearchController.CurrentEntities(EntityRetrievalInformation information)
   at Unify.Connect.Web.IdentityBrokerEntitySearchController.SearchEntities(Guid partitionId, Nullable`1 pageSize, Nullable`1 pageNumber, String groupColumn, Nullable`1 ascending, String searchContext)
   at Unify.Connect.Web.AdapterController.SearchEntities(Guid partitionId, Nullable`1 pageSize, Nullable`1 pageNumber, String groupColumn, Nullable`1 ascending, String searchContext)
   at lambda_method(Closure , ControllerBase , Object[] )
   at System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary`2 parameters)
   at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary`2 parameters)
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.<BeginInvokeSynchronousActionMethod>b__36(IAsyncResult asyncResult, ActionInvocation innerInvokeState)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResult`2.CallEndDelegate(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<InvokeActionMethodFilterAsynchronouslyRecursive>b__3c()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<>c__DisplayClass45.<InvokeActionMethodFilterAsynchronouslyRecursive>b__3e()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass30.<BeginInvokeActionMethodWithFilters>b__2f(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass1e.<>c__DisplayClass28.<BeginInvokeAction>b__19()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass1e.<BeginInvokeAction>b__1b(IAsyncResult asyncResult)
Answer
anonymous 7 years ago

Hey Bob,

Thanks for raising this one. The issue of clearing the search is fixed in 5.1 onwards, and the user experience of error messages has been improved for future versions of IDB.

0
Answered

Server too busy

Matthew Woolnough 7 years ago updated by anonymous 7 years ago 7

After leaving IdB for an extended period of time (overnight for example), the Web Interface shows an error. After updating <customErrors mode="Off" /> in the Web.config to display errors, the error displayed is "Server Too Busy" as shown in the screenshot below. 

No jobs are scheduled.

I believe this may be related to this previous issue, but not seeing the memory blow outs any more for some reason. 

Will attach logs & config shortly.

Image 4217






Answer
anonymous 7 years ago

Hi Matt,

After leaving IdB for an extended period of time

Do you mean that you left the browser open on one of the pages? Do you recall which page/s you left open?

I note that you are using the embedded web server option. Due to performance issues, we are deprecating the embedded web server as of Identity Broker v5.2. If the problem persists, I would suggest swapping to IIS - see Configuring Identity Broker for use with IIS for installation and configuration instructions.

0
Answered

Modify type returned by Time Offset Flag transformation.

Matthew Woolnough 7 years ago updated by anonymous 7 years ago 1

The value output by the Time Offset Flag Transformation that FIM imports from IdB 3.x is interpreted as a boolean.  There might be some automatic casting occurring based on selection of the attribute type in the Identity Broker FIM connector. 

5.1 returns a string and the automatic casting is not available.

Is there any way to select the returned object type? 

Answer
anonymous 7 years ago

Hi Matt,

No, the type of the field generated by a Time Offset Flag transformation must be a string type and cannot currently be changed.

0
Fixed

Reflection fails with "An item with the same key has already been added"

Matthew Woolnough 7 years ago updated by anonymous 7 years ago 11

Accountname is a DistinguishedName attribute & is used in Sharepoint connector as the Key and also as the DN in adapter. 

Image 4174


No key duplication errors are being seen. 

Data can be imported without error with Adapter disabled.  

When 'Generate Changes' is performed the error below is thrown. Is this the correct way to use a DN attribute as a DN? Not sure if this is a bug or misconfiguration.

<AdapterConfiguration AdapterId="4e96758c-06c5-44dd-9f32-557b3e75d16f" AdapterName="SharePoint Profiles" containerName="SPUsers" enabled="false" BaseConnectorId="770d9450-dcc8-41c9-b0b4-bc2d46fdc3ae" class="person">
      <dn template="[AccountName]" />
      <Groups />
      <adapterEntityTransformationFactory name="Sequential">
        <adapter name="Move" key="1bec7d3a-9384-49b6-ad4b-8266e5a286b0">
          <Extended>
            <columnMappings>
              <columnMapping SourceAttribute="UserProfile_GUID" TargetAttribute="UserProfileGUID" />
            </columnMappings>
          </Extended>
        </adapter>
      </adapterEntityTransformationFactory>
    </AdapterConfiguration>


20170605,07:13:28,UNIFY Identity Broker,Adapter,Error,"Request to reflect change entities of the adapter.
Request to reflect change entities of the SharePoint Profiles (4e96758c-06c5-44dd-9f32-557b3e75d16f) adapter errored with message: An item with the same key has already been added.. Duration: 00:00:00.5937686
Error details:
System.ArgumentException: An item with the same key has already been added.
   at System.ThrowHelper.ThrowArgumentException(ExceptionResource resource)
   at System.Collections.Generic.Dictionary`2.Insert(TKey key, TValue value, Boolean add)
   at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer)
   at Unify.Product.IdentityBroker.Adapter.ConvertPageAndUpdateContainers(IEntity[] entities, Boolean updateContainers)
   at Unify.Product.IdentityBroker.Adapter.ReflectChangesInner()
   at Unify.Product.IdentityBroker.Adapter.ReflectChanges()
   at Unify.Product.IdentityBroker.AdapterAuditingDecorator.ReflectChanges()
   at Unify.Product.IdentityBroker.AdapterNotifierDecorator.ReflectChanges()
   at Unify.Product.IdentityBroker.ReflectAdapterOnChangeDueJob.<RunBase>b__9_0(IOperationalAdapter adapter)",Normal


Answer
anonymous 7 years ago

Hi Matt,

I have identified the cause of the issue, and the following Unify.Framework.IO.LDIF.dll, when placed into the Services directory, should resolve this. This patch will be included in future versions of Identity Broker v5.1 and up.