Identity Broker Forum
Welcome to the community forum for Identity Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.
How to build x64 Installers
Do we have any written down instructions or coded examples of what is required to build a x64 installer for a connector for distribution to clients.
I've created a number of connectors in the past, generally starting from an existing connector project and then building from there. One common issue is I've always built to x86. It would be handy, but not essential, to build to x64 given the x64 version of Identity Broker is what most clients I've seen use. So far working out how to get the installer project of any solution I've come across to output a x64 version has eluded me.
Please treat this as very low priority as we can copy the files over. If it a simple task that can be easily documented (or already is documented and I couldn't find it) then it'd be very much appreciated.
An example of a connector I've done some work on would be the Marval one for SSICT. Theres an installer project in the source code repository.
Object class with white-space breaks IDB exports.
Exporting to an adapter with a space at the end of its object class results in the following exception:
The extensible extension returned an unsupported error. The stack trace is: "System.Exception: Error occurred when attempting to save entity with distinguished name CN=2 Error: The given key was not present in the dictionary. at System.Collections.Generic.Dictionary`2.get_Item(TKey key) at Unify.Product.IdentityBroker.LDIFToAdapterEntitySaveAdapterBase`1.ConvertValues(String objectClass, IEnumerable`1 convertedValues) at Unify.Product.IdentityBroker.LDIFToAdapterEntitySaveChangeAdapter.GetConvertedValuesFromSchema(String objectClass, IEnumerable`1 values) at Unify.Product.IdentityBroker.LDIFToAdapterEntitySaveChangeAdapter.<Transform>d__3.MoveNext() at Unify.Product.IdentityBroker.LDIFAdapterBase.ExportChanges(ExportedLDIFForAdapter exportedLdifForAdapter) at SyncInvokeExportChanges(Object , Object[] , Object[] ) at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs) at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc) at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet) at Unify.Product.IdentityBroker.IdentityBrokerManagementAgentProxy.ExportEntry(ModificationType modificationType, String[] changedAttributes, CSEntry csentry) Forefront Identity Manager 4.0.3606.2"
A determination needs to be made about whether FIM adheres to the standard in this regards, specifically as to whether we should validate on the IDB-side for adapter object classes with whitespace.
Change detection logging is a bit confusing
The logging of change detection is a little bit confusing. Consider the following excerpt:
09/Aug/2012 09:13:39
Information
Connector Get entities from connector completed.
Get entities Count:1 from connector chris POS returned 1 entities. Duration: 00:00:00.0005000
09/Aug/2012 09:13:39
Information
Connector Processor Connector Processing started.
Connector Processing started for connector chris POS (page 1)
09/Aug/2012 09:13:39
Information
Connector Processor Connector processing success.
0 entites in cumulative total. Current processing of page 1 for connector chris POS processed 1 entities, finding 1 differences. Duration: 00:00:00.3690000.
09/Aug/2012 09:13:39
Information
Connector Processor Connector Post Processing started.
Connector Post Processing started for connector chris POS. Processed Entities: 1
09/Aug/2012 09:13:40
Information
Connector Processor Connector Post Processing success.
Connector Post Processing completed for connector chris POS. Processed Entities: 1. Matching Entities: 0. Reported Changes: 0. Duration: 00:00:00.1330000
The Post Processing information is correct, but it makes it look like that no changes should exist, even though the one change has been detected as a difference when processing the page. Perhaps it could be clarified by putting page information in the same format, and/or clarifying what post processing means. Since post processing happens afterwards, it looks like the earlier change was not found to be a match.
Error attempting to clear DN field
When attempting to clear a DN value from an entity on an export, the following error appears:
Attempted export:
delete,Manager,reference,"CN=102994,DC=CHRIS21DEMODC",
System.Exception: Error occurred when attempting to save entity with distinguished name
CN=103033,DC=CHRIS21DEMODC
Error:
could not be parsed into a valid DN.
at Unify.Product.IdentityBroker.EntityDistinguishedNameTypeSchemaValidator.CreateValue(Object dataValue)
at Unify.Product.IdentityBroker.LDIFToAdapterEntitySaveAdapterBase`1.<>c_DisplayClassf.<ConvertValues>bb(<>f_AnonymousType0`2 item)
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
at System.Linq.Enumerable.ToArrayTSource(IEnumerable`1 source)
at Unify.Product.IdentityBroker.LDIFToAdapterEntitySaveChangeAdapter.GetConvertedValuesFromSchema(String objectClass, IEnumerable`1 values)
at Unify.Product.IdentityBroker.LDIFToAdapterEntitySaveChangeAdapter.<Transform>d__3.MoveNext()
at Unify.Product.IdentityBroker.LDIFAdapterBase.ExportChanges(ExportedLDIFForAdapter exportedLdifForAdapter)
First confirming delta import fails
Branched from Help Desk item 290 - http://development.unifysolutions.net:8080/project/index.php?m=helpdesk&a=view&item_id=290. When baselining a solution, and using a delta import as the first confirming import against an Identity Broker v3 system, a NullReferenceException is thrown across the WCF boundary, stating that a parameter is null. The inner exception in WCF logging reveals a seemingly different parameter is null each time. Temporary work around is to perform a full import for the first confirming import. Refer to help desk item 290 for more history of issue.
Event Viewer gives "A connection was forcibly closed" error.
WCF logging reveals stack trace:
- WCF logging yields stack trace: System.NullReferenceException, Object reference not set to an instance of an object.
Unify.Framework.ValueToLDIFAttrvalRecordAdapter`1.CreateAttrvalSpecs(TKey key, IValue value) in S:\SVN\Framework\Core\Release\v3.0.0\Source\Adapter\Unify.Framework.Adapter.LDIF\ValueToLDIFAttrvalRecordAdapter.cs:line 74
Unify.Framework.AdapterEntityChangeIndicatorToLDIFComponentAdapter.GetLDIFModSpec(IAdapterEntityAttributeChangeValue value) in S:\SVN\Framework\Core\Release\v3.0.0\Source\Adapter\Unify.Framework.Adapter.LDIF\AdapterEntityChangeIndicatorToLDIFComponentAdapter.cs:line 131
System.Linq.Enumerable.WhereSelectArrayIterator`2.MoveNext()
Unify.Framework.LDIFChangeModify.WriteComponentDetails(TextWriter writer) in S:\SVN\Framework\Core\Release\v3.0.0\Source\IO\Unify.Framework.IO.LDAP\LDIF\LDIFChangeModify.cs:line 49
Unify.Framework.LDIFChangeRecordBase.WriteComponent(TextWriter writer) in S:\SVN\Framework\Core\Release\v3.0.0\Source\IO\Unify.Framework.IO.LDAP\LDIF\LDIFChangeRecordBase.cs:line 46
Unify.Framework.LDIFComponentFileGenerator`1.GenerateFile(TextWriter writer, IEnumerable`1 entries) in S:\SVN\Framework\Core\Release\v3.0.0\Source\IO\Unify.Framework.IO.LDAP\LDIF\LDIFComponentFileGenerator.cs:line 49
Unify.Framework.LDIFAdapter.c_DisplayClass5`1.b_4(Stream stream) in S:\SVN\Framework\Core\Release\v3.0.0\Source\Adapter\Unify.Framework.Adapter.Remoting\LDIFAdapter.cs:line 169
Unify.Framework.LazyEvaluationStream.Evaluate(Object obj) in S:\SVN\Framework\Core\Release\v3.0.0\Source\IO\Unify.Framework.IO\LazyEvaluationStream.cs:line 119
Revisit expression visitor around null keys
There is currently a workaround in place for IDB-731 due to the expression visitor handling when GetMultiKeyValue is called on fields that are not populated. This needs to be eventually updated so that it doesn't throw a null reference exception in this case.
A null reference exception can also be produced by calling doing an "entity.GetMultiKeyValue(key) != null" check. This can be reproduced by readding this check to EntityCompositeKeyDistinguishedNameStaticRelationValueAdapterBase.Transform and reattempting the scenario described in IDB-731.
Clear connector race condition.
There is a race condition in Identity Broker that could cause incorrect deletes on adapter delta imports.
Imagine I have done an Import All on a connector which returned 20 changes.
I immediately follow with a clear all operation, which clears the connector and adapter context, as well as any processed changes.
Imagine that 10 changes have not yet been processed (possible with very large change sets).
These changes will then be picked up by the change processor, and registered as changes.
If I follow up with a Delta import from FIM, IDB will calculate these 10 orphaned changes as deletes.
We can handle the currently unprocessed changes by clearing the remaining untouched changes.
For the changes in memory, either the count of changes processed on each cycle will need to be throttled, or a conditional might be added to wrap each cycle, or this potential race condition might just need to be highlighted on the UI/documentation.
Relational transformations with optional DN generators can break on change detection.
Relational transformations with optional DN generators can break on change detection if the optional DN generator is configured.
The factory being used for this does not add a contribution for the target of the DN Generator attribute mapper on ApplyChainedChangeDetection, which can result in a NullReferenceException during change detection.
This appears in the logs as
Changes register item processing on failed. Changes register item processing on connector CSV Connector failed with reason Object reference not set to an instance of an object.. Duration: 00:01:47.7557745 Error details: System.NullReferenceException: Object reference not set to an instance of an object. at Unify.Product.IdentityBroker.ChainedTransformationChangeProcessor.PublishChange(IEnumerable`1 changedEntities, DateTime changeProcessTime, ICollection`1 changeRecords) in S:\hg\Product\IdentityBroker\Master-Changes\Source\Adapter\Unify.IdentityBroker.Adapter.EntityTransformation\ChainedTransformationChangeProcessor.cs:line 132 at Unify.Product.IdentityBroker.ChainedTransformationChangeProcessor.ProcessChangeReport(IDictionaryTwoPassDifferenceReport`4 changesReport, DateTime changeProcessTime) in S:\hg\Product\IdentityBroker\Master-Changes\Source\Adapter\Unify.IdentityBroker.Adapter.EntityTransformation\ChainedTransformationChangeProcessor.cs:line 109 at Unify.Product.IdentityBroker.ChangeReportProcessor.<>c__DisplayClass12.<ProcessCurrentReport>b__11(ITransformationChangeProcessor processor) in S:\hg\Product\IdentityBroker\Master-Changes\Source\ChangeDetection\Unify.IdentityBroker.ChangeDetection\ChangeReportProcessor.cs:line 159 at Unify.Framework.Visitor.<>c__DisplayClass1`1.<Visit>b__0(T item, Int32 index) in S:\hg\Framework\Core\a\Source\DesignPatterns\Unify.Framework.DesignPatterns\Visitor.cs:line 23 at Unify.Framework.Visitor.Visit[T](IEnumerable`1 visitCollection, Action`2 visitor) in S:\hg\Framework\Core\a\Source\DesignPatterns\Unify.Framework.DesignPatterns\Visitor.cs:line 47 at Unify.Framework.Visitor.Visit[T](IEnumerable`1 visitCollection, Action`1 visitor) in S:\hg\Framework\Core\a\Source\DesignPatterns\Unify.Framework.DesignPatterns\Visitor.cs:line 23 at Unify.Product.IdentityBroker.ChangeReportProcessor.ProcessCurrentReport(IEnumerable`1 adapterTransformationProcessors, IDictionaryTwoPassDifferenceReport`4 differenceReport, DateTime changeTime) in S:\hg\Product\IdentityBroker\Master-Changes\Source\ChangeDetection\Unify.IdentityBroker.ChangeDetection\ChangeReportProcessor.cs:line 158 at Unify.Product.IdentityBroker.ChangeReportProcessor.CreateAndProcessReport[T](IEnumerable`1 adapterTransformationProcessors, IEnumerable`1 sourceEnumerable, DateTime changeTime, Action`2 addAction) in S:\hg\Product\IdentityBroker\Master-Changes\Source\ChangeDetection\Unify.IdentityBroker.ChangeDetection\ChangeReportProcessor.cs:line 147 at Unify.Product.IdentityBroker.ChangeReportProcessor.ProcessReport(IChangeReportProcessingRequest request) in S:\hg\Product\IdentityBroker\Master-Changes\Source\ChangeDetection\Unify.IdentityBroker.ChangeDetection\ChangeReportProcessor.cs:line 118
Additionally the Time Relational transformation adds a contribution for the target twice, resulting in a argument exception.
Error thrown following connector full imports
When a connector full import runs, the following error is thrown when attempting to stop change detection. _RunningChangeDetectionTasks is an empty dictionary:
The given key was not present in the dictionary.
> Unify.Framework.Collections.dll!Unify.Framework.Collections.ThreadsafeDictionaryBase<System.Guid,Unify.Framework.Collections.IThreadsafeCollection<System.Guid>,System.Collections.Generic.IDictionary<System.Guid,Unify.Framework.Collections.IThreadsafeCollection<System.Guid>>>.thisSystem.Guid.get(System.Guid key) Line 184 + 0x89 bytes C#
Unify.IdentityBroker.ChangeDetection.Engine.dll!Unify.Product.IdentityBroker.ConnectorStatisticsEngine.StopChangeDetection(System.Guid connectorId, System.Guid taskId) Line 843 + 0x57 bytes C#
Unify.IdentityBroker.ChangeDetection.Engine.dll!Unify.Product.IdentityBroker.ConnectorStatisticsEngine.SetChangeDetectionValues.AnonymousMethod__21() Line 730 + 0x98 bytes C#
Unify.Framework.Scheduling.Job.dll!Unify.Framework.ExtensionMethods.WaitOnMutex(System.Threading.Mutex mutex, System.Action work) Line 21 + 0xf bytes C#
Unify.IdentityBroker.ChangeDetection.Engine.dll!Unify.Product.IdentityBroker.ConnectorStatisticsEngine.SetChangeDetectionValues(System.Guid taskId, System.Guid connectorId, System.DateTime time, System.TimeSpan duration, Unify.Framework.Collections.IDictionaryTwoPassDifferenceReport<System.Guid,Unify.Product.IdentityBroker.IEntity,Unify.Framework.Collections.GroupedNameValueCollectionKey,Unify.Framework.IValue> differenceReport, bool succeeded, string errorMessage) Line 728 + 0x54 bytes C#
Unify.IdentityBroker.ChangeDetection.Engine.dll!Unify.Product.IdentityBroker.ConnectorStatisticsEngine.Notify(Unify.Product.IdentityBroker.IChangeDetectionProcessChangeRegisterItemsCompletedEvent message) Line 355 + 0x1a9 bytes C#
Unify.Framework.Notification.dll!Unify.Framework.Notification.NotificationSinkList<Unify.Product.IdentityBroker.IChangeDetectionProcessChangeRegisterItemsCompletedEvent>.Notify.AnonymousMethod__0(Unify.Framework.Notification.INotificationSink<Unify.Product.IdentityBroker.IChangeDetectionProcessChangeRegisterItemsCompletedEvent> sink) Line 23 + 0x6f bytes C#
Unify.Framework.DesignPatterns.dll!Unify.Framework.Visitor.Visit<Unify.Framework.Notification.INotificationSink<Unify.Product.IdentityBroker.IChangeDetectionProcessChangeRegisterItemsCompletedEvent>>.AnonymousMethod__0(Unify.Framework.Notification.INotificationSink<Unify.Product.IdentityBroker.IChangeDetectionProcessChangeRegisterItemsCompletedEvent> item, int index) Line 23 + 0x24 bytes C#
Unify.Framework.DesignPatterns.dll!Unify.Framework.Visitor.Visit<Unify.Framework.Notification.INotificationSink<Unify.Product.IdentityBroker.IChangeDetectionProcessChangeRegisterItemsCompletedEvent>>(System.Collections.Generic.IEnumerable<Unify.Framework.Notification.INotificationSink<Unify.Product.IdentityBroker.IChangeDetectionProcessChangeRegisterItemsCompletedEvent>> visitCollection, System.Action<Unify.Framework.Notification.INotificationSink<Unify.Product.IdentityBroker.IChangeDetectionProcessChangeRegisterItemsCompletedEvent>,int> visitor) Line 48 C#
Unify.Framework.DesignPatterns.dll!Unify.Framework.Visitor.Visit<Unify.Framework.Notification.INotificationSink<Unify.Product.IdentityBroker.IChangeDetectionProcessChangeRegisterItemsCompletedEvent>>(System.Collections.Generic.IEnumerable<Unify.Framework.Notification.INotificationSink<Unify.Product.IdentityBroker.IChangeDetectionProcessChangeRegisterItemsCompletedEvent>> visitCollection, System.Action<Unify.Framework.Notification.INotificationSink<Unify.Product.IdentityBroker.IChangeDetectionProcessChangeRegisterItemsCompletedEvent>> visitor) Line 24 C#
Unify.Framework.Notification.dll!Unify.Framework.Notification.NotificationSinkList<Unify.Product.IdentityBroker.IChangeDetectionProcessChangeRegisterItemsCompletedEvent>.Notify(Unify.Product.IdentityBroker.IChangeDetectionProcessChangeRegisterItemsCompletedEvent message) Line 24 C#
Unify.Framework.Notification.dll!Unify.Framework.Notification.NotificationSinkList<Unify.Product.IdentityBroker.IChangeDetectionProcessChangeRegisterItemsCompletedEvent>.NotifyRegisteredSinksOfMessage<Unify.Framework.Notification.INotificationMessage>(Unify.Framework.Notification.INotificationMessage message) Line 38 C#
Unify.Framework.Notification.dll!Unify.Framework.Notification.NotificationMessageService.NotifyRegisteredSinksOfMessage<Unify.Framework.Notification.INotificationMessage>.AnonymousMethod__2(System.Collections.Generic.KeyValuePair<System.Type,Unify.Framework.Notification.IRegisteredNotificationSinkList> sinkList) Line 72 + 0xa0 bytes C#
Unify.Framework.DesignPatterns.dll!Unify.Framework.Visitor.Visit<System.Collections.Generic.KeyValuePair<System.Type,Unify.Framework.Notification.IRegisteredNotificationSinkList>>.AnonymousMethod__0(System.Collections.Generic.KeyValuePair<System.Type,Unify.Framework.Notification.IRegisteredNotificationSinkList> item, int index) Line 23 + 0x3a bytes C#
Unify.Framework.DesignPatterns.dll!Unify.Framework.Visitor.Visit<System.Collections.Generic.KeyValuePair<System.Type,Unify.Framework.Notification.IRegisteredNotificationSinkList>>(System.Collections.Generic.IEnumerable<System.Collections.Generic.KeyValuePair<System.Type,Unify.Framework.Notification.IRegisteredNotificationSinkList>> visitCollection, System.Action<System.Collections.Generic.KeyValuePair<System.Type,Unify.Framework.Notification.IRegisteredNotificationSinkList>,int> visitor) Line 48 C#
Unify.Framework.DesignPatterns.dll!Unify.Framework.Visitor.Visit<System.Collections.Generic.KeyValuePair<System.Type,Unify.Framework.Notification.IRegisteredNotificationSinkList>>(System.Collections.Generic.IEnumerable<System.Collections.Generic.KeyValuePair<System.Type,Unify.Framework.Notification.IRegisteredNotificationSinkList>> visitCollection, System.Action<System.Collections.Generic.KeyValuePair<System.Type,Unify.Framework.Notification.IRegisteredNotificationSinkList>> visitor) Line 24 C#
Unify.Framework.Notification.dll!Unify.Framework.Notification.NotificationMessageService.NotifyRegisteredSinksOfMessage<Unify.Framework.Notification.INotificationMessage>(Unify.Framework.Notification.INotificationMessage message) Line 73 C#
Unify.Framework.Notification.Async.dll!Unify.Framework.Notification.AsyncRegisteredNotificationSinkListDecoratorBase<Unify.Framework.Notification.INotificationMessageService>.DeliverMessages() Line 49 C#
Unify.Framework.Notification.Async.dll!Unify.Framework.Notification.ScheduledNotificationMessageServiceDecorator.DeliverMessages() Line 44 C#
Unify.Framework.Notification.Async.dll!Unify.Framework.Notification.ScheduledNotificationMessageServiceDecorator.DeliverMessagesJob.RunBase() Line 123 C#
Unify.Framework.Scheduling.Job.dll!Unify.Framework.JobBase.Run() Line 16 C#
Unify.Framework.Scheduling.Job.dll!Unify.Framework.AsynchronousJobExecutor.PerformJobCallback(object state) Line 29 + 0x20 bytes C#
Copy connector/adapter should specify a number of times to do it
From IDB-281, the copy functionality should have a text box (that defaults to 1), that allows for multiple copies to be created. It should append the number to the base name.
Ensure that checks for conflicting names occur for each iteration, skipping any conflicts. Please do this with some thought, so that the same checked items are ignored for the next iteration. eg an internal method taking a start seed.
Unit tests as usual.
Thanks.
Customer support service by UserEcho
