Monash needs a transformation in adaptor to join two tables and group the resolved values (type of String) to a multi-value string attribute.

I looked at GROUP transformation but it only groups values to multi-value DN.

Please suggest the alternative if any or request additional transformation

Hi

Looking for a migration guide on how to migrate IdB Settings / MA etc across environments.

Regards

We use the SQL agent in IdB to read and write from a simulated SAP data source for testing. When exporting changes to the database via IdB, after approximately 100 exports, IdB starts reporting the following exception. When the IdB is stopped and restarted, a further 100 can be exported before the error reappears.

System.InvalidOperationException: Timeout expired.  The timeout period elapsed prior to obtaining a connection from the pool.  This may have occurred because all pooled connections were in use and max pool size was reached.   at System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection)   at System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)   at System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)   at System.Data.SqlClient.SqlConnection.TryOpenInner(TaskCompletionSource`1 retry)   at System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry)   at System.Data.SqlClient.SqlConnection.Open()   at Unify.Framework.Data.DbConnectionExtensions.OpenIfClosed(IDbConnection connection)   at Unify.Framework.Data.SqlServerDataControl.CreateComponent(Boolean factoryInformation)   at Unify.Framework.Data.AdoNetDataControl.ExecuteDataSetQuery(DataSet resultSet, String commandText, IEnumerable`1 parameters, String[] tableNames, CommandType commandType)   at Unify.Framework.Data.AdoNetDataControl.ReturnDataSetQueryT(String commandText, IEnumerable`1 parameters, String[] tableNames, CommandType commandType)   at Unify.Product.IdentityBroker.DirectCommunicatorBase`1.GetEntitiesDataTable(ICollection`1 keyList)   at Unify.Product.IdentityBroker.DirectCommunicatorBase`1.UpdateEntities(IEnumerable`1 entities)   at Unify.Product.IdentityBroker.DirectReadWriteConnectorBase`1.UpdateEntities(IEnumerable`1 entities)   at Unify.Product.IdentityBroker.ConnectorToUpdatingConnectorBridge.UpdateEntities(IEnumerable`1 entities)   at Unify.Product.IdentityBroker.EventNotifierUpdatingConnectorDecorator.UpdateEntities(IEnumerable`1 entities)   at Unify.Product.IdentityBroker.Adapter.UpdateEntities(IEnumerable`1 entities, EntityToConnectorEntityBridge[]& connectorEntities)   at Unify.Product.IdentityBroker.Adapter.UpdateEntities(IEnumerable`1 entities)   at Unify.Product.IdentityBroker.Adapter.UpdateEntity(IAdapterEntity entity)   at Unify.Product.IdentityBroker.AdapterNotifierDecoratorBase`1.UpdateEntity(IAdapterEntity entityToSave)   at Unify.Product.IdentityBroker.CompositeAdapter.UpdateEntity(IAdapterEntity entity)   at Unify.Product.IdentityBroker.AdapterNotifierDecoratorBase`1.UpdateEntity(IAdapterEntity entityToSave)   at Unify.Product.IdentityBroker.LDIFAdapterBase.HandleExportUpdate(IAdapter adapter, IAdapterEntitySaveChange pendingUpdate)   at Unify.Product.IdentityBroker.LDIFAdapterBase.ExportChanges(ExportedLDIFForAdapter exportedLdifForAdapter)   at Unify.Product.IdentityBroker.LDIFAdapterServiceHostDecoratorBase.ExportChanges(ExportedLDIFForAdapter exportedLdifForAdapter)   at SyncInvokeExportChanges(Object , Object[] , Object[] )   at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)   at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage41(MessageRpc& rpc)   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage4(MessageRpc& rpc)   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc)   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage3(MessageRpc& rpc)   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage2(MessageRpc& rpc)   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(MessageRpc& rpc)   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage1(MessageRpc& rpc)

When saving a Relation.Group.dn transformation (which has/should have upgraded from IDB40:Multivalue Relationship Distinguished Name Generator to IDB41:Group), the following error appears in the logs:

Request to update a selected transformation in a selected adapter.
Request to update the bbb7ffdf-d50d-4e2d-a78f-e56eb009eef3 transformation in the ba1a8cf9-e7af-42dd-b53f-34c0ca938221 adapter errored with message: Transformation of type Relation.Group.dn is not known by the adapter engine. Verify it has been added correctly to the list of known transformation generators.. Duration: 00:00:00.0156002
Error details:
System.ArgumentException: Transformation of type Relation.Group.dn is not known by the adapter engine. Verify it has been added correctly to the list of known transformation generators.
 at Unify.Product.IdentityBroker.AdapterEngine.<>c__DisplayClass7c.<UpdateTransformation>b__7b()
 at Unify.Product.IdentityBroker.AdapterEngine.<>c__DisplayClassd9.<ConfigurationChange>b__d8()
 at Unify.Framework.ExtensionMethods.WaitOnMutex(Mutex mutex, Action work)
 at Unify.Product.IdentityBroker.AdapterEngine.UpdateTransformation(Guid adapterId, IAdapterEntityTransformationConfiguration transformationConfiguration)
 at Unify.Product.IdentityBroker.AdapterEngineNotifierDecorator.UpdateTransformation(Guid adapterId, IAdapterEntityTransformationConfiguration transformationConfiguration)
 at Unify.Product.IdentityBroker.AdapterEngineAccessor.UpdateTransformation(Guid adapterId, IAdapterEntityTransformationConfiguration transformationConfiguration)
 at Unify.Product.IdentityBroker.IdentityServiceCollector.UpdateTransformation(Guid adapterId, AdapterEntityTransformationConfiguration configuration)
 at SyncInvokeUpdateTransformation(Object , Object[] , Object[] )
 at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
 at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
 at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
 at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc)
 at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)

It looks like the upgrade is capable of reading, but is not using the new name when saving.

Everytime we edit the sapAgent it does not remember the password nor does it show the ****** in it

We have to feed it in every time.

Does not happen with other Agents

Can this be fixed please.

Currently, the only way for us to create group memberships is to take a connector that contains a unique list of groups and do a relational.dn join to get its members.

Eg,
class connector contains class 001,
student enrolment connector contains a relationship between Student1 and 001
student enrolment connector contains a relationship between Student2 and 001

relational join on class:student1,student2

However, in some cases we may wish to create groups based on aggregate values (ie, group by) within a single connector - without a relationship connector.

Eg, Student connector that has Name, academicYearLevel and homeRoomClass

It would be great if i could create attribute-based groups based off of these values without a second connector that contains a unique list of academicYearLevels to join against.

Eg:

This would create an adapter that contains a unique list of academic years with a multi-value field that has DN's for the students

This would create an adapter that has attribute based groups for both academicYearLevel AND studentID... This is essentially 'union' functionality so that you don't need a seperate adapter for every type of attribute-based group. Fields are "groupkey" and "studentID". Note the prefix allows you to distinguish between the two groups (is pre-pended to attribute value)

Is equivalent to SQL group by school,academicYearLevel. Would return a group for each yearLevel at each school. The columns returned would be groupkey (containing school:academicYearLevel) and "studentID" (multi-value list of DN's... column name matches

A better exception message should be provided for invalid casts in EntityMultiValueObjectTypeSchemaValidator.CreateValue.

When the data type in the connector configuration does not match the data type in FIM, on export, when the value is created the below exception will be thrown.

EntityMultiValueObjectTypeSchemaValidator.cs:line 62 refers to the line where the value is cast to IEnumerable<object>.

A better exception message should be provided.

System.InvalidCastException: Unable to cast object of type 'Unify.Framework.MultiValue`1[Unify.Framework.DistinguishedNameValue]' to type 'System.Collections.Generic.IEnumerable`1[System.Object]'.
   at Unify.Framework.EntityMultiValueObjectTypeSchemaValidator`3.CreateValue(Object dataValue) in S:\hg\Framework\Core\v3.0.4\Source\Entity\Unify.Framework.Entity.Schema\EntityMultiValueObjectTypeSchemaValidator.cs:line 62
   at Unify.Framework.EntitySchemaFieldDefinition.CreateValue(Object dataValue) in S:\hg\Framework\Core\v3.0.4\Source\Entity\Unify.Framework.Entity.Schema\EntitySchemaFieldDefinition.cs:line 36
   at Unify.Framework.EntitySchemaValueTransformer.Transform(IEntity baseValue) in S:\hg\Framework\Core\v3.0.4\Source\ChangeDetection\Unify.Framework.ChangeDetection\EntitySchemaValueTransformer.cs:line 46
   at Unify.Framework.Adapter.<>c__DisplayClass19.<SaveEntities>b__b(<>f__AnonymousType2`2 <>h__TransparentIdentifier6) in S:\hg\Framework\Core\Master\Source\Adapter\Unify.Framework.Adapter\Adapter.cs:line 424
   at System.Linq.Enumerable.<>c__DisplayClass12`3.<CombineSelectors>b__11(TSource x)
   at System.Linq.Enumerable.WhereSelectArrayIterator`2.MoveNext()
   at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
   at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
   at Unify.Framework.Adapter.SaveEntities(IEnumerable`1 entities, Boolean reflect) in S:\hg\Framework\Core\Master\Source\Adapter\Unify.Framework.Adapter\Adapter.cs:line 419
   at Unify.Framework.Adapter.SaveEntity(IAdapterEntity entity, Boolean reflect) in S:\hg\Framework\Core\Master\Source\Adapter\Unify.Framework.Adapter\Adapter.cs:line 387
   at Unify.Framework.Adapter.SaveEntity(IAdapterEntity entity) in S:\hg\Framework\Core\Master\Source\Adapter\Unify.Framework.Adapter\Adapter.cs:line 372
   at Unify.Framework.CompositeAdapter.SaveEntity(IAdapterEntity entity) in S:\hg\Framework\Core\Master\Source\Adapter\Unify.Framework.Adapter\CompositeAdapter.cs:line 215
   at Unify.Framework.AdapterNotifierDecorator.SaveEntity(IAdapterEntity entityToSave) in S:\hg\Framework\Core\Master\Source\Adapter\Unify.Framework.Adapter\AdapterNotifierDecorator.cs:line 200
   at Unify.Framework.LDIFAdapter.ExportAdapterEntity(IAdapterEntity adapterEntity, Guid adapterId) in S:\hg\Framework\Core\v3.0.4\Source\Adapter\Unify.Framework.Adapter.Remoting\LDIFAdapter.cs:line 118
   at Unify.Framework.LDIFAdapterServiceHostDecorator.ExportAdapterEntity(IAdapterEntity adapterEntity, Guid adapterId) in S:\hg\Framework\Identity Broker\v3.0\Source\Unify.Framework.ConnectEngine\LDIFAdapterServiceHostDecorator.cs:line 69
   at SyncInvokeExportAdapterEntity(Object , Object[] , Object[] )
   at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
   at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage4(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)",Normal

It appears that as soon as a wildcard character is used in an LDAP query, any object that has a value populated for the specific field will be returned irrespective of where that wildcard is placed in the query. Unless I've overlooked something, this means you can't do a 'starts with' search.

For example, here is a query of all Users in one of my connectors:

Here is a search for USNAME=TUNA which gives the expected single result

Here is a search for USNAME=TUNA*. This gives unexpected results (USNAMES starting with words other than TUNA are listed)

As a reference, here is how a search on AD Looks for all users

And then doing a search for CN starts with 'c'

When trying to start the Identity Broker Service receive the following error when using the debug:

C:\Program Files\UNIFY Solutions\Services>Unify.Service.Connect.Debug.exe
Unify.Framework.UnifyServerStartException: Service 'Unify.Framework.LDIFAdapterS
erviceHostDecorator' has zero application (non-infrastructure) endpoints. This m
ight be because no configuration file was found for your application, or because
no service element matching the service name could be found in the configuratio
n file, or because no endpoints were defined in the service element. ---> System
.InvalidOperationException: Service 'Unify.Framework.LDIFAdapterServiceHostDecor
ator' has zero application (non-infrastructure) endpoints. This might be because
no configuration file was found for your application, or because no service ele
ment matching the service name could be found in the configuration file, or beca
use no endpoints were defined in the service element.
   at System.ServiceModel.Description.DispatcherBuilder.EnsureThereAreNonMexEndp
oints(ServiceDescription description)
   at System.ServiceModel.Description.DispatcherBuilder.InitializeServiceHost(Se
rviceDescription description, ServiceHostBase serviceHost)
   at System.ServiceModel.ServiceHostBase.InitializeRuntime()
   at System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at Unify.Framework.IdentityBrokerEngine.Start()
   at Unify.Framework.UnifyEngine.Start()
   --- End of inner exception stack trace ---
   at Unify.Framework.UnifyEngine.Start()
   at Unify.Services.Connect.Debug.ProgramProxy.Execute()

From Bob Bradley:

Leading on from Event Broker, how about a mobile version of Event Broker with monitoring/alerting built in? Product roadmap?
Thinking of FIM custodian wanting peace of mind – clearing sync bottlenecks while out on the road such as restarting the service after an outage.
Explain my thoughts a bit more later … but prompted by a Microsoft email plugging “Prism” for developing apps for the Microsoft equivalent of the IPhone AppStore.