IdB for FIM:

Is it possible to have the install place the DLL in the extensions dir & update xml file? Alternately, at end of install splash screen with remaining steps. Similar to Exchange install.

Exporting to CRM, this is the result:

System.Exception: Error occurred when attempting to save entity with distinguished name
 
CN=12700
 
Error:
 
The method IEntityBase`.GetValue() is not supported in this context.  Use IEntityBase`.GetValueOrDefault() instead.
 
The method is not supported as use of this method in a LINQ statement against an implementation will result in the same exception type being thrown if the key value is not present in an instance of the entity.
   at Unify.Product.IdentityBroker.Repository.EntityExpressionQueryVisitor`4.VisitMethodCall(MethodCallExpression m)
   at Unify.Framework.ExpressionVisitorBase`11.Visit(Expression exp)
   at Unify.Framework.ExpressionExpressionVisitorBase.<VisitExpressionList>b__d(Expression originalExpression)
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at System.Collections.Generic.List`1..ctor(IEnumerable`1 collection)
   at System.Linq.Enumerable.ToList[TSource](IEnumerable`1 source)
   at Unify.Framework.ExpressionExpressionVisitorBase.VisitExpressionList(ReadOnlyCollection`1 original)
   at Unify.Framework.Data.LinqContextConversionExpressionVisitorBase`5.VisitMethodCall(MethodCallExpression m)
   at Unify.Product.IdentityBroker.Repository.EntityExpressionQueryVisitor`4.VisitMethodCall(MethodCallExpression m)
   at Unify.Framework.ExpressionVisitorBase`11.Visit(Expression exp)
   at Unify.Framework.Data.LinqContextConversionExpressionVisitorBase`5.VisitLambda(LambdaExpression lambda)
   at Unify.Framework.ExpressionVisitorBase`11.Visit(Expression exp)
   at Unify.Framework.ExpressionExpressionVisitorBase.VisitUnary(UnaryExpression u)
   at Unify.Framework.ExpressionVisitorBase`11.Visit(Expression exp)
   at Unify.Framework.ExpressionExpressionVisitorBase.<VisitExpressionList>b__d(Expression originalExpression)
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
  at System.Collections.Generic.List`1..ctor(IEnumerable`1 collection)
   at System.Linq.Enumerable.ToList[TSource](IEnumerable`1 source)
   at Unify.Framework.ExpressionExpressionVisitorBase.VisitExpressionList(ReadOnlyCollection`1 original)
   at Unify.Framework.Data.LinqContextConversionExpressionVisitorBase`5.VisitMethodCall(MethodCallExpression m)
   at Unify.Product.IdentityBroker.Repository.EntityExpressionQueryVisitor`4.VisitMethodCall(MethodCallExpression m)
   at Unify.Framework.ExpressionVisitorBase`11.Visit(Expression exp)
   at Unify.Framework.Data.LinqContextConversionExpressionVisitorBase`5.ConvertExpression(Expression partitionExpression)
   at Unify.Framework.Data.LinqQueryConversionProvider`5.GetOrderedQuery(Expression businessExpression, IQueryable`1 sourceQueryable, TContext sourceContext)
   at Unify.Framework.Data.LinqWhereQuery`5.GetEnumerator()
   at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer)
   at Unify.Product.IdentityBroker.DynamicsCrmObjectConnector.UpdateEntities(IEnumerable`1 entities)
   at Unify.Product.IdentityBroker.EventNotifierUpdatingConnectorDecorator.UpdateEntities(IEnumerable`1 entities)
   at Unify.Product.IdentityBroker.Adapter.UpdateEntities(IEnumerable`1 entities, Boolean reflect)
   at Unify.Product.IdentityBroker.AdapterNotifierDecoratorBase`1.UpdateEntity(IAdapterEntity entityToSave)
   at Unify.Product.IdentityBroker.LDIFAdapterBase.ExportChanges(ExportedLDIFForAdapter exportedLdifForAdapter)
   at SyncInvokeExportChanges(Object , Object[] , Object[] )
   at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
   at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
   at Unify.Product.IdentityBroker.IdentityBrokerManagementAgentProxy.ExportEntry(ModificationType modificationType, String[] changedAttributes, CSEntry csentry)

The Microsoft Dynamics CRM 2011 SDK includes a couple of dll's that have been used for the development of the connector (referenced).

The assemblies will not be present on machines that are not running Dynamics CRM 2011 (a deployment where Identity Broker is on a different machine) or where the client is using a hosted solution.

The installation process will be a lot simpler if I can include the referenced assemblies in the installer. Is this possible with the following agreement that is included in the SDK:

MICROSOFT SOFTWARE LICENSE TERMS
MICROSOFT DYNAMICS CRM 2011 SOFTWARE DEVELOPMENT KIT (SDK)
These license terms are an agreement between Microsoft Corporation (or based on where you live, one of its affiliates) and you. Please read them. They apply to the software named above, which includes the media on which you received it, if any. The terms also apply to any Microsoft
• updates,
• supplements,
• Internet-based services, and
• support services
for this software, unless other terms accompany those items. If so, those terms apply.
BY USING THE SOFTWARE, YOU ACCEPT THESE TERMS. IF YOU DO NOT ACCEPT THEM, DO NOT USE THE SOFTWARE.
If you comply with these license terms, you have the rights below.
1. INSTALLATION AND USE RIGHTS. You may install and use any number of copies of the software on your devices to design, develop and test your programs.
2. ADDITIONAL LICENSING REQUIREMENTS AND/OR USE RIGHTS.
a. Distributable Code. The software contains code that you are permitted to distribute in programs you develop if you comply with the terms below.
i. Right to Use and Distribute. The code and text files listed below are “Distributable Code.”
• Sample Code. You may modify, copy, and distribute the source and object code form of code marked as “sample.”
• Other Distributable Code. You may copy and distribute the source and object code form of code if it is a file with the extension *.dll.
• Third Party Distribution. You may permit distributors of your programs to copy and distribute the Distributable Code as part of those programs.
ii. Distribution Requirements. For any Distributable Code you distribute, you must
• add significant primary functionality to it in your programs;
• for any Distributable Code having a filename extension of .lib, distribute only the results of running such Distributable Code through a linker with your program;
• distribute Distributable Code included in a setup program only as part of that setup program without modification;
• require distributors and external end users to agree to terms that protect it at least as much as this agreement;
• display your valid copyright notice on your programs; and
• indemnify, defend, and hold harmless Microsoft from any claims, including attorneys’ fees, related to the distribution or use of your programs.
iii. Distribution Restrictions. You may not
• alter any copyright, trademark or patent notice in the Distributable Code;
• use Microsoft’s trademarks in your programs’ names or in a way that suggests your programs come from or are endorsed by Microsoft;
• distribute Distributable Code, other than code listed in OTHER-DIST.TXT files, to run on a platform other than the Windows platform;
• include Distributable Code in malicious, deceptive or unlawful programs; or
• modify or distribute the source code of any Distributable Code so that any part of it becomes subject to an Excluded License. An Excluded License is one that requires, as a condition of use, modification or distribution, that
• the code be disclosed or distributed in source code form; or
• others have the right to modify it.
3. SCOPE OF LICENSE. The software is licensed, not sold. This agreement only gives you some rights to use the software. Microsoft reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the software only as expressly permitted in this agreement. In doing so, you must comply with any technical limitations in the software that only allow you to use it in certain ways. You may not
• work around any technical limitations in the software;
• reverse engineer, decompile or disassemble the software, except and only to the extent that applicable law expressly permits, despite this limitation;
• make more copies of the software than specified in this agreement or allowed by applicable law, despite this limitation;
• publish the software for others to copy;
• rent, lease or lend the software;
• transfer the software or this agreement to any third party; or
• use the software for commercial software hosting services.
4. BACKUP COPY. You may make one backup copy of the software. You may use it only to reinstall the software.
5. DOCUMENTATION. Any person that has valid access to your computer or internal network may copy and use the documentation for your internal, reference purposes.
6. EXPORT RESTRICTIONS. The software is subject to United States export laws and regulations. You must comply with all domestic and international export laws and regulations that apply to the software. These laws include restrictions on destinations, end users and end use. For additional information, see www.microsoft.com/exporting.
7. SUPPORT SERVICES. Because this software is “as is,” we may not provide support services for it.
8. ENTIRE AGREEMENT. This agreement, and the terms for supplements, updates, Internet-based services and support services that you use, are the entire agreement for the software and support services.
9. APPLICABLE LAW.
a. United States. If you acquired the software in the United States, Washington state law governs the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws principles. The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort.
b. Outside the United States. If you acquired the software in any other country, the laws of that country apply.
10. LEGAL EFFECT. This agreement describes certain legal rights. You may have other rights under the laws of your country. You may also have rights with respect to the party from whom you acquired the software. This agreement does not change your rights under the laws of your country if the laws of your country do not permit it to do so.
11. DISCLAIMER OF WARRANTY. THE SOFTWARE IS LICENSED “AS-IS.” YOU BEAR THE RISK OF USING IT. MICROSOFT GIVES NO EXPRESS WARRANTIES, GUARANTEES OR CONDITIONS. YOU MAY HAVE ADDITIONAL CONSUMER RIGHTS UNDER YOUR LOCAL LAWS WHICH THIS AGREEMENT CANNOT CHANGE. TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAWS, MICROSOFT EXCLUDES THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.
12. LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES. YOU CAN RECOVER FROM MICROSOFT AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP TO U.S. $5.00. YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES.
This limitation applies to
• anything related to the software, services, content (including code) on third party Internet sites, or third party programs; and
• claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law.
It also applies even if Microsoft knew or should have known about the possibility of the damages. The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages.

Try to find method for schema discovery.

A better exception message should be provided for invalid casts in EntityMultiValueObjectTypeSchemaValidator.CreateValue.

When the data type in the connector configuration does not match the data type in FIM, on export, when the value is created the below exception will be thrown.

EntityMultiValueObjectTypeSchemaValidator.cs:line 62 refers to the line where the value is cast to IEnumerable<object>.

A better exception message should be provided.

System.InvalidCastException: Unable to cast object of type 'Unify.Framework.MultiValue`1[Unify.Framework.DistinguishedNameValue]' to type 'System.Collections.Generic.IEnumerable`1[System.Object]'.
   at Unify.Framework.EntityMultiValueObjectTypeSchemaValidator`3.CreateValue(Object dataValue) in S:\hg\Framework\Core\v3.0.4\Source\Entity\Unify.Framework.Entity.Schema\EntityMultiValueObjectTypeSchemaValidator.cs:line 62
   at Unify.Framework.EntitySchemaFieldDefinition.CreateValue(Object dataValue) in S:\hg\Framework\Core\v3.0.4\Source\Entity\Unify.Framework.Entity.Schema\EntitySchemaFieldDefinition.cs:line 36
   at Unify.Framework.EntitySchemaValueTransformer.Transform(IEntity baseValue) in S:\hg\Framework\Core\v3.0.4\Source\ChangeDetection\Unify.Framework.ChangeDetection\EntitySchemaValueTransformer.cs:line 46
   at Unify.Framework.Adapter.<>c__DisplayClass19.<SaveEntities>b__b(<>f__AnonymousType2`2 <>h__TransparentIdentifier6) in S:\hg\Framework\Core\Master\Source\Adapter\Unify.Framework.Adapter\Adapter.cs:line 424
   at System.Linq.Enumerable.<>c__DisplayClass12`3.<CombineSelectors>b__11(TSource x)
   at System.Linq.Enumerable.WhereSelectArrayIterator`2.MoveNext()
   at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
   at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
   at Unify.Framework.Adapter.SaveEntities(IEnumerable`1 entities, Boolean reflect) in S:\hg\Framework\Core\Master\Source\Adapter\Unify.Framework.Adapter\Adapter.cs:line 419
   at Unify.Framework.Adapter.SaveEntity(IAdapterEntity entity, Boolean reflect) in S:\hg\Framework\Core\Master\Source\Adapter\Unify.Framework.Adapter\Adapter.cs:line 387
   at Unify.Framework.Adapter.SaveEntity(IAdapterEntity entity) in S:\hg\Framework\Core\Master\Source\Adapter\Unify.Framework.Adapter\Adapter.cs:line 372
   at Unify.Framework.CompositeAdapter.SaveEntity(IAdapterEntity entity) in S:\hg\Framework\Core\Master\Source\Adapter\Unify.Framework.Adapter\CompositeAdapter.cs:line 215
   at Unify.Framework.AdapterNotifierDecorator.SaveEntity(IAdapterEntity entityToSave) in S:\hg\Framework\Core\Master\Source\Adapter\Unify.Framework.Adapter\AdapterNotifierDecorator.cs:line 200
   at Unify.Framework.LDIFAdapter.ExportAdapterEntity(IAdapterEntity adapterEntity, Guid adapterId) in S:\hg\Framework\Core\v3.0.4\Source\Adapter\Unify.Framework.Adapter.Remoting\LDIFAdapter.cs:line 118
   at Unify.Framework.LDIFAdapterServiceHostDecorator.ExportAdapterEntity(IAdapterEntity adapterEntity, Guid adapterId) in S:\hg\Framework\Identity Broker\v3.0\Source\Unify.Framework.ConnectEngine\LDIFAdapterServiceHostDecorator.cs:line 69
   at SyncInvokeExportAdapterEntity(Object , Object[] , Object[] )
   at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
   at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage4(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)",Normal

It appears that as soon as a wildcard character is used in an LDAP query, any object that has a value populated for the specific field will be returned irrespective of where that wildcard is placed in the query. Unless I've overlooked something, this means you can't do a 'starts with' search.

For example, here is a query of all Users in one of my connectors:

Here is a search for USNAME=TUNA which gives the expected single result

Here is a search for USNAME=TUNA*. This gives unexpected results (USNAMES starting with words other than TUNA are listed)

As a reference, here is how a search on AD Looks for all users

And then doing a search for CN starts with 'c'

When trying to start the Identity Broker Service receive the following error when using the debug:

C:\Program Files\UNIFY Solutions\Services>Unify.Service.Connect.Debug.exe
Unify.Framework.UnifyServerStartException: Service 'Unify.Framework.LDIFAdapterS
erviceHostDecorator' has zero application (non-infrastructure) endpoints. This m
ight be because no configuration file was found for your application, or because
no service element matching the service name could be found in the configuratio
n file, or because no endpoints were defined in the service element. ---> System
.InvalidOperationException: Service 'Unify.Framework.LDIFAdapterServiceHostDecor
ator' has zero application (non-infrastructure) endpoints. This might be because
no configuration file was found for your application, or because no service ele
ment matching the service name could be found in the configuration file, or beca
use no endpoints were defined in the service element.
   at System.ServiceModel.Description.DispatcherBuilder.EnsureThereAreNonMexEndp
oints(ServiceDescription description)
   at System.ServiceModel.Description.DispatcherBuilder.InitializeServiceHost(Se
rviceDescription description, ServiceHostBase serviceHost)
   at System.ServiceModel.ServiceHostBase.InitializeRuntime()
   at System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at Unify.Framework.IdentityBrokerEngine.Start()
   at Unify.Framework.UnifyEngine.Start()
   --- End of inner exception stack trace ---
   at Unify.Framework.UnifyEngine.Start()
   at Unify.Services.Connect.Debug.ProgramProxy.Execute()

When attempting to connect to SAP using the SAP HCM Wizard the following errors result:

Exception exported from Save exception
System.BadImageFormatException: An attempt was made to load a program with an incorrect format. (Exception from HRESULT: 0x8007000B)
at SAP.Connector.Connection.Open()
at Unify.Communicators.SapHRCommunicator.SapHrCommunicator.Open()
at Unify.UI.PlugIn.SAP.ConnectionWizard.TestSapCredentialsTask.PerformTask()
at Unify.UI.TimeoutTaskDecorator`1.PerformTask()
at Unify.UI.ExceptionTaskDecorator.PerformTask()

CloudBroker requires the following:

• SSL on all communication

IDBAD will fail if the end-point address (a public DNS entry) is different to the certificate supplied by the AD end-point, something that is entirely likely to happen if a customer cannot use their NAT to set up SSL and terminate at that address. For example:

IDBAD is set to connect to unify-demo-idbchrslite-1-ad.cloudapp.net, however the AD certificate is issued by the domain CA which makes the certificate idbpc21-ad.demo.unifysolutions.net.

The AD connector should permit the certificate to be determined by a name in the our configuration. The certificate must still be valid against the local machine certificate store.

From Bob Bradley:

Leading on from Event Broker, how about a mobile version of Event Broker with monitoring/alerting built in? Product roadmap?
Thinking of FIM custodian wanting peace of mind – clearing sync bottlenecks while out on the road such as restarting the service after an outage.
Explain my thoughts a bit more later … but prompted by a Microsoft email plugging “Prism” for developing apps for the Microsoft equivalent of the IPhone AppStore.