Identity Broker Forum
Welcome to the community forum for Identity Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.
Is there an Identity Broker 3.* transformation that will union multiple connectors with the same schema into a single adapter?
CSO have deployed an Identity Broker for SAS2IDM, which is a custom application (apparently written in-house by CSO?) which does nothing more than consolidate data from 43 school "SAS2000" instances of the same remote SQL database table into a consolidated single database (not sure but I think to separate tables within the same db) ... and at the same time constructing a unique key (school ID concatenated to student ID). This is achieved using a monolithic database view (suspect this is a SQL union).
Given that this tool was built (it seems) prior to UNIFY's engagement (some time after March 2011) to build the Identity Broker for SAS2IDM (CA November 2011 - although Shane Lim may have built an earlier version which wasn't used), there appears to be no discussion about how Identity Broker might be used to access each SAS2000 database using 43 separate instances of the same connector schema, and combine them into a single adapter, thereby making the SAS2IDM application redundant. This would be a good thing as it would dramatically simplify the architecture.
The question is this ...
Can such an adapter be built now using the latest 3.0.7 version of the Identity Broker software, using an adapter configuration something like the following:
compositeAdapterConfiguration> <AdapterEngineCOnfigurations> <Adapter Configuration BaseConnectorID="1" class="person /> <Adapter Configuration BaseConnectorID="2" class="person /> <Adapter Configuration BaseConnectorID="3" class="person /> ...
or would a new transformation(s) need to be developed to support this?
Given that I can think of 2 sites where this requirement would have been considered too (News Ltd before they consolidated on a single HR instance, and an ACT education site somewhere), I expect this concept is not new.
To explain the architectural reason for consolidating 43 connectors into a single adapter like this is so that we have a single FIM MA with a single CS/MV/Portal object, currently managed by 10+10+10 FIM policy objects. If we tried to suggest 43 management agents here, that totally wouldn't fly (43x30=1290 FIM policy objects and a maintenance nightmare).
How Do I configure Identity Broker
I am trying to configure IB to log different severity to different logs.
I have configured
<?xml version="1.0" encoding="utf-8" ?>
<LogWriter name="LogWriterFilterDecorator">
<logFilter name="Severity" severity="Error" />
<LogWriter name="CustomEventLog" customEventLog="IdentityBroker" />
<logFilter name="Severity" severity="All" />
<LogWriter name="CSV" prefix="IdentityBroker" directory="L:\Logs\Identity Broker" days="7" />
</LogWriter>
Is this config correct ?
What else do I need to do to see an Windows Event Log of "IdentiyBroker" ?
Do I need to and how can you explain how to configure .Net config to EventLogPermissionAccess.Write ?
TIA
Only the IB install user can uninstall IB service or SAS2IDM connector
I cannot see IB Service or the SAS2IDM connector in Control Panel Programs unless I log in as user who installed them.
Richard Courtney installed IB and if I log in as him I see ALL IB components in CP programs. I have tried two other domain and local admins but only see the IB FIM component (and the EB components)
At this moment I must therefore login as the "installer" if I want to un-install.
Debug mode logs too many lines
Debug mode introduced for v3.0.6.1 logs each line from Chris21 a repeated number of times to the Identity Broker log, meaning the log grows larger than it needs to when attempting to debug a specific connector.
Permission issues with pluggable views and connector images when using IIS
The following error appears for pluggable views when using IIS. The issue may be to do with the permission set required by the IIS user, although I am logged on as the local and domain Administrator account and using Windows authentication:
System.UnauthorizedAccessException: Access to the path 'C:\Program Files\UNIFY Solutions\Identity Broker\Web\Views\Temp\Connector\ExtendedDisplayConnector\Unify.Connectors.PlaceholderDisplayConnector.cshtml' is denied.
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize)
at System.IO.StreamWriter..ctor(String path, Boolean append)
at Unify.Framework.Web.UnifyRazorViewEngine.CreateView(ControllerContext controllerContext, String path) in c:\Program Files (x86)\Jenkins\jobs\Framework Core (DEV)\workspace\Source\Web\Unify.Framework.Web\Razor\UnifyRazorViewEngine.cs:line 110
at Unify.Framework.Web.UnifyRazorViewEngine.CreatePartialView(ControllerContext controllerContext, String partialPath) in c:\Program Files (x86)\Jenkins\jobs\Framework Core (DEV)\workspace\Source\Web\Unify.Framework.Web\Razor\UnifyRazorViewEngine.cs:line 134
at System.Web.Mvc.VirtualPathProviderViewEngine.FindPartialView(ControllerContext controllerContext, String partialViewName, Boolean useCache)
at System.Web.Mvc.ViewEngineCollection.Find(Func`2 lookup, Boolean trackSearchedPaths)
at System.Web.Mvc.PartialViewResult.FindView(ControllerContext context)
at System.Web.Mvc.ViewResultBase.ExecuteResult(ControllerContext context)
at System.Web.Mvc.ControllerActionInvoker.<>c_DisplayClass1c.<InvokeActionResultWithFilters>b_19()
at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilter(IResultFilter filter, ResultExecutingContext preContext, Func`1 continuation)
at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultWithFilters(ControllerContext controllerContext, IList`1 filters, ActionResult actionResult)
at System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName)
Additionally connector images are not coming through.
Action implications for deprecated FIM features
Microsoft has announced a number of features are to be deprecated in "the next FIM version" as described at http://technet.microsoft.com/en-us/library/jj879229(v=ws.10).aspx. In particular, the following need to be updated:
IDB-312- ECMA2 support- Updating the default run profiles for the xMA such that they do not contain single step run profiles (ie. "full import and full synchronization")
BeginExport should fail on service unavailable
If you run an export with the Identity Broker service disabled, every item will attempt to export and fail. Instead, service availability should cause the export to fail at the BeginExport level, like the AD and SQL MAs.
An import to Identity Broker fails due to a NullReferenceException
The inclusion of a Relational.Composite adapter tranformation causes a FIM-instigated full import (adapter) to fail with the following exception:
Log Name: UNIFY.IdB.PeopleSoft Source: Adapter get all entities for adapter failed. Date: 3/10/2012 11:50:00 AM Event ID: 0 Task Category: None Level: Warning Keywords: Classic User: N/A Computer: D-OCCCP-AS001.dbb.local Description: Error occurred in module: Adapter Adapter get all entities for adapter 5db0f5e1-a032-450a-9415-fa4863f171da failed with reason Object reference not set to an instance of an object.. Duration: 00:00:40.8116688 Error details: System.NullReferenceException: Object reference not set to an instance of an object. at Unify.Framework.ArrayEqualityComparer`1.GetHashCode(T[] obj) at Unify.Framework.MultiKeyValue.GetHashCode() at System.Collections.Generic.GenericEqualityComparer`1.GetHashCode(T obj) at System.Linq.Set`1.InternalGetHashCode(TElement value) at System.Linq.Set`1.Find(TElement value, Boolean add) at System.Linq.Set`1.Add(TElement value) at System.Linq.Enumerable.<DistinctIterator>d__7a`1.MoveNext() at System.Linq.Enumerable.Count[TSource](IEnumerable`1 source) at Unify.Repository.EntityExpressionQueryVisitor`3.CreateMultiValueRangeExpression(IMultiKey`1 multiKey, IEnumerable`1 sourceValueList, IQueryable`1 sourceQueryable) at Unify.Repository.EntityExpressionQueryVisitor`3.VisitMethodWhereWithMultiValueEnumerableContains(MethodCallExpression expression) at Unify.Repository.EntityExpressionQueryVisitor`3.VisitMethodCall(MethodCallExpression m) at Unify.Framework.ExpressionVisitorBase`11.Visit(Expression exp) at Unify.Framework.LinqContextConversionExpressionVisitorBase`5.ConvertExpression(Expression partitionExpression) at Unify.Framework.LinqQueryConversionProvider`5.GetOrderedQuery(Expression businessExpression, IQueryable`1 sourceQueryable, TContext sourceContext) at Unify.Framework.LinqWhereQuery`5.EvaluateQuery(TContext context) at Unify.Framework.LinqWhereQuery`5.GetEnumerator() at System.Linq.Lookup`2.Create[TSource](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer) at System.Linq.Enumerable.ToLookup[TSource,TKey](IEnumerable`1 source, Func`2 keySelector) at Unify.Framework.EntityCompositeKeyDistinguishedNameStaticRelationValueAdapterBase.Transform(IEnumerable`1 sourceValue) at Unify.Framework.ChainValueAdapter`3.Transform(TBaseValue baseValue) at System.Linq.Enumerable.<>c__DisplayClass12`3.<CombineSelectors>b__11(TSource x) at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at Unify.Framework.EnumerableExtensions.<ActionOnLast>d__16`1.MoveNext() at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext() at Unify.Framework.EnumerableExtensions.<ActionOnLast>d__16`1.MoveNext() at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext() at Unify.Framework.EnumerableExtensions.<ActionOnFirst>d__1c`1.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at Unify.Framework.ActionOnExceptionEnumerator`1.MoveNext() at Unify.Framework.EnumerableExtensions.<ActionOnLast>d__16`1.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext() at System.Linq.Enumerable.<ConcatIterator>d__71`1.MoveNext() at Unify.Framework.LDIFComponentFileGenerator`1.GenerateFile(TextWriter writer, IEnumerable`1 entries) at Unify.Framework.LDIFAdapter.<>c__DisplayClass7`1.<CreateLDIFComponentStream>b__6(Stream stream) at Unify.Framework.LazyEvaluationStream.Evaluate(Object obj) Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Adapter get all entities for adapter failed." /> <EventID Qualifiers="0">0</EventID> <Level>3</Level> <Task>0</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2012-10-03T01:50:00.000000000Z" /> <EventRecordID>1364406</EventRecordID> <Channel>UNIFY.IdB.PeopleSoft</Channel> <Computer>D-OCCCP-AS001.dbb.local</Computer> <Security /> </System> <EventData> <Data>Error occurred in module: Adapter Adapter get all entities for adapter 5db0f5e1-a032-450a-9415-fa4863f171da failed with reason Object reference not set to an instance of an object.. Duration: 00:00:40.8116688 Error details: System.NullReferenceException: Object reference not set to an instance of an object. at Unify.Framework.ArrayEqualityComparer`1.GetHashCode(T[] obj) at Unify.Framework.MultiKeyValue.GetHashCode() at System.Collections.Generic.GenericEqualityComparer`1.GetHashCode(T obj) at System.Linq.Set`1.InternalGetHashCode(TElement value) at System.Linq.Set`1.Find(TElement value, Boolean add) at System.Linq.Set`1.Add(TElement value) at System.Linq.Enumerable.<DistinctIterator>d__7a`1.MoveNext() at System.Linq.Enumerable.Count[TSource](IEnumerable`1 source) at Unify.Repository.EntityExpressionQueryVisitor`3.CreateMultiValueRangeExpression(IMultiKey`1 multiKey, IEnumerable`1 sourceValueList, IQueryable`1 sourceQueryable) at Unify.Repository.EntityExpressionQueryVisitor`3.VisitMethodWhereWithMultiValueEnumerableContains(MethodCallExpression expression) at Unify.Repository.EntityExpressionQueryVisitor`3.VisitMethodCall(MethodCallExpression m) at Unify.Framework.ExpressionVisitorBase`11.Visit(Expression exp) at Unify.Framework.LinqContextConversionExpressionVisitorBase`5.ConvertExpression(Expression partitionExpression) at Unify.Framework.LinqQueryConversionProvider`5.GetOrderedQuery(Expression businessExpression, IQueryable`1 sourceQueryable, TContext sourceContext) at Unify.Framework.LinqWhereQuery`5.EvaluateQuery(TContext context) at Unify.Framework.LinqWhereQuery`5.GetEnumerator() at System.Linq.Lookup`2.Create[TSource](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer) at System.Linq.Enumerable.ToLookup[TSource,TKey](IEnumerable`1 source, Func`2 keySelector) at Unify.Framework.EntityCompositeKeyDistinguishedNameStaticRelationValueAdapterBase.Transform(IEnumerable`1 sourceValue) at Unify.Framework.ChainValueAdapter`3.Transform(TBaseValue baseValue) at System.Linq.Enumerable.<>c__DisplayClass12`3.<CombineSelectors>b__11(TSource x) at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at Unify.Framework.EnumerableExtensions.<ActionOnLast>d__16`1.MoveNext() at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext() at Unify.Framework.EnumerableExtensions.<ActionOnLast>d__16`1.MoveNext() at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext() at Unify.Framework.EnumerableExtensions.<ActionOnFirst>d__1c`1.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at Unify.Framework.ActionOnExceptionEnumerator`1.MoveNext() at Unify.Framework.EnumerableExtensions.<ActionOnLast>d__16`1.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext() at System.Linq.Enumerable.<ConcatIterator>d__71`1.MoveNext() at Unify.Framework.LDIFComponentFileGenerator`1.GenerateFile(TextWriter writer, IEnumerable`1 entries) at Unify.Framework.LDIFAdapter.<>c__DisplayClass7`1.<CreateLDIFComponentStream>b__6(Stream stream) at Unify.Framework.LazyEvaluationStream.Evaluate(Object obj)</Data> </EventData> </Event>
The following is the adapter configuration which triggered the problem:
<adapter
name="Relational.Composite"
RelationshipConnectorId="{2030B82B-BCE1-40DD-A1EE-09C9F0DC66C6}" >
<Relationships>
<Relationship InputKey="SalAdminPlan" RelationshipKey="SalAdminPlan" />
<Relationship InputKey="Grade" RelationshipKey="Grade" />
</Relationships>
<dn target="Grades">
<dnComponent name="Field" key="Grade" attributeType="CN" />
<dnComponent name="Constant" value="Grades" attributeType="OU" />
<dnComponent name="Field" key="SalAdminPlan" attributeType="CN" />
<dnComponent name="Constant" value="Plans" attributeType="OU" />
</dn>
</adapter>
The generated full import of the adapter minus the above transformation would have been attached for reference had the subsequent full import attempt not failed with a timeout exceeded exteption (see comments), as I am suspecting null data values may not be being handled in the hash function call.
1000.jobs.evtx
Installed.png
PlatformDetails.txt
Unify.Framework.AdapterEntityTransformation.dll
Unify.Framework.Collections.dll
Group Membership Connector failed with reason Type System.String is not supported.
20130520,22:33:19,Get all entities from connector failed.,Connector,Warning,"Get all entities from connector Learnology Life Group Membership Connector failed with reason Type System.String is not supported. Duration: 00:00:00.1406160
Error details:
System.NotSupportedException: Type System.String is not supported
at Unify.Repository.EntityExpressionQueryVisitor`3.GetDataUtility(Type valueType)
at Unify.Repository.EntityExpressionQueryVisitor`3.CreateEntityValueValueExpression(Expression valueExpression, Expression parameterExpression)
at Unify.Repository.EntityExpressionQueryVisitor`3.VisitBinary(BinaryExpression b)
at Unify.Framework.ExpressionVisitorBase`11.Visit(Expression exp)
at Unify.Framework.LinqContextConversionExpressionVisitorBase`5.VisitLambda(LambdaExpression lambda)
at Unify.Framework.ExpressionVisitorBase`11.Visit(Expression exp)
at Unify.Framework.ExpressionExpressionVisitorBase.VisitUnary(UnaryExpression u)
at Unify.Framework.ExpressionVisitorBase`11.Visit(Expression exp)
at Unify.Framework.ExpressionExpressionVisitorBase.<VisitExpressionList>b__1(Expression originalExpression)
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Collections.Generic.List`1..ctor(IEnumerable`1 collection)
at System.Linq.Enumerable.ToListTSource(IEnumerable`1 source)
at Unify.Framework.ExpressionExpressionVisitorBase.VisitExpressionList(ReadOnlyCollection`1 original)
at Unify.Framework.LinqContextConversionExpressionVisitorBase`5.VisitMethodCall(MethodCallExpression m)
at Unify.Repository.EntityExpressionQueryVisitor`3.VisitMethodCall(MethodCallExpression m)
at Unify.Framework.ExpressionVisitorBase`11.Visit(Expression exp)
at Unify.Framework.LinqContextConversionExpressionVisitorBase`5.ConvertExpression(Expression partitionExpression)
at Unify.Framework.LinqQueryConversionProvider`5.GetOrderedQuery(Expression businessExpression, IQueryable`1 sourceQueryable, TContext sourceContext)
at Unify.Framework.LinqWhereQuery`5.EvaluateQuery(TContext context)
at Unify.Framework.LinqWhereQuery`5.GetEnumerator()
at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
at System.Linq.Enumerable.ToArrayTSource(IEnumerable`1 source)
at Unify.Connectors.RemoveMembershipsSettings.GetClearedGroupIds(IEntityPartitionUpdatableContext groupEntityRepository, ILifeSiteWCFCommunicator siteWCFCommunicator)
at Unify.Connectors.LifeGroupMembershipConnector.GetConfiguredClearedGroupIds()
at Unify.Connectors.LifeGroupMembershipConnector.<GetAllEntities>d__1.MoveNext()
at Unify.Framework.EnumerableExtensions.<ActionOnFirst>d__1c`1.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at Unify.Framework.ActionOnExceptionEnumerator`1.MoveNext()
at Unify.Framework.EnumerableExtensions.<ActionOnLast>d__16`1.MoveNext()
at Unify.Framework.EnumerableExtensions.<ProduceAutoPages>d__9`1.MoveNext()
at Unify.Framework.Visitor.ThreadsafeVisitorEvaluator`1.Visit()
at Unify.Framework.Visitor.VisitEvaluateOnThreadPoolT(IEnumerable`1 visitCollection, Action`2 visitor, Int32 maxThreads)
at Unify.Framework.RepositoryChangeDetectionWorkerBase.PerformChangeDetection(IEnumerable`1 connectorEntities)
at Unify.Framework.ChangeDetectionImportAllJob.ImportAllChangeProcess()
at Unify.Framework.ChangeDetectionImportAllJob.RunBase()
at Unify.Framework.MutexJobDecorator.Run()
at Unify.Framework.DefinedScopeJobAuditTrailJobDecorator.Run()
at Unify.Framework.AsynchronousJobExecutor.PerformJobCallback(Object state)",Normal
Extensibility.zip
Improve exception for incorrectly name field
The error message (seen at IDBMDAX40:Import fails an arguments are not valid message) is not particularly helpful in identifying the problematic field. It should include the field name, as well as suggest how to resolve the issue.
Customer support service by UserEcho
