Identity Broker Forum

Welcome to the community forum for Identity Broker.

Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.

0
Completed

Identity Broker for Frontier chris21 - ability to use SSL with certificate that doesn't match endpoint address

CloudBroker requires the following:

  • SSL on all communication

IDBCHRS will fail if the end-point address (a public DNS entry) is different to the certificate supplied by the IIS end-point, something that is entirely likely to happen if a customer cannot use their NAT to set up SSL and terminate at that address. For example:

IDBCHRS is set to connect to unify-demo-idbchrslite-1-chrs.cloudapp.net, however the AD certificate is issued by the domain CA which makes the certificate idbpc21-chrs.demo.unifysolutions.net.

The chris21 connector should permit the certificate to be determined by a name in the our configuration. The certificate must still be valid against the local machine certificate store.

0
Answered

Specified argument was out of the range of valid values. attributeValue

Matthew Woolnough 11 years ago in UNIFYBroker/Frontier ichris/chris21 updated by anonymous 8 years ago 12

Runnning full import. Error below thrown.

20130301,02:06:36,UNIFY Identity Broker,Adapter,Warning,"Adapter import all entities for adapter failed.
Adapter import all entities for adapter 6e91a985-feb0-4d17-9ed9-191d9cd85c86 failed with reason Specified argument was out of the range of valid values.
Parameter name: attributeValue. Duration: 00:00:18.1931715
Error details:
System.ArgumentOutOfRangeException: Specified argument was out of the range of valid values.
Parameter name: attributeValue
   at Unify.Framework.IO.DistinguishedNameComponent..ctor(DNAttributeType attributeType, String attributeValue)
   at Unify.Product.IdentityBroker.EntityFieldValueDistinguishedNameComponentGenerator`2.Transform(TEntity sourceValue)
   at Unify.Product.IdentityBroker.EntityDistinguishedNameGenerator`2.<>c__DisplayClass7.<Transform>b__6(IEntityDistinguishedNameComponentGenerator`2 factory)
   at System.Linq.Enumerable.<>c__DisplayClass12`3.<CombineSelectors>b__11(TSource x)
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
   at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
   at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
   at Unify.Product.IdentityBroker.EntityDistinguishedNameGenerator`2.GetDistinguishedName(Func`2 componentRetrieval)
   at Unify.Product.IdentityBroker.EntityDistinguishedNameGenerator`2.Transform(TEntity sourceValue)
   at Unify.Product.IdentityBroker.DistinguishedNameAttributeMapper.MapAttributeValues(IEntity leftSideEntity, IEntity rightSideEntity)
   at Unify.Product.IdentityBroker.ComposedDNAttributeMapper.MapAttributeValues(IEntity leftSideEntity, IEntity rightSideEntity)
   at Unify.Product.IdentityBroker.EntityDistinguishedNameStaticRelationValueAdapterBase.TransformEntity(IEntity baseValue, ILookup`2 lookupResults)
   at Unify.Product.IdentityBroker.EntityDistinguishedNameStaticRelationValueAdapterBase.<>c__DisplayClass7.<Transform>b__3(IEntity item)
   at System.Linq.Enumerable.WhereSelectArrayIterator`2.MoveNext()
   at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
   at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
   at Unify.Product.IdentityBroker.EntityDistinguishedNameTimeRelationalValueAdapterBase`1.Transform(IEnumerable`1 sourceValue)
   at Unify.Framework.AggregateValueAdapter`1.<Transform>b__0(T current, IValueAdapter`2 valueAdapter)
   at System.Linq.Enumerable.Aggregate[TSource,TAccumulate](IEnumerable`1 source, TAccumulate seed, Func`3 func)
   at Unify.Framework.AggregateValueAdapter`1.Transform(T baseValue)
   at System.Linq.Enumerable.<>c__DisplayClass12`3.<CombineSelectors>b__11(TSource x)
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
   at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
   at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at Unify.Framework.Collections.ActionOnExceptionEnumerator`1.MoveNext()
   at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
   at System.Linq.Enumerable.<ConcatIterator>d__71`1.MoveNext()
   at Unify.Framework.IO.LDIFComponentFileGenerator`1.GenerateFile(TextWriter writer, IEnumerable`1 entries)
   at Unify.Product.IdentityBroker.LDIFAdapterBase.<>c__DisplayClass14`1.<CreateLDIFComponentStream>b__13(Stream stream)
   at Unify.Framework.IO.LazyEvaluationStream.Evaluate(Object obj)",Normal

0
Completed

Unable to view previously installed IdB Components when logged on as a different user

Craig Gilmour 13 years ago updated by anonymous 8 years ago 6

When I attempted in install a newer version of Identity Broker for Sharepoint at DET the first step was to uninstall the previous version. Unfortunately I could not see it. I checked with Eddie and he said he had this problem as well. Apparently the Add Remove Programs in Control panel only displays the product if you logged on as the user who installed it originally. He found this with previous installs as well when Matt Clark had originally installed it.

The version that was originally installed was
UNIFY Identity Broker for Microsoft SharePoint v3.0.1 x86.msi

The new version I attempted to install was:
UNIFY Identity Broker for Microsoft SharePoint v3.0.5.2 x86.msi

I did manage to see some of the other Identity Broker components but am not familiar enough with the component list to state whether it is ONLY an issue with the Sharepoint Connector or not. Either way it is definitely an issue with Sharepoint. I have attached a screenshot of what I see with my AD Account.

I think the following is also problematic:
UNIFY Identity Broker Service v3.0.0 x86.msi

Can this please be addressed in the next build and also a check of all the components to make sure it is not a problem elsewhere.

thanks,
Craig


IdBComponentsCG.JPG
0
Fixed

CIT Identity Broker should NOT return update from NIM back to NIM as ADD

Nick Mathas 12 years ago in UNIFYBroker/Novell Identity Manager updated by anonymous 8 years ago 21

This issue relates to another situation wherby the expected response from a connected system is different for Novell Identity Manager (NIM) than for FIM.

Here is the process that currently occurs at CIT:

1. A new record for a person is created in eDirectory at CIT
2. The NIM driver for Identity Broker sends the new record to IdB
3. IdB acknowledges the new record to NIM and sends back the unique number to use to associate that record
4. On next poll of IdB by NIM, IdB sends the new record from item 1 as an ADD
5. NIM processes the record as an add
6. During the ADD processing NIM identifies that it already has a record for that person & changes the add to a modify
7. NIM processing contines to process data from the record as a modify, potentially sending updates to other connected systems

Here is the process that NIM would expect to see:

1. A new record for a person is created in eDirectory at CIT
2. The NIM driver for Identity Broker sends the new record to IdB
3. IdB acknowledges the new record to NIM and sends back the unique number to use to associate that record
4. On next poll of IdB by NIM, IdB does NOT send any information back to NIM, the new record will apear in IdB as a complete record but is not passed to NIM as an update.

I.e. Because NIM uses the acknowledgement from IdB as an indication that the record was recieved by the connected system it doesn't need the ADD to be sent back, when the ADD from IdB is seen by NIM it thinks that it is an actual add for that person... I realise that FIM does require the new record to be seen as an add, however NIM does not.

In summary here is what I would like to see: If an add / modify is sent by NIM to IdB that should NOT be presented back to NIM as an add / modify it shuld just update IdB and IdB should effectively consider that the add / modify has already been sent to NIM.


NIM 3075 patch.zip
ST-FullTransaction-2012-05-09.xml
0
Fixed

Improve error message when DN generator cannot generate DN because of an empty field

Matthew Clark 11 years ago updated by anonymous 8 years ago 2

In a solution where I was using Relational transformations to generate distinguished names for attributes within the same connector, I encountered the following error. This was because not every field I had selected in the DN configuration had a value. This error message could be improved to point the user in a better direction.

Version is v4.0.0 RTM

Adapter import all entities for adapter failed.
Adapter import all entities for adapter a5ce2427-2d82-417b-8371-7c0e6d7eb300 failed with reason Specified argument was out of the range of valid values.
Parameter name: attributeValue. Duration: 00:00:24.5312500
Error details:
System.ArgumentOutOfRangeException: Specified argument was out of the range of valid values.
Parameter name: attributeValue
at Unify.Framework.IO.DistinguishedNameComponent..ctor(DNAttributeType attributeType, String attributeValue)
at Unify.Product.IdentityBroker.EntityFieldValueDistinguishedNameComponentGenerator`2.Transform(TEntity sourceValue)
at Unify.Product.IdentityBroker.EntityDistinguishedNameGenerator`2.<>c_DisplayClass7.<Transform>b_6(IEntityDistinguishedNameComponentGenerator`2 factory)
at System.Linq.Enumerable.<>c_DisplayClass12`3.<CombineSelectors>b_11(TSource x)
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
at System.Linq.Enumerable.ToArrayTSource(IEnumerable`1 source)
at Unify.Product.IdentityBroker.EntityDistinguishedNameGenerator`2.GetDistinguishedName(Func`2 componentRetrieval)
at Unify.Product.IdentityBroker.EntityDistinguishedNameGenerator`2.Transform(TEntity sourceValue)
at Unify.Product.IdentityBroker.DistinguishedNameAttributeMapper.MapAttributeValues(IEntity leftSideEntity, IEntity rightSideEntity)
at Unify.Product.IdentityBroker.ComposedDNAttributeMapper.MapAttributeValues(IEntity leftSideEntity, IEntity rightSideEntity)
at Unify.Product.IdentityBroker.EntityDistinguishedNameStaticRelationValueAdapterBase.TransformEntity(IEntity baseValue, ILookup`2 lookupResults)
at Unify.Product.IdentityBroker.EntityDistinguishedNameStaticRelationValueAdapterBase.<>c_DisplayClass7.<Transform>b_3(IEntity item)
at System.Linq.Enumerable.WhereSelectArrayIterator`2.MoveNext()
at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
at System.Linq.Enumerable.ToArrayTSource(IEnumerable`1 source)
at Unify.Product.IdentityBroker.EntityDistinguishedNameStaticRelationValueAdapterBase.Transform(IEnumerable`1 sourceValue)
at Unify.Framework.AggregateValueAdapter`1.<Transform>b__0(T current, IValueAdapter`2 valueAdapter)
at System.Linq.Enumerable.AggregateTSource,TAccumulate(IEnumerable`1 source, TAccumulate seed, Func`3 func)
at Unify.Framework.AggregateValueAdapter`1.Transform(T baseValue)
at System.Linq.Enumerable.<>c_DisplayClass12`3.<CombineSelectors>b_11(TSource x)
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at Unify.Framework.Collections.ActionOnExceptionEnumerator`1.MoveNext()
at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at Unify.Framework.Collections.ActionOnExceptionEnumerator`1.MoveNext()
at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at System.Linq.Enumerable.<ConcatIterator>d__71`1.MoveNext()
at Unify.Framework.IO.LDIFComponentFileGenerator`1.GenerateFile(TextWriter writer, IEnumerable`1 entries)
at Unify.Product.IdentityBroker.LDIFAdapterBase.<>c_DisplayClass14`1.<CreateLDIFComponentStream>b_13(Stream stream)
at Unify.Framework.IO.LazyEvaluationStream.Evaluate(Object obj)

0
Fixed

Null reference exception when viewing individual entities in the entity search

Matthew Clark 12 years ago updated by anonymous 8 years ago 3

When attempting to view some individual entities in the entity search, I received the following error:

System.NullReferenceException: Object reference not set to an instance of an object.
at Unify.Connect.Web.EntitySerializer.<>c_DisplayClass5.<EntityDisplayValues>b_2(GroupedNameValueCollectionKey valueKey) in c:\workspaces\DEV\IdentityBroker\Source\Studio\Unify.Connect.Web\Extensions\Entity\EntitySerializer.cs:line 45
at System.Linq.Enumerable.ToDictionaryTSource,TKey,TElement(IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer)
at Unify.Connect.Web.EntitySerializer.EntityDisplayValues(IEntity entity, IDictionary`2 schemaConfiguration) in c:\workspaces\DEV\IdentityBroker\Source\Studio\Unify.Connect.Web\Extensions\Entity\EntitySerializer.cs:line 41
at ASP._Page_Views_Shared_ViewEntity_cshtml.Execute() in c:\Identity Broker Web\Identity Broker\StandaloneWeb\Views\Shared\ViewEntity.cshtml:line 17
at System.Web.WebPages.WebPageBase.ExecutePageHierarchy()
at System.Web.Mvc.WebViewPage.ExecutePageHierarchy()
at System.Web.WebPages.WebPageBase.ExecutePageHierarchy(WebPageContext pageContext, TextWriter writer, WebPageRenderingBase startPage)
at System.Web.Mvc.ViewResultBase.ExecuteResult(ControllerContext context)
at System.Web.Mvc.ControllerActionInvoker.<>c_DisplayClass1c.<InvokeActionResultWithFilters>b_19()
at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilter(IResultFilter filter, ResultExecutingContext preContext, Func`1 continuation)
at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultWithFilters(ControllerContext controllerContext, IList`1 filters, ActionResult actionResult)
at System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName)

The first 20 entities do not seem to exhibit this behaviour and they correctly display the entities. Changing the page size of the entity search does not seem to alleviate this behaviour.

The values in the entity do not appear to affect this behaviour. Example values of an entity that displays correctly:

ea5ddc66-6aaa-4ed3-ad18-04e6a6e99b73
282
NULL
NULL
The 240
NULL
NULL
NULL
NULL
NULL
NULL
287
2
CN=240
The 240
NULL
NULL
287
OU=210

Example values of an entity that does not display correctly:

f2a9c808-28a2-4f42-8a64-7feb2807c1a3
293
NULL
NULL
The 270
NULL
NULL
NULL
NULL
NULL
NULL
282
2
CN=270
The 270
NULL
NULL
282
OU=240

0
Completed

Identity Broker for chris21, how to configure the connector configuration for attribute containing binary data (photo), validator="binary"

Shane Lim 13 years ago in UNIFYBroker/Frontier ichris/chris21 updated by anonymous 8 years ago 31

Tatts Group wishes to flow binary data (photo) from chris21 into Identity Broker for chrs21 then to ILM 2007 and finally to an attribute in AD.

For Identity Broker for chris21, how to configure the connector configuration for attribute containing binary data (photo). Is there a validator="binary" for the entitySchema field?

We need to know this so that we can advice whether we can offer this as part of Tatts Group solution extension or not.

Note: Currently we do not know which form and field that will hold this binary photo data.


To add images to CHRIS21.doc
0
Fixed

ArgumentNullException

Phil Whipps 10 years ago in UNIFYBroker/Frontier ichris/chris21 updated by anonymous 8 years ago 2

The following error was displayed when creating an IDB Agent for Chris 21 without specifying a "Chris 21 Username" or "Chris 21 Password"

Error

System.ArgumentNullException: Value cannot be null.
Parameter name: value
 at System.Xml.Linq.XAttribute..ctor(XName name, Object value)
 at Unify.Product.IdentityBroker.Chris21AgentInformationAdapter.Transform(IChris21AgentInformation sourceValue)
 at Unify.Product.IdentityBroker.Chris21AgentInformationExtensions.TransformConfiguration(IChris21AgentInformation agent, ILogCommunicatorInformation logCommunicator, IHttpCommunicatorInformation httpCommunicator, Chris21AgentInformationAdapter agentInformationAdapter, LogCommunicatorInformationAdapter logCommunicatorInformationAdapter, HttpCommunicatorInformationAdapter httpCommunicatorInformationAdapter)
 at Unify.Connect.Web.Chris21AgentController.Serialize(Chris21AgentViewInformation viewInformation)
 at Unify.Connect.Web.Chris21AgentController.CreateOrEdit(Chris21AgentViewInformation viewInformation)
 at lambda_method(Closure , ControllerBase , Object[] )
 at System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary`2 parameters)
 at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary`2 parameters)
 at System.Web.Mvc.ControllerActionInvoker.<>c__DisplayClass15.<InvokeActionMethodWithFilters>b__12()
 at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethodFilter(IActionFilter filter, ActionExecutingContext preContext, Func`1 continuation)
 at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethodWithFilters(ControllerContext controllerContext, IList`1 filters, ActionDescriptor actionDescriptor, IDictionary`2 parameters)
 at System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName)

Either Chris21AgentInformationAdapter shouldn't require the username/password, or the fields should be made required.

0
Fixed

Adapter updates failing 4.1 beta

Ryan Crossingham 11 years ago updated by anonymous 8 years ago 8

When attempting to Export mail -> Email (Aurion) I receive the following error. I am not receving any further error in idB as mentioned before in IDB-1051

System.Exception: Error occurred when attempting to save entity with distinguished name

CN=500000

Error:

Specified argument was out of the range of valid values.
Parameter name: A matching entity with distinguished name CN=500000 could not be found in adapter with id 21fb5ed7-b524-4435-a22d-99fbc1f1c34f.
   at Unify.Product.IdentityBroker.LDIFAdapterBase.GetObjectClass(Guid adapterId, IAdapter adapter, DistinguishedName dn)
   at Unify.Product.IdentityBroker.LDIFAdapterBase.<>c__DisplayClassb.<ExportChanges>b__9(DistinguishedName dn)
   at Unify.Product.IdentityBroker.LDIFToAdapterEntitySaveChangeAdapter.HandleUpdate(LDIFChangeObject pendingUpdate)
   at Unify.Product.IdentityBroker.LDIFToAdapterEntitySaveChangeAdapter.<Transform>d__2.MoveNext()
   at Unify.Product.IdentityBroker.LDIFAdapterBase.ExportChanges(ExportedLDIFForAdapter exportedLdifForAdapter)
   at SyncInvokeExportChanges(Object , Object[] , Object[] )
   at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
   at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
   at Unify.Product.IdentityBroker.IdentityBrokerManagementAgentProxy.ExportEntry(ModificationType modificationType, String[] changedAttributes, CSEntry csentry)

Any help would be appreciated

Ryan


export1.png
0
Fixed

Membership List composite key transformation Argument Null Exception

Tony Sheehy 12 years ago updated by anonymous 8 years ago 3

Fails with:

Adapter import all entities for adapter failed.
Adapter import all entities for adapter 02dcad6e-a5d8-4b34-8650-1bb5e917ec2a failed with reason Value cannot be null.
Parameter name: generator. Duration: 00:00:48.6640625
Error details:
System.ArgumentNullException: Value cannot be null.
Parameter name: generator
at Unify.Product.IdentityBroker.MembershipListCompositeKeyEntityDistinguishedNameTransformationBase..ctor(IEntityPartitionUpdatableContextFactory rightSideEntityRepository, IDictionary`2 relationships, GroupedNameValueCollectionKey groupTarget, IEntityPartitionContextFactoryInformation rightSideFactoryInformation, IEntityDistinguishedNameGenerator`2 generator, Boolean distinctTargetGroup)
at Unify.Product.IdentityBroker.MembershipListCompositeKeyEntityDistinguishedNameTransformationFactory.CreateComponent(IAdapterEntityTransformationFactoryInformation factoryInformation)
at Unify.Product.IdentityBroker.EntitySequentialAdapterFactory.<>c__DisplayClass11.<CreateComponent>b__10(IAdapterEntityTransformationFactory innerFactory)
at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext()
at System.Linq.Enumerable.Aggregate[TSource,TAccumulate](IEnumerable`1 source, TAccumulate seed, Func`3 func)
at System.Linq.Enumerable.<>c__DisplayClass12`3.<CombineSelectors>b__11(TSource x)
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at Unify.Framework.Collections.ActionOnExceptionEnumerator`1.MoveNext()
at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at System.Linq.Enumerable.<ConcatIterator>d__71`1.MoveNext()
at Unify.Framework.IO.LDIFComponentFileGenerator`1.GenerateFile(TextWriter writer, IEnumerable`1 entries)
at Unify.Product.IdentityBroker.LDIFAdapterBase.<>c__DisplayClass14`1.<CreateLDIFComponentStream>b__13(Stream stream)