Identity Broker Forum
Welcome to the community forum for Identity Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.
Improve error message when DN generator cannot generate DN because of an empty field
In a solution where I was using Relational transformations to generate distinguished names for attributes within the same connector, I encountered the following error. This was because not every field I had selected in the DN configuration had a value. This error message could be improved to point the user in a better direction.
Version is v4.0.0 RTM
Adapter import all entities for adapter failed.
Adapter import all entities for adapter a5ce2427-2d82-417b-8371-7c0e6d7eb300 failed with reason Specified argument was out of the range of valid values.
Parameter name: attributeValue. Duration: 00:00:24.5312500
Error details:
System.ArgumentOutOfRangeException: Specified argument was out of the range of valid values.
Parameter name: attributeValue
at Unify.Framework.IO.DistinguishedNameComponent..ctor(DNAttributeType attributeType, String attributeValue)
at Unify.Product.IdentityBroker.EntityFieldValueDistinguishedNameComponentGenerator`2.Transform(TEntity sourceValue)
at Unify.Product.IdentityBroker.EntityDistinguishedNameGenerator`2.<>c_DisplayClass7.<Transform>b_6(IEntityDistinguishedNameComponentGenerator`2 factory)
at System.Linq.Enumerable.<>c_DisplayClass12`3.<CombineSelectors>b_11(TSource x)
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
at System.Linq.Enumerable.ToArrayTSource(IEnumerable`1 source)
at Unify.Product.IdentityBroker.EntityDistinguishedNameGenerator`2.GetDistinguishedName(Func`2 componentRetrieval)
at Unify.Product.IdentityBroker.EntityDistinguishedNameGenerator`2.Transform(TEntity sourceValue)
at Unify.Product.IdentityBroker.DistinguishedNameAttributeMapper.MapAttributeValues(IEntity leftSideEntity, IEntity rightSideEntity)
at Unify.Product.IdentityBroker.ComposedDNAttributeMapper.MapAttributeValues(IEntity leftSideEntity, IEntity rightSideEntity)
at Unify.Product.IdentityBroker.EntityDistinguishedNameStaticRelationValueAdapterBase.TransformEntity(IEntity baseValue, ILookup`2 lookupResults)
at Unify.Product.IdentityBroker.EntityDistinguishedNameStaticRelationValueAdapterBase.<>c_DisplayClass7.<Transform>b_3(IEntity item)
at System.Linq.Enumerable.WhereSelectArrayIterator`2.MoveNext()
at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
at System.Linq.Enumerable.ToArrayTSource(IEnumerable`1 source)
at Unify.Product.IdentityBroker.EntityDistinguishedNameStaticRelationValueAdapterBase.Transform(IEnumerable`1 sourceValue)
at Unify.Framework.AggregateValueAdapter`1.<Transform>b__0(T current, IValueAdapter`2 valueAdapter)
at System.Linq.Enumerable.AggregateTSource,TAccumulate(IEnumerable`1 source, TAccumulate seed, Func`3 func)
at Unify.Framework.AggregateValueAdapter`1.Transform(T baseValue)
at System.Linq.Enumerable.<>c_DisplayClass12`3.<CombineSelectors>b_11(TSource x)
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at Unify.Framework.Collections.ActionOnExceptionEnumerator`1.MoveNext()
at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at Unify.Framework.Collections.ActionOnExceptionEnumerator`1.MoveNext()
at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at System.Linq.Enumerable.<ConcatIterator>d__71`1.MoveNext()
at Unify.Framework.IO.LDIFComponentFileGenerator`1.GenerateFile(TextWriter writer, IEnumerable`1 entries)
at Unify.Product.IdentityBroker.LDIFAdapterBase.<>c_DisplayClass14`1.<CreateLDIFComponentStream>b_13(Stream stream)
at Unify.Framework.IO.LazyEvaluationStream.Evaluate(Object obj)
Null reference exception when viewing individual entities in the entity search
When attempting to view some individual entities in the entity search, I received the following error:
System.NullReferenceException: Object reference not set to an instance of an object.
at Unify.Connect.Web.EntitySerializer.<>c_DisplayClass5.<EntityDisplayValues>b_2(GroupedNameValueCollectionKey valueKey) in c:\workspaces\DEV\IdentityBroker\Source\Studio\Unify.Connect.Web\Extensions\Entity\EntitySerializer.cs:line 45
at System.Linq.Enumerable.ToDictionaryTSource,TKey,TElement(IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer)
at Unify.Connect.Web.EntitySerializer.EntityDisplayValues(IEntity entity, IDictionary`2 schemaConfiguration) in c:\workspaces\DEV\IdentityBroker\Source\Studio\Unify.Connect.Web\Extensions\Entity\EntitySerializer.cs:line 41
at ASP._Page_Views_Shared_ViewEntity_cshtml.Execute() in c:\Identity Broker Web\Identity Broker\StandaloneWeb\Views\Shared\ViewEntity.cshtml:line 17
at System.Web.WebPages.WebPageBase.ExecutePageHierarchy()
at System.Web.Mvc.WebViewPage.ExecutePageHierarchy()
at System.Web.WebPages.WebPageBase.ExecutePageHierarchy(WebPageContext pageContext, TextWriter writer, WebPageRenderingBase startPage)
at System.Web.Mvc.ViewResultBase.ExecuteResult(ControllerContext context)
at System.Web.Mvc.ControllerActionInvoker.<>c_DisplayClass1c.<InvokeActionResultWithFilters>b_19()
at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilter(IResultFilter filter, ResultExecutingContext preContext, Func`1 continuation)
at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultWithFilters(ControllerContext controllerContext, IList`1 filters, ActionResult actionResult)
at System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName)
The first 20 entities do not seem to exhibit this behaviour and they correctly display the entities. Changing the page size of the entity search does not seem to alleviate this behaviour.
The values in the entity do not appear to affect this behaviour. Example values of an entity that displays correctly:
ea5ddc66-6aaa-4ed3-ad18-04e6a6e99b73
282
NULL
NULL
The 240
NULL
NULL
NULL
NULL
NULL
NULL
287
2
CN=240
The 240
NULL
NULL
287
OU=210
Example values of an entity that does not display correctly:
f2a9c808-28a2-4f42-8a64-7feb2807c1a3
293
NULL
NULL
The 270
NULL
NULL
NULL
NULL
NULL
NULL
282
2
CN=270
The 270
NULL
NULL
282
OU=240
Identity Broker for chris21, how to configure the connector configuration for attribute containing binary data (photo), validator="binary"
Tatts Group wishes to flow binary data (photo) from chris21 into Identity Broker for chrs21 then to ILM 2007 and finally to an attribute in AD.
For Identity Broker for chris21, how to configure the connector configuration for attribute containing binary data (photo). Is there a validator="binary" for the entitySchema field?
We need to know this so that we can advice whether we can offer this as part of Tatts Group solution extension or not.
Note: Currently we do not know which form and field that will hold this binary photo data.
To add images to CHRIS21.doc
ArgumentNullException
The following error was displayed when creating an IDB Agent for Chris 21 without specifying a "Chris 21 Username" or "Chris 21 Password"
Error System.ArgumentNullException: Value cannot be null. Parameter name: value at System.Xml.Linq.XAttribute..ctor(XName name, Object value) at Unify.Product.IdentityBroker.Chris21AgentInformationAdapter.Transform(IChris21AgentInformation sourceValue) at Unify.Product.IdentityBroker.Chris21AgentInformationExtensions.TransformConfiguration(IChris21AgentInformation agent, ILogCommunicatorInformation logCommunicator, IHttpCommunicatorInformation httpCommunicator, Chris21AgentInformationAdapter agentInformationAdapter, LogCommunicatorInformationAdapter logCommunicatorInformationAdapter, HttpCommunicatorInformationAdapter httpCommunicatorInformationAdapter) at Unify.Connect.Web.Chris21AgentController.Serialize(Chris21AgentViewInformation viewInformation) at Unify.Connect.Web.Chris21AgentController.CreateOrEdit(Chris21AgentViewInformation viewInformation) at lambda_method(Closure , ControllerBase , Object[] ) at System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary`2 parameters) at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary`2 parameters) at System.Web.Mvc.ControllerActionInvoker.<>c__DisplayClass15.<InvokeActionMethodWithFilters>b__12() at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethodFilter(IActionFilter filter, ActionExecutingContext preContext, Func`1 continuation) at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethodWithFilters(ControllerContext controllerContext, IList`1 filters, ActionDescriptor actionDescriptor, IDictionary`2 parameters) at System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName)
Either Chris21AgentInformationAdapter shouldn't require the username/password, or the fields should be made required.
Adapter updates failing 4.1 beta
When attempting to Export mail -> Email (Aurion) I receive the following error. I am not receving any further error in idB as mentioned before in IDB-1051
System.Exception: Error occurred when attempting to save entity with distinguished name CN=500000 Error: Specified argument was out of the range of valid values. Parameter name: A matching entity with distinguished name CN=500000 could not be found in adapter with id 21fb5ed7-b524-4435-a22d-99fbc1f1c34f. at Unify.Product.IdentityBroker.LDIFAdapterBase.GetObjectClass(Guid adapterId, IAdapter adapter, DistinguishedName dn) at Unify.Product.IdentityBroker.LDIFAdapterBase.<>c__DisplayClassb.<ExportChanges>b__9(DistinguishedName dn) at Unify.Product.IdentityBroker.LDIFToAdapterEntitySaveChangeAdapter.HandleUpdate(LDIFChangeObject pendingUpdate) at Unify.Product.IdentityBroker.LDIFToAdapterEntitySaveChangeAdapter.<Transform>d__2.MoveNext() at Unify.Product.IdentityBroker.LDIFAdapterBase.ExportChanges(ExportedLDIFForAdapter exportedLdifForAdapter) at SyncInvokeExportChanges(Object , Object[] , Object[] ) at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs) at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc) at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet) at Unify.Product.IdentityBroker.IdentityBrokerManagementAgentProxy.ExportEntry(ModificationType modificationType, String[] changedAttributes, CSEntry csentry)
Any help would be appreciated
Ryan
export1.png
Membership List composite key transformation Argument Null Exception
Fails with:
Adapter import all entities for adapter failed. Adapter import all entities for adapter 02dcad6e-a5d8-4b34-8650-1bb5e917ec2a failed with reason Value cannot be null. Parameter name: generator. Duration: 00:00:48.6640625 Error details: System.ArgumentNullException: Value cannot be null. Parameter name: generator at Unify.Product.IdentityBroker.MembershipListCompositeKeyEntityDistinguishedNameTransformationBase..ctor(IEntityPartitionUpdatableContextFactory rightSideEntityRepository, IDictionary`2 relationships, GroupedNameValueCollectionKey groupTarget, IEntityPartitionContextFactoryInformation rightSideFactoryInformation, IEntityDistinguishedNameGenerator`2 generator, Boolean distinctTargetGroup) at Unify.Product.IdentityBroker.MembershipListCompositeKeyEntityDistinguishedNameTransformationFactory.CreateComponent(IAdapterEntityTransformationFactoryInformation factoryInformation) at Unify.Product.IdentityBroker.EntitySequentialAdapterFactory.<>c__DisplayClass11.<CreateComponent>b__10(IAdapterEntityTransformationFactory innerFactory) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.Aggregate[TSource,TAccumulate](IEnumerable`1 source, TAccumulate seed, Func`3 func) at System.Linq.Enumerable.<>c__DisplayClass12`3.<CombineSelectors>b__11(TSource x) at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext() at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext() at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at Unify.Framework.Collections.ActionOnExceptionEnumerator`1.MoveNext() at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext() at System.Linq.Enumerable.<ConcatIterator>d__71`1.MoveNext() at Unify.Framework.IO.LDIFComponentFileGenerator`1.GenerateFile(TextWriter writer, IEnumerable`1 entries) at Unify.Product.IdentityBroker.LDIFAdapterBase.<>c__DisplayClass14`1.<CreateLDIFComponentStream>b__13(Stream stream)
Statistics Summary
Currently there is no easy way to get stats on a connector or adapter. It would be good to be able to see:
- Number of current objects
- Number of changes in change register
- Number of pending exports (to connected system or FIM)
(Note the last two may be the same...) - Date / Time of last run import / export
- Number of Errors / Warnings from last import / export run
- Probably some more things but they're not coming off the top of my head.
Making this available via WMI would probably also be useful to allow management packs / websites etc to generate this as a report feature.
A hover-over would work on the display but in some cases you'd like the stats to be on the screen permanently - perhaps allow a configuration block where the admin can add required info for the connector / adapter.
Note: The changes for the adapter should include ALL underlying connector changes (I assume they do).
I'm not sure if there's some more info on EB integration but probably. Haven't used it enough to get a good feel for it.
IDB5: Adapter Schema
I have started testing IDB5. I have an issue where you cannot have the same attribute name on different adapters. While I can understand this if the schema is different, it will be necessary to be able to have the same schema name where the validators are the same.
Consider this example:
We have ACT Education with about 100 MAZE instances, all read through IDB.
Each MAZE will have 3 adapters (Students, Teachers, Classes)
Each adapter will have similar attributes.
This will mean that I have 200 different attributes for 'firstname', 200 for 'lastname', 300 for 'class code', etc.
This will make it nearly impossible to create the Management agent - we will have 100 firstname attributes importing to 1 firstname metaverse attribute for 2 different objects. Aternatively, we have 300 different object types in the management agent.
Further to this, it will make the writing of code immeasurably more difficult. I can either have several hundred copies of the advanced flow rules, or I can dodgy up some method where I construct the attribute at run time to retrieve from the CSEntry so I can read and write from it.
Is it possible to only enforce new names if the schema validator is different, or require the user to agree that the schema's are the same when creating the adapter, thus making it the operators responsibility to ensure that the schema is correct?
This was updated in v5.1 such that multiple schemas are supported (the setting that controls it is https://voice.unifysolutions.net/knowledge-bases/7/articles/2975-ldap-single-schema-mode).
Allow group transformation to group values instead of dn's
Allow group transformation to group values instead of dn's. The use-case is from MONASH-7, which required data that weren't really references to be grouped. Could just use target field type as a multi-value.
Additional use case:
- Multiple fields from the target entity are needed in their own groups. If possible make the configuration a collection of target fields paired with the right side entity field
Persistent Search
For use with FIM Event Broker, Identity Broker v5.1 should support the LDAP Server Notification OID control which allows FIM Event Broker (and other LDAP client applications) to be notified of changes on the LDAP server as they become available.
This feature will also require implementing an efficient mechanism to allow the persistent search request handler to know when changes are available.
Resources:
Customer support service by UserEcho
