QDET-97, IDBSP-29, IDBSP-36 and IDBFIM300:The distinguished name and reference value attributes of a management agent seem to change case inexplicably all detail issues that arise due to inconsistent casing in container objects retrieved from a target system, usually where the key field is a self-reference (such as Microsoft SharePoint). Microsoft FIM does not handle inconsistently cased container objects with great finesse, prompting the renaming and updating of all reference value fields and distinguished names in a connector space. Investigate if any appropriate measures can be introduced on the Identity Broker side to alleviate or address this issue.

At SSICT, a large initial export of 52000 updates to the DET table caused the EAI changes table to contain a similar amount of changes. This resulted in the Import Changes operation for the connector taking 9-10 hours to execute, and the EAI table for the DET form was not cleared. It was worked around by forcing a deletion of the CHEAI file following the initial load exercise. Investigate any improvements that can be made to this interface for environments where extremely large numbers of changes can take place.

The following was encountered when clearing the connector with 1million entities:

Change detection clear connector space failed.
Change detection clear connector space for connector Example failed with reason Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding.. Duration: 00:17:10.3089303
Error details:
System.Data.SqlClient.SqlException (0x80131904): Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding.
at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning()
at System.Data.SqlClient.TdsParserStateObject.ReadSniError(TdsParserStateObject stateObj, UInt32 error)
at System.Data.SqlClient.TdsParserStateObject.ReadSni(DbAsyncResult asyncResult, TdsParserStateObject stateObj)
at System.Data.SqlClient.TdsParserStateObject.ReadNetworkPacket()
at System.Data.SqlClient.TdsParserStateObject.ReadByte()
at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString)
at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async)
at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, DbAsyncResult result)
at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(DbAsyncResult result, String methodName, Boolean sendToPipe)
at System.Data.SqlClient.SqlCommand.ExecuteNonQuery()
at Unify.Product.IdentityBroker.Repository.EntityDataContext.DeletePartitionItems(Guid partitionID) in s:\hg\Product\IdentityBroker\Master-Changes\Source\Entity\Unify.IdentityBroker.Entity.Repository.Sql\Entity.cs:line 101
at Unify.Product.IdentityBroker.Repository.KnownEntityContextBase`4.DeletePartitionItems(Guid partitionID) in s:\hg\Product\IdentityBroker\Master-Changes\Source\Entity\Unify.IdentityBroker.Entity.Repository.Sql\KnownEntityContextBase.cs:line 121
at Unify.Product.IdentityBroker.EntityPartitionUpdatableContextAdapter.DeleteAllPartitionItems() in s:\hg\Product\IdentityBroker\Master-Changes\Source\Entity\Unify.IdentityBroker.Entity.Repository\EntityPartitionUpdatableContextAdapter.cs:line 30
at Unify.Product.IdentityBroker.ChangeDetectionClearConnectorJob.RunBase() in s:\hg\Product\IdentityBroker\Master-Changes\Source\ChangeDetection\Unify.IdentityBroker.ChangeDetection\ChangeDetectionClearConnectorConnectorJob.cs:line 100
at Unify.Framework.JobBase.Run() in S:\hg\Framework\Core\Master-Changes\Source\Scheduling\Unify.Framework.Scheduling.Job\JobBase.cs:line 15
at Unify.Framework.DefinedScopeJobAuditTrailJobDecorator.Run() in c:\workspaces\BUILDS\UFCORE-4.0-DEV\Source\Scheduling\Unify.Framework.Scheduling.Job.Auditing\DefinedScopeJobAuditTrailJobDecorator.cs:line 34
at Unify.Framework.BeforeJobDecorator.Run() in S:\hg\Framework\Core\Master-Changes\Source\Scheduling\Unify.Framework.Scheduling.Job\BeforeJobDecorator.cs:line 33
at Unify.Framework.BeforeJobDecorator.Run() in S:\hg\Framework\Core\Master-Changes\Source\Scheduling\Unify.Framework.Scheduling.Job\BeforeJobDecorator.cs:line 33
at Unify.Product.IdentityBroker.QueuedConnectorExecutionProcessorEndDecorator.Run() in s:\hg\Product\IdentityBroker\Master-Changes\Source\ChangeDetection\Unify.IdentityBroker.ChangeDetection\QueuedConnectorExecutionProcessorEndDecorator.cs:line 41

There is an arbitrary timeout on the DeletePartitionItems on Entity.cs; this needs to either be configurable or paged, preferably paged as it is more useful than just waiting a longer time.

As part of IDBCHRS-34, the change detection mechanism has been updated such that the user will not be required to select the relevant "EAI Type" field, as this is believed to be too advanced for the goals of Identity Broker v4.0 (in particular, the "Parts" type). These require the user to have full understanding of how chris21 is sending its data back to Identity Broker, down to the position in the string returned, and be able to interpret the result in full.

The mechanism has been updated such that a large majority of forms are completely covered by the changes. However, some forms return change data which cannot be directly mapped back to a chris21 request, such as the ALW form:

The key for the form is made of 5 components, but things can be of varying lengths. Compare the above key data with:

eaikeydata="101137.79372EABT00"
eaikeydata="100500008790PON_P00"

Under the old mechanism, the user would need to add a Parts type and manually enter the position of the second key in the string in order to use EAI.

Given this complexity, investigate the success of the current changes to change detection for user requirements, further investigate the wrapping of these keys, and also consider alternate change mechanisms to overcome this apparent limitation (such as seeing the impact "Changes enabled" has on file tables).

A dictionary has been added for additional handling of specific forms in the future. Specific forms should be investigated and added to the dictionary.

Here is an error I am getting when I attempt to write the fax attribute (alttele) to CHRIS21... I think this is the same error reflected twice.

Identity Broker Errors:

Timestamp Severity Source Module Message
26/07/2011 3:26:26 PM Warning Save entities to connector failed. Connector "Save entities Count:1 to connector Chris21 Person Connector failed with reason GTR result has an invalid status=""fail"" attribute.

Chris21 GTR returned no additional error messages.. Duration: 00:00:00.1552735
Error details:
System.IO.InvalidDataException: GTR result has an invalid status=""fail"" attribute.

Chris21 GTR returned no additional error messages.
at Unify.Framework.Chris21GtrWorker.CheckStatusAttribute(IChris21GtrCommandLine chris21GtrCommandLine)
at Unify.Framework.Chris21GtrWorker.CheckUpdateResult(IChris21GtrRecord updateResultRecord)
at Unify.Communicators.Chris21GtrCommunicatorBase.Update(IChris21GtrEntity entity)
at Unify.Connectors.Chris21GtrConnectorBase`1.SaveEntity(IConnectorEntity entity)
at Unify.Connectors.Chris21GtrConnectorBase`1.SaveEntities(IEnumerable`1 entities)
at Unify.Framework.ConnectorToWritingConnectorBridge.SaveEntities(IEnumerable`1 entities)
at Unify.Framework.EventNotifierWritingConnectorDecorator.SaveEntities(IEnumerable`1 entities)
at Unify.Framework.Adapter.SaveEntities(IEnumerable`1 entities, Boolean reflect)
at Unify.Framework.Adapter.SaveEntity(IAdapterEntity entity, Boolean reflect)
at Unify.Framework.AdapterNotifierDecorator.SaveEntity(IAdapterEntity entity, Boolean reflect)
at Unify.Adapters.NovellIdentityManagerIdentityBrokerDriverAdapter.PerformSubscribeModifyAction(XElement actionNode, IAdapter adapter)"

Timestamp Severity Source Module Message
26/07/2011 3:26:26 PM Warning Adapter request to save entity to adapter space failed. Adapter "Adapter request to save entity bb2a8727-836e-4c78-a7e0-8871b03367a9 to adapter space 53e85508-7648-409c-bd3a-0737028eba29 failed with reason GTR result has an invalid status=""fail"" attribute.

Chris21 GTR returned no additional error messages.. Duration: 00:00:00.3388672
Error details:
System.IO.InvalidDataException: GTR result has an invalid status=""fail"" attribute.

Chris21 GTR returned no additional error messages.
at Unify.Framework.Chris21GtrWorker.CheckStatusAttribute(IChris21GtrCommandLine chris21GtrCommandLine)
at Unify.Framework.Chris21GtrWorker.CheckUpdateResult(IChris21GtrRecord updateResultRecord)
at Unify.Communicators.Chris21GtrCommunicatorBase.Update(IChris21GtrEntity entity)
at Unify.Connectors.Chris21GtrConnectorBase`1.SaveEntity(IConnectorEntity entity)
at Unify.Connectors.Chris21GtrConnectorBase`1.SaveEntities(IEnumerable`1 entities)
at Unify.Framework.ConnectorToWritingConnectorBridge.SaveEntities(IEnumerable`1 entities)
at Unify.Framework.EventNotifierWritingConnectorDecorator.SaveEntities(IEnumerable`1 entities)
at Unify.Framework.Adapter.SaveEntities(IEnumerable`1 entities, Boolean reflect)
at Unify.Framework.Adapter.SaveEntity(IAdapterEntity entity, Boolean reflect)
at Unify.Framework.AdapterNotifierDecorator.SaveEntity(IAdapterEntity entity, Boolean reflect)
at Unify.Adapters.NovellIdentityManagerIdentityBrokerDriverAdapter.PerformSubscribeModifyAction(XElement actionNode, IAdapter adapter)"

It's possible to give installed applications a Help and Support link, visible in the Programs and Features section. If this isn't too hard it might be worthwhile.

Start at http://msdn.microsoft.com/en-us/library/aa368032.aspx and http://blogs.technet.com/b/alexshev/archive/2008/02/09/from-msi-to-wix-part-2.aspx. Looks like the following might work:

<Property Id="ARPHELPLINK" Value="somelink.com" />

IdB 4.1.4.2
SAP 4.1.3.1

Please look at screenshot as editing / viewing via GUI of sapPerson is not working. Currently using XML.

Add new table to be managed by Expert connector - CXA_DIR_ENTRY:

DIRCTY_UNO - Primary key, to be generated using stored procedure.
NAME_UNO - Foreign key, known.
DIR_TYPE_UNO - Not sure, was set to "20" in shown data, need to confirm.
INACTIVE - Defaults to "N"
DIRECTORY_LISTING - login@freehills.com, use simple attribute flow and a rules extension.
LISTING_DESC - Defaults to null.
DISPLAY_AS - Defaults to null.
COUNTRY_CODE - Defaults to null.
SCREEN_TIP - Defaults to null.
LAST_MODIFIED_BY - Defaults to zero (use simple flow with rules extension).
CREATED - Use GetDatabaseDateTime function in connector code to get database time.
CREATED_BY - Defaults to zero (use simple flow with rules extension).
LAST_MODIFIED - Don't include in database schema, should have a trigger.

Unable to edit the Date Relational Relevant transformation if the DN generator is used. This is because the EntityDistinguishedNameDateRelationalRelevantValueAdapterFactory class does not implement the IAdapterEntityDNTransformationFactory interface.

I would like to use Identity Broker Group membership relational tranformation to construct the group membership.
What I would like to know is can we use string based multi-value attribute (value separated by comma) for the InputKey(info) and RelationKey (groupmember) to determine the matching such that one Group can have multiple criteria for determining which users can be it member.

Sample IdB Adapter configuration

				<!-- generating the multi-value Members attribute -->
				<adapter name="Relation.Group" 
					 InputKey="info"
					 RelationshipConnectorId="{cf81fc63-2206-413a-a102-804d399526de}"
					 RelationKey="groupmember"
					 RelationReference="employeeId"
					 GroupTarget="Members" >
					<dn>
						<dnComponent name="Field" key="employeeId" attributeType="UID" />
					</dn>
				</adapter>	

Example - The Security Group's info attribute in AD and Metaverse is a multi-value attribute. The user's groupmember attribute is a multi-value attribute (could be a string base comma separated values).

• A Security Group (A) info attribute has these values: "Sales" and "Marketing".
• Another Security Group (B) info attribute has these values: "General".
• A user's (C) groupmember attribute has these values: "General" and "Sales".
• Another user's (D) groupmember attribute has these values: "General" and "Marketing".
• We want to user (C) and (D) to be a member of Security Group (A) and Security Group (B) based on the above information.

Can this be achieved?