In order to support the unit testing requirements for transitioning PS solutions on Broker+ to the UNIFYConnect hosted platform, a test harness is required for all PowerShell transformations.

It is becoming an impediment to future UNIFY* opportunities, particularly in the hosted solution space, that UNIFYBroker runs only on the Windows Server O/S.  If porting it to run natively on Azure would significantly reduce the current hosting impediments, while at the same time retain the natural partitioning between sites that comes from hosting the service within a VM, this would be of significant benefit to all parties from Sales to Implementation.  It would also make the idea of having Broker 3rd-party configurable more of a possibility.

I have added a new string field to the Aurion Person connector "ExtraField1". We already had "ExtraField2" (which was working).

The config already had a mapping:

<attribute name="Extra_Field_2" target="ExtraField2">

I have added underneath that:

<attribute name="Extra_Field_1" target="ExtraField1">

When I try to run the Import All now it runs for quite a while (this report takes a long time to generate), then fails with the error:

Attempting to retrieve the CollectionKeyId for caption ExtraField2 failed. No collection key found for that caption.

What has gone wrong?

I will send full error and config files by email once someone picks this up.

Tested Against: Identity Broker v5.3

Currently if you have no adapters enabled in IDB, and you attempt to create an MA in MIM using the MIM Adapter ECMA2, you get the following error:

The extensible extension returned an unsupported error.
  
The stack trace is:
 "System.InvalidOperationException: Sequence contains no elements
   at System.Linq.Enumerable.Aggregate[TSource](IEnumerable`1 source, Func`3 func)
   at Unify.Product.IdentityBroker.LdapConnectionProxy.get_Schema()
   at Unify.Product.IdentityBroker.UnifyLdapConnectorTypeProxy.GetSchema(KeyedCollection`2 configParameters)
Forefront Identity Manager 4.4.1302.0"

It would be good if the error could either be reported in a more logical way (IE inform that there's no adapters enabled, and therefore no OU's to load), or simply allow the creation process to continue and the user will realise there's no adapters enabled in a subsequent step.

The error also occurs if you have adapters which are enabled with valid schema, but inhibited due to a condition with the base connector. 

In doing development I found myself continually jumping between IDB Connector and Adapter pages to look at high level statistics such as polling object counts and pending changes on a few adapters - this can result in having half a dozen tabs open for this purpose.

As an enhancement it would be nice if the IDB Dashboard displayed some more high level statistics such as last run time/status, object counts and pending changes (for adapters) to get a more complete view of the system state.

IdB 5, Powershell connector, target system is RedHat LDAP.

There are three objects which exist as entities in the IdB connector and adapter but do not exist in LDAP. FIM is trying to update them and we're getting "Object does not exist" errors back from LDAP.

Connector Full Imports have been run. I turned on the verbose logging I'd added to the script which lists the DN of every object found by the Import script and these objects are not listed. I can't see any errors in the IdB log and the Full Import appears to have completed successfully.

So the question is, if they were not imported in a connector full import, shouldn't the entities have been removed from IdB?

Add support for integration external Workflow/Ticketing systems

Hi Gents,

Raising this in regards to an issue experienced recently at DCCEEW.

An adapter that is primarily used to provision out to a target system was modified with a join transform to include an additional attribute from another connector. This attribute happened to be the key field for the connector it was sourced from and naturally configured as a required field in the connector schema. After the join transform was applied the attribute was added to the adapter schema, but in addition the required field status was also reflected on the adapter.

As this was a mapped field, and not included in the attributes being exported through the adapter, this caused exports to fail with a schema validation error. 

Attributes mapped via a join transform should not be set as required on the adapter schema.

We are unable to search the locker using the "Is-Null" Search term. This issue occurs across all environments that I have checked so far.
This search terms works well in Connectors and Adaptors and would be extremely useful for lockers as well.
Any attempt to use the Is-Null Search term in a locker returns the following error:

System.AggregateException: One or more errors occurred. ---> Unify.Framework.Client.SwaggerException: The HTTP status code of the response was not expected (500).
at Unify.Connect.Web.Client.LockerEntityClient.<SearchEntitiesAsync>d__11.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Unify.Connect.Web.Client.ProfiledLockerEntityClient.<SearchEntitiesAsync>d__4.MoveNext()
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
at Unify.Connect.Web.LockerController.InnerRetrievalToResults[TResult](EntityRetrievalInformation`1 retrievalInformation, Func`3 getResults)
at Unify.Connect.Web.LockerController.LockerEntities(EntityRetrievalInformation`1 information)
at Unify.Connect.Web.LockerController.<LockerEntityData>d__65.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at lambda_method(Closure , Task )
at System.Web.Mvc.Async.TaskAsyncActionDescriptor.EndExecute(IAsyncResult asyncResult)
at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass34.<BeginInvokeAsynchronousActionMethod>b__33(IAsyncResult asyncResult)
at System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethod(IAsyncResult asyncResult)
at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<InvokeActionMethodFilterAsynchronouslyRecursive>b__3c()
at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<>c__DisplayClass45.<InvokeActionMethodFilterAsynchronouslyRecursive>b__3e()
at System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethodWithFilters(IAsyncResult asyncResult)
at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass1e.<>c__DisplayClass28.<BeginInvokeAction>b__19()
at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass1e.<BeginInvokeAction>b__1b(IAsyncResult asyncResult)
---> (Inner Exception #0) HTTP Response: {"Message":"An error has occurred.","ExceptionMessage":"Illegal operator '==' at 'Unify.Product.IdentityBroker.FilterInformation'. The supported operators are: 'true, false'.","ExceptionType":"System.NotSupportedException","StackTrace":" at Unify.Connect.Web.IdentifierEntitySearchUtilityBase`2.GenerateSearchFunction(FilterInformation searchInformation, Lazy`1 schema)\r\n at Unify.Product.IdentityBroker.DefaultEntityControllerFilterCondition`1.Apply(FilterInformation information, IEnumerable`1 entities)\r\n at Unify.Product.IdentityBroker.EntityControllerSearchFilter`2.ApplyFilter(IEnumerable`1 entities, FilterInformation filterInformation, Guid partitionId)\r\n at Unify.Product.IdentityBroker.EntityControllerSearchFilter`2.<>c__DisplayClass7_0.<ApplyFilter>b__0(IEnumerable`1 filtered, FilterInformation filter)\r\n at System.Linq.Enumerable.Aggregate[TSource,TAccumulate](IEnumerable`1 source, TAccumulate seed, Func`3 func)\r\n at Unify.Product.IdentityBroker.EntityControllerSearchFilter`2.ApplySearch(SearchInformation searchInformation, IEnumerable`1 entities, Guid partitionId)\r\n at Unify.Product.Plus.LockerEntityController.SearchEntities(Guid partitionId, SearchInformation searchInformation)\r\n at lambda_method(Closure , Object , Object[] )\r\n at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ActionExecutor.<>c__DisplayClass10.<GetExecutor>b__9(Object instance, Object[] methodParameters)\r\n at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ExecuteAsync(HttpControllerContext controllerContext, IDictionary`2 arguments, CancellationToken cancellationToken)\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.Controllers.ApiControllerActionInvoker.<InvokeActionAsyncCore>d__0.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.Controllers.ActionFilterResult.<ExecuteAsync>d__2.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.Filters.AuthorizationFilterAttribute.<ExecuteAuthorizationFilterAsyncCore>d__2.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()\r\n at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n at System.Web.Http.Dispatcher.HttpControllerDispatcher.<SendAsync>d__1.MoveNext()"} Unify.Framework.Client.SwaggerException: The HTTP status code of the response was not expected (500).
at Unify.Connect.Web.Client.LockerEntityClient.<SearchEntitiesAsync>d__11.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Unify.Connect.Web.Client.ProfiledLockerEntityClient.<SearchEntitiesAsync>d__4.MoveNext()<---

Hi Team,

I have been noticing building active connections within UNIFYBroker (v5.3.2) for quite some time. This list continues to build endlessly, sometimes looking back and seeing > 20 active connections in an environment where all operations run sequentially. All LDAP connections are happening from MIM Sync.

I suspect there are 2 issue here, one that is generating the error in the first place, and the second where the connection is remaining open after a failure.

As you can see in the screen shot there is an active connection remaining open at 2:06 PM. This connection is then immediate follow by errors within the UNIFYBroker logs:

" A client has connected to the LDAP endpoint from address: 192.168.60.200:62993."

"An error occurred for gateway LDAP Gateway (1364c700-99c8-40aa-801d-0153427e62a9) on client from 192.168.60.200:62993. More details:
Unify.Product.IdentityBroker.PoorlyConstructedLDAPMessageException: The LDAP server for gateway LDAP Gateway (1364c700-99c8-40aa-801d-0153427e62a9) received a poorly constructed LDAP message and failed with the error: The LDAP message tag is unparsable.
at Unify.Product.IdentityBroker.LDAPConnection.ReadMessage()
at Unify.Product.IdentityBroker.LDAPConnection.TryReadMessage(RfcLdapMessage& message, RfcLdapResult& error)"

" Handling of LDAP extended request.
Handling of LDAP extended request from user Anonymous on connection 192.168.60.200:62993 failed with error "Authentication failed because the remote party has closed the transport stream.". Duration: 00:00:00.1018681."

"An error occurred for gateway LDAP Gateway (1364c700-99c8-40aa-801d-0153427e62a9) on client from 192.168.60.200:62993. More details:
Internal Server Error #11: System.Security.Authentication.AuthenticationException: Authentication failed because the remote party has closed the transport stream.
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest, Boolean renegotiation)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at Unify.Product.IdentityBroker.LDAPConnectionSecurityExtensions.TLSHandshake(ILDAPConnection connection, IRfcLdapMessage message, ISecurityEngine securityEngine)
at Unify.Product.IdentityBroker.StartTLSRequestHandlerSecurityDecorator.HandleRequest(IRfcLdapMessage message, CancellationToken token, Action`1 postAction)
at Unify.Product.IdentityBroker.LDAPRequestHandlerSecurityDecorator.HandleRequest(IRfcLdapMessage message, CancellationToken token, Action`1 postAction)
at Unify.Product.IdentityBroker.LDAPConnection.d__35.MoveNext()"