Identity Broker Forum
Welcome to the community forum for Identity Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.
Export error Status: 400 Bad Request
I am seeing a small number (16) repeating errors in one of my MAs - with exports failing for some users with this error.
System.Exception: Status: 400 Bad Request
at Unify.IdentityBroker.xxxx.Agent.DefaultCommunicator.SendCommand(String urlPath, Method method, Object data)
at Unify.IdentityBroker.xxxx.Agent.DefaultCommunicator.Add(AgentEntity entity)
at Unify.IdentityBroker.xxxx.Connector.Connector.AddEntity(IConnectorEntity entity, ISaveEntityResults`2 results, DefaultCommunicator communicator)
Three of them are for a known data error (malformed email addresses) but I cannot find anything to tell me more about why the others are failing.
I see the same error in Eventviewer for each failed user. In IdB I see this in the log - it reports 16 entities saved then reports that 0 were successful. Any help in interpreting this log or the issue would be appreciated
| 17/Oct/2018 16:41:33 |
| Adapter | Adapter request to add entities for adapter space. Adapter request to add entities [Count:16] for adapter xxxx (920ed433-e1e9-4aa3-b682-3bfee876de9f). |
| 17/Oct/2018 16:41:33 |
| Connector | Request to add entity to connector. Request to add entities [Count:16] to connector xxxx Connector. |
| 17/Oct/2018 16:41:34 |
| Connector | Add entities to connector completed. Add entities [Count:16] to connector xxxx Connector reported 16 entities saved. Duration: 00:00:01.1431907 |
| 17/Oct/2018 16:41:34 |
| Adapter | Adapter added entities to adapter space. Adapter added [Count:16] entities (0 successful) to adapter xxxx (920ed433-e1e9-4aa3-b682-3bfee876de9f). Duration: 00:00:01.1693154 |
| 17/Oct/2018 16:41:34 |
| LDAP engine | Handling of LDAP Bulk Update request. Handling of LDAP Bulk Update request received from user xxxx on connection 127.0.0.1:56662 completed successfully without results available for logging. Duration 00:00:02.3027112. |
A while ago, the error reporting interface in the connectors was improved such that the status of individual entities can be reported back to the identity management platform.
From the log entries, can I assume you're on v5.1? This particular pattern suggests that each entity failed to save (reported back by the connector) - the problem with the logger in v5.1 was that it used the number of attempted entities as the success count (and didn't even report on the failure count). This is improved in future versions.
Look at the MIM logs to see the error details for each entity.
HPE Content Manager import all fails with Object reference not set to an instance of an object
Getting the following error when running a full import from HPE Content Manager.
Change detection engine import all items failed.
Change detection engine import all items for connector CM Persons failed with reason Object reference not set to an instance of an object.. Duration: 00:00:04.3124780
Error details:
System.NullReferenceException: Object reference not set to an instance of an object.
at Unify.Product.IdentityBroker.HPTrimV9WebCommunicator.<>c.<RestWorkaround>b__43_0(RestLocationResult result)
at System.Linq.Enumerable.WhereArrayIterator`1.MoveNext()
at Unify.Product.IdentityBroker.HPTrimV9WebCommunicator.RestWorkaround(IWebServiceCommunicatorInformation information, IEnumerable`1 fields, Boolean includeAccessControls, String searchQuery, Int32 pageSize)
at Unify.Product.IdentityBroker.HPTrimV9WebCommunicator.<InnerGetLocations>d__30.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__10`1.MoveNext()
at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
at Unify.Product.IdentityBroker.AuditReadingConnectorDecorator.GetAllEntities(IStoredValueCollection storedValues, CancellationToken cancellationToken)
at Unify.Product.IdentityBroker.EventNotifierReadingConnectorDecoratorBase`1.GetAllEntities(IStoredValueCollection storedValues, CancellationToken cancellationToken)
at Unify.Product.IdentityBroker.ChangeDetectionImportAllJob.ImportAllChangeProcess()
at Unify.Product.IdentityBroker.ChangeDetectionImportAllJob.RunBase()
at Unify.Framework.DefinedScopeJobAuditTrailJobDecorator.Run()
at Unify.Product.IdentityBroker.ConnectorJobExecutor.<>c__DisplayClass30_0.<Run>b__0()
at Unify.Framework.AsynchronousJobExecutor.PerformJobCallback(Object state)
I’ve tried clearing the connector and running the import again, but get the same thing.
Hi Carol
Here is a patch for you to try. Please install and rerun the failing operation. It should replace the patch Curtis provided last week.
Aurion Security User not set on export
Hi Guys,
We seem to have uncovered a possible bug with the Aurion connector. We have 2 issues with our solution - firstly that the OsUserId on the Aurion Security User is initally populated with an incorrect value (not an IDB issue).
However, when the solution attempts to update this value with the correct value (as set n AD), it does not appear to persist in Aurion.
The export is lined up as an update, and successfully exports from the MA through IDB without error, however the value is not actually set on the Security User object within Aurion.
A subsequent delta import results in an exported-change-not-reimported error on the MA.
The environment is using IDB v5.3.1 and communicating with Aurion v11.4.6
We will also provide the version of the Aurion connector soon
Cheers
Sean/Richard.
Method not found when trying to get Schema
Trying to request schema for an HPE Content Manager connector and I get the following error:
An error has occurred: Method not found: 'Unify.Product.IdentityBroker.IEntitySchemaConfigurationUtility Unify.Product.IdentityBroker.IMultiKeyedConnectorFactoryInformation.get_SchemaConfigurationUtility()'.
Is this because the connector doesn't support schema retrieval, or have I done something wrong?
The Agent test connection succeeds, and that's as far as I've got.
The original issue
An error has occurred: Method not found: 'Unify.Product.IdentityBroker.IEntitySchemaConfigurationUtility
Unify.Product.IdentityBroker.IMultiKeyedConnectorFactoryInformation.get_SchemaConfigurationUtility()'
is not environmental, will only depend on the version of Broker and all patches installed, and will require a patch to fix. If you didn't experience this issue in lower environments, there must be a difference in what is installed. If schema retrieval works in Dev, make sure that what is installed in Dev is also installed in higher environments. If it doesn't, please try upgrading Dev to confirm that the upgrade will resolve the issue.
Also - would this also mean I'd have to update Aurion and MIM components?
No, upgrading UNIFYBroker from v5.3.1.0 to v5.3.1.1 will not require updating other components.
Test Harness "Copy to CSV" creates file with headers but no data
When I used "Copy to CSV" from the Test Harness plugin, it creates the CSV file with headers but none of the data from the source connector.
UNIFY Identity Broker
| About: | UNIFY Identity Broker Management Studio v5.2.1 Revision #0 © 2004 - 2017 UNIFY Solutions Pty. Ltd. |
Hi Adrian,
This is working as intended. Please see Connector Test Harness for details on using the connector test harness.
The Copy to CSV operation can be used to add a CSV connector with an identical schema to an existing connector. Used in conjunction with the Add operation described below, you can also backup the existing entity context into the newly created CSV connector.
Delta Imports timeout - can it be changed?
I am seeing timeout issues while trying to perform a delta import from Identity Broker. MIM just reports stopped-extension-dll-exception with no other detail, but in event viewer I see event id 6803.
The management agent "XXXXXX" failed on run profile "DI" because the server encountered errors.
Then event ID 6801:
The extensible extension returned an unsupported error.
The stack trace is:
"Unify.Product.IdentityBroker.LdapOperationException: Error during processing of SearchRequest targetting cn=changelog: Operation timed out while waiting for message queue with id of 14. ---> System.OperationCanceledException: Operation timed out while waiting for message queue with id of 14.
at Unify.Product.IdentityBroker.LdapConnection.GetMessage(Int32 messageId)
at Unify.Product.IdentityBroker.SearchRequest.Send(Func`2 send, Func`2 recv)
at Unify.Product.IdentityBroker.LdapConnection.SendRequest(ILdapRequest request)
--- End of inner exception stack trace ---
at Unify.Product.IdentityBroker.LdapConnection.SendRequest(ILdapRequest request)
at Unify.Product.IdentityBroker.LdapConnectionProxy.<SearchRequestPaged>d__8.MoveNext()
at Unify.Product.IdentityBroker.ImportProxy.<GetChangedEntriesPaged>d__30.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at Unify.Product.IdentityBroker.ExtensionMethods.Take[TSource](IEnumerator`1 source, Int32 count, IList`1& items)
at Unify.Product.IdentityBroker.ExtensionMethods.<Page>d__3`1.MoveNext()
at Unify.Product.IdentityBroker.ImportProxy.Import(GetImportEntriesRunStep importRunStep)
Forefront Identity Manager 4.3.2266.0"
The corresponding time in IDB log has
26/Sep/2018 10:11:17
Information
LDAP engine Handling of LDAP unbind request.
Handling of LDAP unbind request received on connection 127.0.0.1:61732 to connect as user ******** completed successfully. Duration: 00:00:00.
Is there a setting somewhere that will let me increase IDB LDAP timeouts? I could not find one, but it has been a few years since I used the product.
What web services have to be set up to support provisioning/sync of users and locations to HPRM 8.3?
I am looking at https://voice.unifysolutions.net/knowledge-bases/7-unifybroker-knowledge/categories/95-unifybrokermicro-focus-content-manager/articles but it is not clear what the customer has to set up to allow me to fulfill the following requirements for provisioning and sync to HPRM 8.3:
- Add/sync location
- Assign a location to a parent location
- Add sync user
- Assign a user to a location
Hi Bob
I've updated the prerequisites page to hopefully be more clear.
Does this answer your question?
EntitySchemaValidationException: C could not be parsed into a valid DN
I've created an AD connector to manage AD groups. The groups can export fine from Broker, including members. However when attempting to import the groups again from AD, I get the following error:
Change detection engine import all items failed. Change detection engine import all items for connector AD Groups failed with reason One or more errors occurred.. Duration: 00:00:00.1718731 Error details: System.AggregateException: One or more errors occurred. ---> Unify.Product.IdentityBroker.EntitySchemaValidationException: C could not be parsed into a valid DN. ---> System.ArgumentException: String C is not of a proper distinguished name component format. Ensure characters are correctly escaped, and that the format is correct. at Unify.Framework.IO.DistinguishedNameComponent.CreateDNComponent(String dnComponentString) at Unify.Framework.IO.DistinguishedNameConversionFromString.CreateDistinguishedName() at Unify.Product.IdentityBroker.EntityDistinguishedNameTypeSchemaValidator.CreateValue(Object dataValue) --- End of inner exception stack trace --- at Unify.Product.IdentityBroker.EntityDistinguishedNameTypeSchemaValidator.CreateValue(Object dataValue) at Unify.Product.IdentityBroker.EntityMultiValueValidatorFactoryBase`3.<>c__DisplayClass1_0.<GetValidator>b__0(Object value) at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at System.Collections.Generic.List`1..ctor(IEnumerable`1 collection) at System.Linq.Enumerable.ToList[TSource](IEnumerable`1 source) at Unify.Product.IdentityBroker.EntityMultiValueObjectTypeSchemaValidator`3.CreateValue(Object dataValue) at Unify.Connectors.AD.LDAPValueTypeOperations.AddValueToEntity(IConnectorEntity connectorEntity, IEntitySchemaFieldDefinition valueType, DirectoryAttribute attribute) at Unify.Connectors.AD.ADConnector.TransformEntry(ADAgent agent, SearchResultEntry searchResultEntry, Int64& uSNChangedToken) at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__10`1.MoveNext() at System.Linq.Buffer`1..ctor(IEnumerable`1 source) at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source) at Unify.Product.IdentityBroker.AuditReadingAsyncConnectorDecorator.<>c__DisplayClass1_0.<GetAllEntitiesAsync>b__0(IEnumerable`1 entities) at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass7_0`1.<CreateAndSendLogEntryAsync>b__0(Task`1 t) at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass5_0`1.<TaskContinueWithExceptionPassthough>b__0(Task`1 t) at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke() at System.Threading.Tasks.Task.Execute() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Unify.Product.IdentityBroker.EventNotifierReadingAsyncConnectorDecoratorBase`1.<GetAllEntitiesAsync>d__1.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Unify.Product.IdentityBroker.ChangeDetectionImportAllAsyncJob.<ImportAllChangeProcess>d__6.MoveNext() --- End of inner exception stack trace --- at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions) at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken) at Unify.Product.IdentityBroker.ChangeDetectionImportAllAsyncJob.RunBase() at Unify.Framework.DefinedScopeJobAuditTrailJobDecorator.Run() at Unify.Product.IdentityBroker.ConnectorJobExecutor.<>c__DisplayClass30_0.<Run>b__0() at Unify.Framework.AsynchronousJobExecutor.PerformJobCallback(Object state) ---> (Inner Exception #0) Unify.Product.IdentityBroker.EntitySchemaValidationException: C could not be parsed into a valid DN. ---> System.ArgumentException: String C is not of a proper distinguished name component format. Ensure characters are correctly escaped, and that the format is correct. at Unify.Framework.IO.DistinguishedNameComponent.CreateDNComponent(String dnComponentString) at Unify.Framework.IO.DistinguishedNameConversionFromString.CreateDistinguishedName() at Unify.Product.IdentityBroker.EntityDistinguishedNameTypeSchemaValidator.CreateValue(Object dataValue) --- End of inner exception stack trace --- at Unify.Product.IdentityBroker.EntityDistinguishedNameTypeSchemaValidator.CreateValue(Object dataValue) at Unify.Product.IdentityBroker.EntityMultiValueValidatorFactoryBase`3.<>c__DisplayClass1_0.<GetValidator>b__0(Object value) at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at System.Collections.Generic.List`1..ctor(IEnumerable`1 collection) at System.Linq.Enumerable.ToList[TSource](IEnumerable`1 source) at Unify.Product.IdentityBroker.EntityMultiValueObjectTypeSchemaValidator`3.CreateValue(Object dataValue) at Unify.Connectors.AD.LDAPValueTypeOperations.AddValueToEntity(IConnectorEntity connectorEntity, IEntitySchemaFieldDefinition valueType, DirectoryAttribute attribute) at Unify.Connectors.AD.ADConnector.TransformEntry(ADAgent agent, SearchResultEntry searchResultEntry, Int64& uSNChangedToken) at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__10`1.MoveNext() at System.Linq.Buffer`1..ctor(IEnumerable`1 source) at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source) at Unify.Product.IdentityBroker.AuditReadingAsyncConnectorDecorator.<>c__DisplayClass1_0.<GetAllEntitiesAsync>b__0(IEnumerable`1 entities) at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass7_0`1.<CreateAndSendLogEntryAsync>b__0(Task`1 t) at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass5_0`1.<TaskContinueWithExceptionPassthough>b__0(Task`1 t) at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke() at System.Threading.Tasks.Task.Execute() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Unify.Product.IdentityBroker.EventNotifierReadingAsyncConnectorDecoratorBase`1.<GetAllEntitiesAsync>d__1.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Unify.Product.IdentityBroker.ChangeDetectionImportAllAsyncJob.<ImportAllChangeProcess>d__6.MoveNext()<---
The only multi valued field is the members field.
Difference Report on Pending Changes for Full Sync
As part of an upgrade activity on an MA, we were required to deliver a difference report on the data as it would appear pre vs post synchronisation of the upgrade MA. This was done to better understand and review what attributes would be updated when a full sync of the upgraded MA would occur in PROD.
We were able to achieve this deliverable by exporting two csv's of the data pre & post synchronisation, and doing a data comparison in a third party app. This could be simplified if Identity Broker Plus could generate a difference report for full syncs to ensure that the MA update is producing clean data.
This report could vary in detail, but as a first pass being able to see a count of the new and updated identities and attributes would be preferable.
Tracking on this ticket: Pending Export Report capability required to target directory / UNIFYBroker Forum / UNIFY Solutions
HPRM provisioning error
UNIFYBroker 5.3.1
HP Trim Connector 5.3.0.0
Currently getting the following error on user provision to HPRM:
System.ArgumentException: Could not parse uri string "genericuser" to long value for setting uri of reference field LocationUseProfileOf. at Unify.Product.IdentityBroker.RequestFactory`2.SetLocationPropertyRefValue[TRef](PropertyIds propertyId, IConnectorEntity data, Func`1 createRef, Action`1 assign) at Unify.Product.IdentityBroker.LocationRequestFactory.CreateComponent(ILocationRequestFactoryInformation info) at Unify.Product.IdentityBroker.HPTrimV8WebRequests.AddLocationRequest(IConnectorEntity data) at Unify.Product.IdentityBroker.HPTrimV8WebCommunicator.AddLocations(IEnumerable`1 data, Guid connectorId, IWebServiceCommunicatorInformation information, CancellationToken cancellationToken) at Unify.Product.IdentityBroker.HPTrimWebCommunicatorDecorator.AddLocations(IEnumerable`1 data, Guid connectorId, IWebServiceCommunicatorInformation information, CancellationToken cancellationToken) --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at Unify.Product.IdentityBroker.HPTrimWebCommunicatorDecorator.AddLocations(IEnumerable`1 data, Guid connectorId, IWebServiceCommunicatorInformation information, CancellationToken cancellationToken)
I suspect that this is due to a user with the URI of 'genericuser' not existing within HPRM.
Can you please confirm.
Customer support service by UserEcho
