Identity Broker Forum

Welcome to the community forum for Identity Broker.

Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.

0
Fixed

Delta Imports timeout - can it be changed?

Boyd Bostock 6 years ago updated by Beau Harrison (Senior Product Software Engineer) 6 years ago 35

I am seeing timeout issues while trying to perform a delta import from Identity Broker.  MIM just reports stopped-extension-dll-exception with no other detail, but in event viewer I see event id 6803.

The management agent "XXXXXX" failed on run profile "DI" because the server encountered errors.

Then event ID 6801:

The extensible extension returned an unsupported error.
 The stack trace is:
 
 "Unify.Product.IdentityBroker.LdapOperationException: Error during processing of SearchRequest targetting cn=changelog: Operation timed out while waiting for message queue with id of 14. ---> System.OperationCanceledException: Operation timed out while waiting for message queue with id of 14.
   at Unify.Product.IdentityBroker.LdapConnection.GetMessage(Int32 messageId)
   at Unify.Product.IdentityBroker.SearchRequest.Send(Func`2 send, Func`2 recv)
   at Unify.Product.IdentityBroker.LdapConnection.SendRequest(ILdapRequest request)
   --- End of inner exception stack trace ---
   at Unify.Product.IdentityBroker.LdapConnection.SendRequest(ILdapRequest request)
   at Unify.Product.IdentityBroker.LdapConnectionProxy.<SearchRequestPaged>d__8.MoveNext()
   at Unify.Product.IdentityBroker.ImportProxy.<GetChangedEntriesPaged>d__30.MoveNext()
   at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
   at Unify.Product.IdentityBroker.ExtensionMethods.Take[TSource](IEnumerator`1 source, Int32 count, IList`1& items)
   at Unify.Product.IdentityBroker.ExtensionMethods.<Page>d__3`1.MoveNext()
   at Unify.Product.IdentityBroker.ImportProxy.Import(GetImportEntriesRunStep importRunStep)
Forefront Identity Manager 4.3.2266.0"

The corresponding time in IDB log has

26/Sep/2018 10:11:17 
Information
LDAP engine Handling of LDAP unbind request.
Handling of LDAP unbind request received on connection 127.0.0.1:61732 to connect as user ******** completed successfully. Duration: 00:00:00.

Is there a setting somewhere that will let me increase IDB LDAP timeouts?  I could not find one, but it has been a few years since I used the product.

0
Answered

What web services have to be set up to support provisioning/sync of users and locations to HPRM 8.3?

Bob Bradley 6 years ago in UNIFYBroker/Micro Focus Content Manager updated by Adam van Vliet 6 years ago 4

I am looking at https://voice.unifysolutions.net/knowledge-bases/7-unifybroker-knowledge/categories/95-unifybrokermicro-focus-content-manager/articles but it is not clear what the customer has to set up to allow me to fulfill the following requirements for provisioning and sync to HPRM 8.3:

  • Add/sync location
  • Assign a location to a parent location
  • Add sync user
  • Assign a user to a location
Answer
Adam van Vliet 6 years ago

Hi Bob

I've updated the prerequisites page to hopefully be more clear. 

https://voice.unifysolutions.net/knowledge-bases/7/articles/3099-unifybrokermicro-focus-content-manager-prerequisites

Does this answer your question?

0
Under review

EntitySchemaValidationException: C could not be parsed into a valid DN

I've created an AD connector to manage AD groups. The groups can export fine from Broker, including members. However when attempting to import the groups again from AD, I get the following error:


Change detection engine import all items failed.
Change detection engine import all items for connector AD Groups failed with reason One or more errors occurred.. Duration: 00:00:00.1718731
Error details:
System.AggregateException: One or more errors occurred. ---> Unify.Product.IdentityBroker.EntitySchemaValidationException: C could not be parsed into a valid DN. ---> System.ArgumentException: String C is not of a proper distinguished name component format. Ensure characters are correctly escaped, and that the format is correct.
 at Unify.Framework.IO.DistinguishedNameComponent.CreateDNComponent(String dnComponentString)
 at Unify.Framework.IO.DistinguishedNameConversionFromString.CreateDistinguishedName()
 at Unify.Product.IdentityBroker.EntityDistinguishedNameTypeSchemaValidator.CreateValue(Object dataValue)
 --- End of inner exception stack trace ---
 at Unify.Product.IdentityBroker.EntityDistinguishedNameTypeSchemaValidator.CreateValue(Object dataValue)
 at Unify.Product.IdentityBroker.EntityMultiValueValidatorFactoryBase`3.<>c__DisplayClass1_0.<GetValidator>b__0(Object value)
 at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
 at System.Collections.Generic.List`1..ctor(IEnumerable`1 collection)
 at System.Linq.Enumerable.ToList[TSource](IEnumerable`1 source)
 at Unify.Product.IdentityBroker.EntityMultiValueObjectTypeSchemaValidator`3.CreateValue(Object dataValue)
 at Unify.Connectors.AD.LDAPValueTypeOperations.AddValueToEntity(IConnectorEntity connectorEntity, IEntitySchemaFieldDefinition valueType, DirectoryAttribute attribute)
 at Unify.Connectors.AD.ADConnector.TransformEntry(ADAgent agent, SearchResultEntry searchResultEntry, Int64& uSNChangedToken)
 at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
 at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__10`1.MoveNext()
 at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
 at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
 at Unify.Product.IdentityBroker.AuditReadingAsyncConnectorDecorator.<>c__DisplayClass1_0.<GetAllEntitiesAsync>b__0(IEnumerable`1 entities)
 at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass7_0`1.<CreateAndSendLogEntryAsync>b__0(Task`1 t)
 at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass5_0`1.<TaskContinueWithExceptionPassthough>b__0(Task`1 t)
 at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke()
 at System.Threading.Tasks.Task.Execute()
--- End of stack trace from previous location where exception was thrown ---
 at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
 at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
 at Unify.Product.IdentityBroker.EventNotifierReadingAsyncConnectorDecoratorBase`1.<GetAllEntitiesAsync>d__1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
 at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
 at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
 at Unify.Product.IdentityBroker.ChangeDetectionImportAllAsyncJob.<ImportAllChangeProcess>d__6.MoveNext()
 --- End of inner exception stack trace ---
 at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
 at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
 at Unify.Product.IdentityBroker.ChangeDetectionImportAllAsyncJob.RunBase()
 at Unify.Framework.DefinedScopeJobAuditTrailJobDecorator.Run()
 at Unify.Product.IdentityBroker.ConnectorJobExecutor.<>c__DisplayClass30_0.<Run>b__0()
 at Unify.Framework.AsynchronousJobExecutor.PerformJobCallback(Object state)
---> (Inner Exception #0) Unify.Product.IdentityBroker.EntitySchemaValidationException: C could not be parsed into a valid DN. ---> System.ArgumentException: String C is not of a proper distinguished name component format. Ensure characters are correctly escaped, and that the format is correct.
 at Unify.Framework.IO.DistinguishedNameComponent.CreateDNComponent(String dnComponentString)
 at Unify.Framework.IO.DistinguishedNameConversionFromString.CreateDistinguishedName()
 at Unify.Product.IdentityBroker.EntityDistinguishedNameTypeSchemaValidator.CreateValue(Object dataValue)
 --- End of inner exception stack trace ---
 at Unify.Product.IdentityBroker.EntityDistinguishedNameTypeSchemaValidator.CreateValue(Object dataValue)
 at Unify.Product.IdentityBroker.EntityMultiValueValidatorFactoryBase`3.<>c__DisplayClass1_0.<GetValidator>b__0(Object value)
 at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
 at System.Collections.Generic.List`1..ctor(IEnumerable`1 collection)
 at System.Linq.Enumerable.ToList[TSource](IEnumerable`1 source)
 at Unify.Product.IdentityBroker.EntityMultiValueObjectTypeSchemaValidator`3.CreateValue(Object dataValue)
 at Unify.Connectors.AD.LDAPValueTypeOperations.AddValueToEntity(IConnectorEntity connectorEntity, IEntitySchemaFieldDefinition valueType, DirectoryAttribute attribute)
 at Unify.Connectors.AD.ADConnector.TransformEntry(ADAgent agent, SearchResultEntry searchResultEntry, Int64& uSNChangedToken)
 at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
 at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__10`1.MoveNext()
 at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
 at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
 at Unify.Product.IdentityBroker.AuditReadingAsyncConnectorDecorator.<>c__DisplayClass1_0.<GetAllEntitiesAsync>b__0(IEnumerable`1 entities)
 at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass7_0`1.<CreateAndSendLogEntryAsync>b__0(Task`1 t)
 at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass5_0`1.<TaskContinueWithExceptionPassthough>b__0(Task`1 t)
 at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke()
 at System.Threading.Tasks.Task.Execute()
--- End of stack trace from previous location where exception was thrown ---
 at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
 at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
 at Unify.Product.IdentityBroker.EventNotifierReadingAsyncConnectorDecoratorBase`1.<GetAllEntitiesAsync>d__1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
 at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
 at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
 at Unify.Product.IdentityBroker.ChangeDetectionImportAllAsyncJob.<ImportAllChangeProcess>d__6.MoveNext()<---

The only multi valued field is the members field. 


0
Under review

Difference Report on Pending Changes for Full Sync

Oscar Ferne 6 years ago in UNIFYBroker/Plus updated by Matthew Davis (Technical Product Manager) 3 weeks ago 2

As part of an upgrade activity on an MA, we were required to deliver a difference report on the data as it would appear pre vs post synchronisation of the upgrade MA. This was done to better understand and review what attributes would be updated when a full sync of the upgraded MA would occur in PROD.

We were able to achieve this deliverable by exporting two csv's of the data pre & post synchronisation, and doing a data comparison in a third party app. This could be simplified if Identity Broker Plus could generate a difference report for full syncs to ensure that the MA update is producing clean data.

This report could vary in detail, but as a first pass being able to see a count of the new and updated identities and attributes would be preferable.

0
Answered

HPRM provisioning error

UNIFYBroker 5.3.1

HP Trim Connector 5.3.0.0

Currently getting the following error on user provision to HPRM:


System.ArgumentException: Could not parse uri string
"genericuser" to long value for setting uri of reference field
LocationUseProfileOf.
   at
Unify.Product.IdentityBroker.RequestFactory`2.SetLocationPropertyRefValue[TRef](PropertyIds
propertyId, IConnectorEntity data, Func`1 createRef, Action`1 assign)
   at
Unify.Product.IdentityBroker.LocationRequestFactory.CreateComponent(ILocationRequestFactoryInformation
info)
   at
Unify.Product.IdentityBroker.HPTrimV8WebRequests.AddLocationRequest(IConnectorEntity
data)
   at
Unify.Product.IdentityBroker.HPTrimV8WebCommunicator.AddLocations(IEnumerable`1
data, Guid connectorId, IWebServiceCommunicatorInformation information,
CancellationToken cancellationToken)
   at
Unify.Product.IdentityBroker.HPTrimWebCommunicatorDecorator.AddLocations(IEnumerable`1
data, Guid connectorId, IWebServiceCommunicatorInformation information,
CancellationToken cancellationToken)
--- End of stack trace from previous location where
exception was thrown ---
   at
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at
Unify.Product.IdentityBroker.HPTrimWebCommunicatorDecorator.AddLocations(IEnumerable`1
data, Guid connectorId, IWebServiceCommunicatorInformation information,
CancellationToken cancellationToken)

I suspect that this is due to a user with the URI of 'genericuser' not existing within HPRM. 

Can you please confirm.

0
Answered

All objects reported as changed on import

Boyd Bostock 6 years ago in PowerShell connector updated by Matthew Davis (Technical Product Manager) 6 years ago 9

When a Full Import on a Connecter is performed all entities are reported as having changed data every time the import is run. This is causing issues as processing time is longer than necessary and Adapter processing can queue up during peak times.

The Connector in question has a large number of attributes including several multivalued fields. All multivalued fields are sorted and uniqueness is enforced so I do not believe any attributes are changing.

I have cleared the Adapter and Connector and it still occurs, the same Connector and Adapter is run on another server and does not experience the same issue.

Is there a way to determine which attribute is being reported as changed?

0
Declined

Baseline sync error: Execution Timeout Expired

Huu Tran 6 years ago in UNIFYBroker/Plus updated by Matthew Davis (Technical Product Manager) 6 years ago 6

Keep getting the below error for link's baseline outgoing sync to AD. I have tried to restart IdB service but no improvement. I don't have DB Admin right as it is PROD env and Shared SQL cluster. Just wonder what can I do to troubleshoot it?

Synchronization job failed syncing 40800 changes on the 'AD Link' link from the locker to adapter with the reason Execution Timeout Expired.  The timeout period elapsed prior to completion of the operation or the server is not responding.. Job ID: e6165705-b8bf-4e86-953e-c1394ae692c8 Duration: 00:16:54.3542205
Error details:
System.Data.SqlClient.SqlException (0x80131904): Execution Timeout Expired.  The timeout period elapsed prior to completion of the operation or the server is not responding. ---> System.ComponentModel.Win32Exception (0x80004005): The wait operation timed out
   at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
   at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
   at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
   at System.Data.SqlClient.SqlDataReader.TrySetMetaData(_SqlMetaDataSet metaData, Boolean moreInfo)
   at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
   at System.Data.SqlClient.SqlDataReader.TryConsumeMetaData()
   at System.Data.SqlClient.SqlDataReader.get_MetaData()
   at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString, Boolean isInternal, Boolean forDescribeParameterEncryption)
   at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async, Int32 timeout, Task& task, Boolean asyncWrite, Boolean inRetry, SqlDataReader ds, Boolean describeParameterEncryptionRequest)
   at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, TaskCompletionSource`1 completion, Int32 timeout, Task& task, Boolean& usedCache, Boolean asyncWrite, Boolean inRetry)
   at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method)
   at System.Data.SqlClient.SqlCommand.ExecuteReader(CommandBehavior behavior, String method)
   at System.Data.Linq.SqlClient.SqlProvider.Execute(Expression query, QueryInfo queryInfo, IObjectReaderFactory factory, Object[] parentArgs, Object[] userArgs, ICompiledSubQuery[] subQueries, Object lastResult)
   at System.Data.Linq.SqlClient.SqlProvider.ExecuteAll(Expression query, QueryInfo[] queryInfos, IObjectReaderFactory factory, Object[] userArguments, ICompiledSubQuery[] subQueries)
   at System.Data.Linq.SqlClient.SqlProvider.System.Data.Linq.Provider.IProvider.Execute(Expression query)
   at System.Data.Linq.DataQuery`1.System.Collections.Generic.IEnumerable<T>.GetEnumerator()
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
   at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
   at Unify.Framework.Data.LinqWhereQuery`5.GetEnumerator()
   at Unify.Framework.QueryableExtensions.<AutoStream>d__2`1.MoveNext()
   at System.Linq.Lookup`2.Create[TSource](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer)
   at System.Linq.Enumerable.ToLookup[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector)
   at Unify.Framework.QueryableExtensions.StreamToLookup[TKey,TElement](IOrderedQueryable`1 collection, Func`2 keySelector, Int32 pageSize)
   at Unify.Product.Plus.JoinExecutor`2.Execute(IEnumerable`1 sourceEntities, IQueryable`1 targetEntities)
   at Unify.Product.Plus.LinkSynchronizer`2.JoinAndMap(IEnumerable`1 filterResult, IDictionary`2 changesDict)
   at Unify.Product.Plus.Link.SynchronizeLockerChanges(IEnumerable`1 changes)
   at Unify.Framework.Notification.NotifierDecoratorBase.Notify[TResult](ITaskNotificationFactory notificationFactory, Func`1 function)
   at Unify.Product.Plus.LinkAuditingDecorator.SynchronizeLockerChanges(IEnumerable`1 changes)
   at Unify.Product.Plus.LockerToAdapterSynchronizationJob.RunBase()
   at Unify.Product.Plus.SynchronizationJobExecutor.<ThreadAction>d__8.MoveNext()
ClientConnectionId:e4b00f30-9b86-4cae-a54c-a96f2f4dc552
Error Number:-2,State:0,Class:11",Normal
20180904,07:19:04,UNIFY Identity Broker,"Void OnError(System.Data.SqlClient.SqlException, Boolean, System.Action`1[System.Action])",Error,".Net SqlClient Data Provider:
System.Data.SqlClient.SqlException (0x80131904): Execution Timeout Expired.  The timeout period elapsed prior to completion of the operation or the server is not responding. ---> System.ComponentModel.Win32Exception (0x80004005): The wait operation timed out
   at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
   at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
Answer
Curtis Lusmore 6 years ago

Queuing a baseline synchronization job requires generating sync changes for all entities on both sides of the link, which again is a SQL-heavy operation. Do you know the hardware specifications of the SQL Server cluster or any of its configuration settings that might impact SQL performance? Do you know of any differences between how it's configured between this environment and the previous environment?

0
Answered

PowerShell connector intermittently haning on Polling import

I have an intermittent problem with particular PowerShell connectors that intermittently hang on the Polling import - in that the connector displays as running the polling import for days, from the logs nothing is happening, and the only way to stop it is to restart the IDB service.

I have three connectors that connect to Exchange (two different Exchange environments), and we have seen the problem on all three connectors, in all three environments (dev, test, prod). I have other PowerShell connectors that do not have this problem. We have also never seen the problem on the Import All.

The three connectors run the same script, just with different parameters. I have added detailed logging for Polling runs and can't find a pattern - the log files stop at different places. Sometimes it's while collecting data from Exchange, but just as often it's after the script has closed the connection to Exchange and is looping through updating the entities in IDB.

Is there any way to enforce a timeout in the Powershell connector?

Answer
Curtis Lusmore 6 years ago

Hi Carol,

There isn't currently any way to enforce a timeout in the PowerShell connector. If the commands which hang don't have convenient timeout flags, you could try using Start-Job and Wait-Job.

0
Answered

Minimal AD delegate rights for UNIFYBroker/Active Directory service account

Huu Tran 6 years ago in UNIFYBroker/Microsoft Active Directory updated 6 years ago 6

I do not want to give more permission than that is needed (i.e. no Domain Admin right). Hence please advise the minimal AD delegate rights that the UNIFYBroker service account requires to:

- Create new users

- Modify attribute of an existing users

- Move users from one OU to another

- Suspend/activate an user (userAccountControl)

- Set initial password and set users must change password in the next logon

- Reset/ change password for an existing user


Thanks

Answer
Adam van Vliet 6 years ago

Hi Huu,

As you’re probably aware, AD permissions can get extremely complicated and can be done in a number of ways. For example, the topic on Implementing Least-Privilege Administrative Models is a 40 minute read - and it merely introduces the concepts and references countless other articles.

The approach that we recommend for Active Directory is to provide the use cases to the Active Directory administrator - so that they can create an account with least-privileges that works within their security model framework. As with all connectors, if this information can be condensed into a common set of recommendations, we would include this information in our documentation as either a set of prerequisites or as options/guidelines.

Thanks.

0
Declined

Attributes with the same name - Read-Only problem in MIM

Paul Zelenewicz 6 years ago in UNIFYBroker/Aurion updated by Matthew Davis (Technical Product Manager) 5 years ago 4

UNIFYBroker v5.3.1

Aurion API Connector v5.3.0

MIM 2016SP1 - 4.4.1749.0

Problem:

I have an 'Aurion Person' adapter and an 'Aurion ESS' adapter - each with an attribute called PersonNumber.

In 'Aurion Person' the attribute is read-only, in 'Aurion ESS' the attribute is not read-only.

Broker settings - Single Schema mode is false.

When I create the Aurion ESS Management Agent in MIM and attempt to setup an export attribute flow to  PersonNumber, MIM reports that the attribute is read-only.

It makes no difference if I create the ESS management agent before the Person management agent (even in a vanilla MIM database).

If I apply a rename transform to the PersonNumber in the ESS adapter I am able to setup an export attribute flow to the renamed attribute (i.e., ESSPersonNumber).

Question: 

Is it a specific requirement for Broker to maintain unique attribute names throughout different adapters? 

Answer

Closing as LDAP was providing the correct information to MIM, and no other information was provided. Feel free to re-open if the issue persists or resurfaces.