Identity Broker Forum
Welcome to the community forum for Identity Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.
The network path was not found
I suddenly have an error with a connector that is one of three identical Powershell connectors (same underlying scripts, just different parameters specifying target domain). The data gathering part of the script is working fine. The script is also getting through the entire entity creation loop (I have dropped detailed logs), but is then failing after that (ie at the end of the script) with 0 entities created.
This is the error reported in the IdB log:
Change detection engine import all items failed. Change detection engine import all items for connector PowerShell HomeFolder Protected failed with reason One or more errors occurred.. Duration: 00:08:50.4965198 Error details: System.AggregateException: One or more errors occurred. ---> System.ComponentModel.Win32Exception: The network path was not found --- End of inner exception stack trace --- at Unify.Product.IdentityBroker.PowerShellConnector.d__30.MoveNext() at System.Linq.Buffer`1..ctor(IEnumerable`1 source) at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source) at Unify.Product.IdentityBroker.AuditReadingConnectorDecorator.GetAllEntities(IStoredValueCollection storedValues, CancellationToken cancellationToken) at Unify.Product.IdentityBroker.EventNotifierReadingConnectorDecoratorBase`1.GetAllEntities(IStoredValueCollection storedValues, CancellationToken cancellationToken) at Unify.Product.IdentityBroker.ChangeDetectionImportAllJob.ImportAllChangeProcess() at Unify.Product.IdentityBroker.ChangeDetectionImportAllJob.RunBase() at Unify.Framework.DefinedScopeJobAuditTrailJobDecorator.Run() at Unify.Product.IdentityBroker.ConnectorJobExecutor.<>c__DisplayClass30_0.b__0() at Unify.Framework.AsynchronousJobExecutor.PerformJobCallback(Object state) ---> (Inner Exception #0) System.ComponentModel.Win32Exception (0x80004005): The network path was not found<--- ---> (Inner Exception #1) System.ComponentModel.Win32Exception (0x80004005): The network path was not found<--- ---> (Inner Exception #2) System.ComponentModel.Win32Exception (0x80004005): The network path was not found<--- ---> (Inner Exception #3) System.ComponentModel.Win32Exception (0x80004005): The network path was not found<--- ---> (Inner Exception #4) System.ComponentModel.Win32Exception (0x80004005): The network path was not found<--- ---> (Inner Exception #5) System.ComponentModel.Win32Exception (0x80004005): The network path was not found<--- ---> (Inner Exception #6) System.ComponentModel.Win32Exception (0x80004005): The network path was not found<--- ---> (Inner Exception #7) System.ComponentModel.Win32Exception (0x80004005): The network path was not found<--- ---> (Inner Exception #8) System.ComponentModel.Win32Exception (0x80004005): The network path was not found<--- ---> (Inner Exception #9) System.ComponentModel.Win32Exception (0x80004005): The network path was not found<---
Thanks for the update Carol. It is strange that it's saving the error until the end of the script - we'll do some investigation to see if we can work out why that's happening.
v5.3 Installer fails when SQL filenames do not match the DB name
Attempted an upgrade of Identity Broker from v5.2 to v5.3, the upgrade process failed running the following SQL Commands
ALTER DATABASE [Unify.IdentityBroker_DEVAP610] SET RECOVERY SIMPLE;
ALTER DATABASE [Unify.IdentityBroker_DEVAP610] MODIFY FILE (NAME=[Unify.IdentityBroker_DEVAP610], FILEGROWTH=100MB);
ALTER DATABASE [Unify.IdentityBroker_DEVAP610] MODIFY FILE (NAME=[Unify.IdentityBroker_DEVAP610_log], FILEGROWTH=100MB);
The installer did not revert to the previous version of Identity Broker, instead it removed the service from the Services window.
I located the commands above in the Windows application log and attempted to run the command in SQL directly, it did not work as the files were named differently than names in the SQL Configuration.
In this case I renamed the SQL files as it is non-production and was able to run the installer successfully. I recall this issue with v5.2 and run through the DB manual upgrade process. I think this needs to be fixed for users that are not as familiar with installation options.
I am also not sure the settings should be made in the installer, if the SQL instance is clustered it will not support simple logging, also in large implementations I normally make the database file group by 1GB.
Expand Connector Test Harness functionality
Currently the connector test harness is great for copying a current connector schema, exporting its entities to CSV and then modifying that data to run operations against an end system through a connector.
Would it be possible to expand the functionality of the test harness, to allow operations on internal entities?
The idea is that you could clone a connector schema, copy its entities to CSV, and then modify those entities to mock changes through IDB. This would allow you to test adapter configuration or mock specific changes to entities without needing to modify the connector/adapter configuration to point to a different connector.
This would be useful for times when you want to test specific cases through the system but don't have access to make the changes in the end system, or don't want to export that kind of data out to the end system. It also allows you to speed up the testing process as you'd just be 'replacing' the 'import from end system' step in the process - the rest of the workflow would still happen, so it would allow for extensive (and potentially automated) configuration testing.
Not currently a use case that needs delivering, closing.
Connector import completes before Adapter reflection is complete
Connector imports are completed before the Adapter reflection process is complete. When using Event Broker to schedule operations of Identity Broker and MIM this means that processing activity is still running when the next action runs.
In MIM this often results in a failed Delta Import and in Identity Broker multiple actions are running simultaneously further delaying reflection processing.
In connectors with large numbers of entities and several columns (especially multi-valued) or where there has been a significant amount of data change this can be several minutes after the Connector import has completed.
Ideally the Connector would show that it is still processing forcing Event Broker to wait for it to complete or add a way for Event Broker to wait until Adapter reflection is completed before running MIM operation.
Identity Broker Version: 5.2.0
Event Broker: 3.2.1
MIM Event Broker triggers when the adapter says it should, not the connector. Is this happening each 20K processed entities (a cutoff chosen to allow for transactions to work better)? There shouldn't be any impact, as MIM should be picking up the changed entities as they become available, and repeating until everything is done. At the end of the process, MIM Event Broker should only trigger on the last time when the adapter has been populated, not when the connector is finished, or are you not seeing this? Is this easily reproduced?
Issue installing 5.3 over the top of 5.2
I'm having an issue after installing 5.3 over 5.2.
The details are as follows:
"
After installing 5.3 over the top of 5.2 I get a sitemap issue.
================
The site map provider was of type System.Web.XmlSiteMapProvider. The web.config should be configured to use type="Unify.Connect.Web.IdentityBrokerSiteMapProvider".
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: Unify.Framework.UnifyConfigurationException: The site map provider was of type System.Web.XmlSiteMapProvider. The web.config should be configured to use type="Unify.Connect.Web.IdentityBrokerSiteMapProvider".
================
Broker is set up to use IIS for the web interface
"
The stack trace is as follows:
"
[UnifyConfigurationException: The site map provider was of type System.Web.XmlSiteMapProvider. The web.config should be configured to use type="Unify.Connect.Web.IdentityBrokerSiteMapProvider".]
Unify.Connect.Web.MvcApplication..cctor() +4876
[TypeInitializationException: The type initializer for 'Unify.Connect.Web.MvcApplication' threw an exception.]
ASP.global_asax..ctor() +28
[TargetInvocationException: Exception has been thrown by the target of an invocation.]
System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandleInternal& ctor, Boolean& bNeedSecurityCheck) +0
System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean skipCheckThis, Boolean fillCache, StackCrawlMark& stackMark) +197
System.Activator.CreateInstance(Type type, Boolean nonPublic) +105
System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes, StackCrawlMark& stackMark) +1484
System.Activator.CreateInstance(Type type, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) +289
System.Activator.CreateInstance(Type type, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture) +27
System.Web.HttpRuntime.CreateNonPublicInstance(Type type, Object[] args) +79
System.Web.HttpApplicationFactory.GetSpecialApplicationInstance(IntPtr appContext, HttpContext context) +294
System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext) +333
[HttpException (0x80004005): Exception has been thrown by the target of an invocation.]
System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +525
System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +124
System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +719
"
Let me know if you need any further information.
Thanks,
Hayden
There can be client specific things in there, but the default should be fine (especially if you're running without one). If the client decides to configure more settings they can (e.g. OIDC for the UI and AAD bearer auth for the API).
All attributes settable through Aurion Security User connector
Do we have a list somewhere of all the attributes that can be set through out Aurion Security User connector? Is this picture on this page definitive, or are there others? https://voice.unifysolutions.net/knowledge-bases/7/articles/3114-aurion-security-user-connector
Customer wants to set an attribute named "Consolidate" to "yes". I can import it but haven't managed to update it.
Remove the need for a VPN tunnel for hybrid IdB deployments
Implement Azure Relay Hybrid Connections (or commercial equivalent) https://docs.microsoft.com/en-us/azure/service-bus-relay/relay-hybrid-connections-protocol
Powershell transform showing an error IdB 5.2
Since updating to 5.2 I've noticed that the one Powershell transform I'm using in an adapter is now displaying an error message in the UI, though the transform itself still looks to be functioning. Here's the error displayed in the UI:
System.NullReferenceException: Object reference not set to an instance of an object. at Unify.Connect.Web.TransformationControllerExtensions.<navigatetodisplay>d__16`2.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() at Unify.Connect.Web.DefaultTransformationController.<display>d__2.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at lambda_method(Closure , Task ) at System.Web.Mvc.Async.TaskAsyncActionDescriptor.EndExecute(IAsyncResult asyncResult) at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass34.<begininvokeasynchronousactionmethod>b__33(IAsyncResult asyncResult) at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<invokeactionmethodfilterasynchronouslyrecursive>b__3c() at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<>c__DisplayClass45.<invokeactionmethodfilterasynchronouslyrecursive>b__3e() at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass30.<begininvokeactionmethodwithfilters>b__2f(IAsyncResult asyncResult) at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass1e.<>c__DisplayClass28.<begininvokeaction>b__19() at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass1e.<begininvokeaction>b__1b(IAsyncResult asyncResult) </begininvokeaction></begininvokeaction></begininvokeactionmethodwithfilters></invokeactionmethodfilterasynchronouslyrecursive></invokeactionmethodfilterasynchronouslyrecursive></begininvokeasynchronousactionmethod></display></navigatetodisplay>
This is the adapter config:
I have installed a UI patch to IdB 5.2 based on a previous issue I raised.
Matt just reminded me, v5.1 had a spelling error in the name of the PowerShell transformation which was corrected in v5.2. Change the incorrect PoweShell
to the correct PowerShell
.
Google passwords are not being set on creation
Google passwords are not being set on creation, subsequent resets in AD are synchronised successfully.
In MIM the export_password attribute is set with the desired password, I was unable to find any information about this attribute or how to configure the Password Script in the Google Connector.
Unsure of when this started to re-occur as most users authenticate via the IDP, however Chromebooks authenticate directly. It appears this issue has occurred before https://voice.unifysolutions.net/communities/6/topics/2816-passwords-are-not-set-on-google-account-creation however the key is configured to be email address.
Identity Broker: v5.2.0 Revision #3
Google Connector: 5.2.0.2
Unify.IdentityBroker.Communicator.Google.dll: 5.2.0.1
So just confirming, using the Identity Broker version of the Newtonsoft fixes that particular issue? I'll update the connector to use the same version so that it isn't able to override it.
Do you have an update on whether the password change is working?
An item with the same key has already been added
I have just upgraded IdB in TEST to 5.2, and migrated in the Connector and Adapter files from Dev. Dev was already on 5.2 and all connectors are working.
In TEST all of the new Connectors (names "PowerShell HomeFolder*" and "PowerShell MemberOf*") are failing with the error below. The "Powershell Exchange*" connectors work fine (though they already pre-existing in IdB 5.1 before I upgraded to 5.2).
The Connector config file is the same as the one I sent with the previous question. While the error looks very similar to that one it can't be the same - that was a duplicate schema mapping in the connector config, but Powershell connectors don't have schema mapping.
My Import scripts drop a full log of all entity values before running the $entity.Create ... $entity.Commit loop. There are no duplicate sAMAccountNames.
Note that when I did the IdB database upgrade in Test I removed the final lines from the script as told to do here. I don't seem to have had any problems with this in Dev, but thought it worth mentioning.
Change detection engine import all items failed. Change detection engine import all items for connector PowerShell HomeFolder NMI failed with reason An error occurred while evaluating a task on a worker thread. See the inner exception details for information.. Duration: 00:01:37.5326976 Error details: Unify.Framework.EvaluatorVisitorException: An error occurred while evaluating a task on a worker thread. See the inner exception details for information. ---> System.ArgumentException: An item with the same key has already been added. at System.Collections.Generic.Dictionary`2.Insert(TKey key, TValue value, Boolean add) at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer) at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector) at Unify.Product.IdentityBroker.Repository.EntityLinqQueryConverterUtilitiesBase`4.GetCollectionKeyData(TEntityKey key, EntityDataContext sourceContext) at Unify.Product.IdentityBroker.Repository.EntitySingleValueDataUtilityBase`2.CreateEntityValue(TEntityKey key, IValue value, IEntityCollectionKeyUtility`1 collectionKeyUtility, EntityDataSet set, __EntityInsertRow row, EntityDataContext sourceContext) at Unify.Product.IdentityBroker.Repository.KnownEntityContextBase`4.ConvertEntityValueToDataValue(KeyValuePair`2 entityValueAndKey, __EntityInsertRow row, EntityDataSet entityDataSet, EntityDataContext sourceContext) at Unify.Product.IdentityBroker.Repository.KnownEntityContextBase`4.<>c__DisplayClass31_0.<convertitemtovalues>b__0(KeyValuePair`2 entityValueAndKey) at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at System.Linq.Enumerable.<selectmanyiterator>d__16`2.MoveNext() at Unify.Framework.Visitor.Visit[T](IEnumerable`1 visitCollection, Action`2 visitor) at Unify.Product.IdentityBroker.Repository.KnownEntityContextBase`4.InsertItems(ISet`1 addedItems, EntityDataContext sourceContext, SqlConnection connection) at Unify.Framework.Data.LinqContextConversionBase`4.SubmitChanges() at Unify.Product.IdentityBroker.SaveChangedEntitiesTransformationUnit.Transform(IDictionaryTwoPassDifferenceReport`4 input) at Unify.Product.IdentityBroker.RepositoryChangeDetectionWorkerBase.PerformChangeDetectionOnConnectorEntityPage(IEnumerable`1 connectorEntities, Int32& index, Int32 entitiesProcessedSoFar, IEntityChangesReportGenerator`2 reportGenerator, IHashSet`1 seenKeys) at Unify.Product.IdentityBroker.RepositoryChangeDetectionWorkerBase.<>c__DisplayClass11_0.<performchangedetection>b__0(IEnumerable`1 page) at Unify.Framework.Visitor.ThreadsafeVisitorEvaluator`1.ThreadsafeItemEvaluator.Evaluate() --- End of inner exception stack trace --- at Unify.Framework.Visitor.ThreadsafeVisitorEvaluator`1.CheckForException() at Unify.Framework.Visitor.ThreadsafeVisitorEvaluator`1.Visit() at Unify.Product.IdentityBroker.RepositoryChangeDetectionWorkerBase.PerformChangeDetection(IEnumerable`1 connectorEntities) at Unify.Product.IdentityBroker.ChangeDetectionImportAllJob.ImportAllChangeProcess() at Unify.Product.IdentityBroker.ChangeDetectionImportAllJob.RunBase() at Unify.Framework.DefinedScopeJobAuditTrailJobDecorator.Run() at Unify.Product.IdentityBroker.ConnectorJobExecutor.<>c__DisplayClass30_0.<run>b__0() at Unify.Framework.<span class="redactor-selection-marker" id="selection-marker-1"></span>AsynchronousJobExecutor.PerformJobCallback(Object state) </run></performchangedetection></selectmanyiterator></convertitemtovalues>
For future reference, this issue is caused by entries in the CollectionKey table with the same Caption field value. The duplicate captions, produced by a defect in Identity Broker v5.1, cause exceptions to be thrown in several areas of the application after performing an upgrade to Identity Broker v5.2 which assume these values to be unique.
The simplest solution for this issue would be running the database clear script found in the <InstallDir>/Database directory. If this is not possible or desirable, attempt to run the script I provided below which clears the CollectionKey table of all unused entries and may resolve this issue. If the issue persists at this point a script or tool can be provided suitable to the specific environment to more directly correct the database state.
Customer support service by UserEcho