Identity Broker Forum

Welcome to the community forum for Identity Broker.

Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.

0
Answered

Does IdB v5.2 support Windows 2016

Rizwan Ahmed 7 years ago in UNIFYBroker/Microsoft Identity Manager updated 7 years ago 2

The best I could find was the link below;

https://voice.unifysolutions.net/knowledge-bases/7/articles/2920-identity-broker-installation-prerequisites

which does mention Window 2008 SP1 or later, but client’s question is specific to Windows 2016 testing and certification. To be honest I believe what they really mean is, are the following products tested to be supporting Windows 2016 by UNIFY. Or should they get the new server build on Windows 2012 2012 R2 64bit

  • UNIFY Identity Broker Service v5.2.1.0 RTM x64
  • UNIFY Identity Broker for Microsoft Identity Manager v5.1.0 RTM
  • UNIFY Identity Broker for Aurion v5.2.0 RC1

Thank You.

Answer
Adam van Vliet 7 years ago

Hi Rizwan,

Identity Broker has been tested against all versions of Windows from 2008 SP1 and onwards, with most testing against 2016. I'll look at updating the page so that it's a little more clear.

If the client was actually referring to Microsoft certification, then no; the certification program is not available at the moment as it's being reworked.

Thanks.

0
Answered

Client Upgrade to .Net 4.6 cause MA to Fail

Hayden Gray 7 years ago in UNIFYBroker/Microsoft Identity Manager updated by Adam van Vliet 7 years ago 1

Hi,

I'm investigating an ACTGOV incident (Ivanti Incident 50255) and they have run into issues testing an upgrade to .Net 4.6 on an existing installation in their TEST environment. 

The description from ACTGOV is as follows:

Hi,

We would like to upgrade .net on our Education FIM server to 4.6 but we found that when we do so in our test environment that our Maze MAs stop working.  In the event log we get the error message:

Image 4764


Given the MA refuses to even start the problem appears to be Unify.Framework.ILM2007FP1Adapter.dll.  Are you able to provide an updated version of this DLL that has been compiled with .net 4.6?

The version we currently have is 3.0.1.1 with a time stamp of 9/7/2013.

Cheers,

I was hoping you may be able to assist with a copy of the dll able to run with .Net 4.6 or what the action for remediation on this issue is.

Below are also the software versions the client has:

  • FIM 2010 Sync Engine
  • FIM Service Portal and SSPR
  • Identity Broker for FIM 4
  • Identity Broker for CISCO 4
  • Identity Broker for viewDS
  • Identity Broker for Sharepoint 4

Let me know if you need any more details.

Thank you,

Hayden Gray

Answer
Adam van Vliet 7 years ago

I'm not sure why that would cause the MA to fail, the Windows Event Log might have more information. However, if you're targeting Identity Broker v4+ you should be using the matching MA dll (not v3). If you're still on v3, you should upgrade to v4+ as it's no longer supported (extended support can be arranged, see https://voice.unifysolutions.net/knowledge-bases/7/articles/3321-identity-broker-support-policy).

0
Answered

An item with the same key has been added

Carol Wapshere 7 years ago in UNIFYBroker/Aurion updated by Adam van Vliet 7 years ago 2

I upgraded to IdB 5.2.1 in Dev and the Aurion Person connector has stopped working with the error below. It has disabled itself and won't let me re-enable it, so I can't run the import again, or even clear the connector.

The key is the Aurion WAMIKey and there cannot be a duplicate. The Aurion DB in dev has not been updated since it was working with Idb 5.1 (no new persons added).


Message    An error has occurred: An item with the same key has already been added.
Type    System.ArgumentException
Stacktrace    at System.ThrowHelper.ThrowArgumentException(ExceptionResource resource)
at System.Collections.Generic.Dictionary`2.Insert(TKey key, TValue value, Boolean add)
at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer)
at Unify.Connectors.Aurion.AurionConnectorInformationFactoryBase`1.Transform(XElement sourceValue)
at Unify.Product.IdentityBroker.ConnectorControllerBase.GetSpecializedConnector[TInfo,TExtended](Guid connectorId, String expectedType, String callingPath, Func`2 toExtended)
at Unify.Product.IdentityBroker.PluggedConnectorControllerBase`2.GetConnector(Guid connectorId)
at lambda_method(Closure , Object , Object[] )
at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ActionExecutor.<>c__DisplayClass10.<getexecutor>b__9(Object instance, Object[] methodParameters)
at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ExecuteAsync(HttpControllerContext controllerContext, IDictionary`2 arguments, CancellationToken cancellationToken)
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Controllers.ApiControllerActionInvoker.<invokeactionasynccore>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Controllers.ActionFilterResult.<executeasync>d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Filters.AuthorizationFilterAttribute.<executeauthorizationfilterasynccore>d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Dispatcher.HttpControllerDispatcher.<sendasync>d__1.MoveNext()
</sendasync></executeauthorizationfilterasynccore></executeasync></invokeactionasynccore></getexecutor>
Answer
Adam van Vliet 7 years ago

There are duplicate Contact_Phone_Number mappings, please try removing one.

0
Fixed

A task was cancelled

Carol Wapshere 7 years ago updated by Beau Harrison (Senior Product Software Engineer) 5 years ago 12

When running connector imports in IdB 5.2 (PowerShell connector) I am seeing a message "A task was cancelled" though there doesn't actually seem to be any problem. MD says this is a known issue but I need to ask for a patch for 5.2.

This is the full error:



System.Threading.Tasks.TaskCanceledException: A task was canceled.
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Unify.Connect.Web.Client.ConnectorClient.d__35.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Unify.Connect.Web.Client.ProfiledConnectorClient.d__108.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Unify.Framework.Web.UnifyController.d__39.MoveNext()
Answer
Adam van Vliet 7 years ago

Hi Carol,

Could you please try applying the following patch, and let me know if the issue persists? Patch.zip

0
Not a bug

SAP HCM Agent - Test connection fails

Dilip Ramakrishnan 7 years ago updated by Adam van Vliet 7 years ago 3

Environment:

OS : Windows Server 2016

IDB Service: IDB v4.1.5 x64

IDB SAP Broker : v4.1.3 x64

Test connection on SAP HCM Agents returns error below:

An attempt was made to load a program with an incorrect format. (Exception from HRESULT: 0x8007000B)

Troubleshooting done so far:

Current environment with IDB v4.1.3 + IDB SAB Broker v4.1.2 running on Windows 2008 R2 with same credentials and same parameters to connect to SAP instance works without any issues.

IDB Logs have this entry below

The test of agent SAP HCM Agent failed with message System.BadImageFormatException: An attempt was made to load a program with an incorrect format. (Exception from HRESULT: 0x8007000B)
at SAP.Connector.Connection.Open()
at Unify.Product.IdentityBroker.SapHrCommunicator.Open()
at Unify.Product.IdentityBroker.SapHrCommunicator.TestConnection()
at Unify.Product.IdentityBroker.SapHrAgent.TestConnection()
at Unify.Product.IdentityBroker.AgentEngine.Test(Guid agentId).

No errors logged in Event Viewer.

0
Answered

Migrating IdentityBroker configuration from one env to another

Huu Tran 7 years ago updated by Adam van Vliet 7 years ago 1

Database migration will copy both configuration and data. Just wonder how to migration the configuration only without migrating data?

0
Declined

The dimage indicates an add attrib operation, but the attrib already exists on the object.

Amol Patil 7 years ago updated by Adam van Vliet 7 years ago 16

Identity Broker is occasionally throwing “staging-error” as part of the Delta Import. 

Please see the attached files with error logs. 

Could you please review and advice?

Version Details:

Identity Broker: v5.1.0 Revision # 2
FIM 2010 R2: 4.1.3508.0

Answer
Adam van Vliet 7 years ago

Adam/Richard/Aneesh, please replicate this (it shouldn't need the same systems). The information should be in Aneesh's comments, it's just that the analysis hasn't been done to show why it's a problem. A replication might help us track down the sequence of events that lead to the problem.

0
Answered

Access denied importing Boolean value

Carol Wapshere 7 years ago in PowerShell connector updated 7 years ago 2

I have been struggling with an odd issue. I have a number of PowerShell connectors in my solution, and quite a few of them have Boolean attributes (in addition to String). I have created a new connector which is very similar to the existing ones, and uses very similar scripts. Here is what is happening:

- When I comment out my import step for the Boolean attribute (so it just imports the String attributes) the full import works

- When I add the Boolean attribute in the import fails with "Access Denied". I know the correct value is actually being generated as I'm dropping a debug log file which shows all the values it's trying to put into the entity.

- When I run a Polling import (where I can list account names in a text file and it just imports those) it works correctly, including bringing in the Boolean value. This is also weird as it's the same Powershell script - the differences are in the initial collection of data, but the part where it updates and commits the entities is identical for both full and polling imports.

I thought it might be something to do with $null values but have made sure that the script always sets a default value of $false. This is the error message - it is definitely happening during the loop where I go through the data I've collected committing the entities.

I've also upgraded IdB to 5.2, but no change from 5.1 on this issue.


Change detection engine import all items for connector PowerShell HomeFolder failed with reason Access is denied. Duration: 00:01:19.9160765

Error details:

System.UnauthorizedAccessException: Access is denied ---> System.ComponentModel.Win32Exception: Access is denied

   --- End of inner exception stack trace ---

   at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass4_0.<TaskContinueWithExceptionPassthough>b__0(Task t)

   at System.Threading.Tasks.Task.Execute()",Normal


Answer
Curtis Lusmore 7 years ago

Via phone call, the problem was that the line which was being commented out includes a call to Test-Path, and we believe the permissions error is happening there.

0
Answered

Cannot upgrade IsB database - Duplicate key value

Carol Wapshere 7 years ago updated by Beau Harrison (Senior Product Software Engineer) 7 years ago 7

Upgrade from 5.1 to 5.2 failed with a SQL error so I elected to run the database update script manually. This is the error:


Msg 1505, Level 16, State 1, Line 1

The CREATE UNIQUE INDEX statement terminated because a duplicate key was found for the object name 'dbo.CollectionKey' and the index name 'DF_CollectionKey_Caption'. The duplicate key value is (HomePostCode).

Msg 1750, Level 16, State 0, Line 1

Could not create constraint. See previous errors.

The statement has been terminated.


I have both "HomePostCode" in a connector and "HomePostcode" (lower-case "c") in an adapter, and IdB did not prevent this happening. I'll rename one of them if I have to but am worried there might be others (lots of schema in this solution).

Shouldn't this script be using the attribute guids anyway?

Answer

Hi Carol

Turns out that, yes, the DF_CollectionKey_Caption constraint isn't actually required. If it was created in your database, go ahead and remove it. If it wasn't then no further action is required, the rest of the upgrade script will have executed correctly.

0
Declined

How to get user information from SAP in an MS SharePoint Workflow?

Elena kretova 7 years ago in CSV connector updated by Adam van Vliet 7 years ago 1

Approve so essentially I am making a Workflow BPMS in SharePoint and I need to get a client's data like his/her specialization, chief and so on into the work process. 

The work process goes this way: If a worker wishes to arrange some stationary, he/she enters the work process by topping off a frame, which is sent to their chief (who's data originates from SAP HR module) and when affirmed goes to the general organization office. 

Since SAP HR stores the parts of the clients and their associations, I need to have this data associated with my work process. 

How might I accomplish this reconciliation?

Answer
Adam van Vliet 7 years ago

Hi Elena,

We're not affiliated with Microsoft or SAP, nor do we provide support for their respective products.

If you have a question about our product set, please feel free to ask.

Thanks.