Identity Broker Forum
Welcome to the community forum for Identity Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.
IdB 4.1.0 support for Aurion 11.30
Working with the following IdB and Aurion connector versions:
I noticed the below statement:
"Aurion v10.1.2.04 MR1 or higher." - https://unifysolutions.jira.com/wiki/spaces/IDBAUR41/pages/54165664/Prerequisites
Want to confirm:
1. Aurion connector version 4.1.2 supports Aurion 11.30
2. Any known issues with the upgrade from Aurion connector version 4.1.0 to 4.1.2.
3. Any known issues with IdB regarding Aurion upgrade to 11.30
- We support versions greater than v10.1.2.04 MR1
- Not unless there's documentation or issues raised (we're improving the known issues section on the release notes in the future to better capture this)
- Yes, see release notes (Aurion 11.16 has a breaking change which we have released a workaround for)
Mapping Aurion security user ExternalMailType
I am trying to set an additional value on the Aurion Security User on provisioning. The Aurion attribute is T803F275_EXTERNAL_MAIL.T803_SECURITY_USER, it is of type String, and needs to be set to the value "10".
I have had this attribute added to the Aurion report and mapped it in the Connector config file (it comes through to me as "Mail"). I can run a connector import and see all the entities with a value of "10" in this field.
When I provision a new connector space object in MIM the value is populated, however on export the export does actually run and the Aurion Security User gets created, however the Mail value is blank. There are no errors at all in the IDB log file.
Hi Carol,
The field is "ExternalMailType" (it comes through the schema provider). Add this field name and map it to the "Mail" attribute from the query results
Thanks.
Baseline & Sync Procedure for IdB Chris21 LITE
When wanting to synchronize IdB Chris21 LITE with and out of sync AD, I am running the following two items:
1. AD Baseline
2. AD Syncronize
Before I run the above tasks, should Chris21 and/or AD Realtime Change Processing be disabled?
UNIFY Identity Broker Management Studio v0.0.5 Revision
Plugins:
* MS AD 4.1.3.0
* Chris 21 Connector 4.1.1.0
Extended Database Connector has "stopped-extension-dll-expection" occur till full import is run
Occasionally delta import to MIM will fail with the “stopped-extension-dll-expection” error. When the error occurs, it will continue over and over until a full import is run.
Event viewer logs:
The extensible extension returned an unsupported error.
The stack trace is:
"Unify.Product.IdentityBroker.LdapOperationException: Error during processing of SearchRequest targetting cn=changelog: Operation timed out while waiting for message queue with id of 10. ---> System.OperationCanceledException: Operation timed out while waiting for message queue with id of 10.
at Unify.Product.IdentityBroker.LdapConnection.GetMessage(Int32 messageId)
at Unify.Product.IdentityBroker.SearchRequest.Send(Func`2 send, Func`2 recv)
at Unify.Product.IdentityBroker.LdapConnection.SendRequest(ILdapRequest request)
--- End of inner exception stack trace ---
at Unify.Product.IdentityBroker.LdapConnection.SendRequest(ILdapRequest request)
at Unify.Product.IdentityBroker.LdapConnectionProxy.<SearchRequestPaged>d__8.MoveNext()
at Unify.Product.IdentityBroker.ImportProxy.<GetChangedEntriesPaged>d__30.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at Unify.Product.IdentityBroker.ExtensionMethods.Take[TSource](IEnumerator`1 source, Int32 count, IList`1& items)
at Unify.Product.IdentityBroker.ExtensionMethods.<Page>d__3`1.MoveNext()
at Unify.Product.IdentityBroker.ImportProxy.Import(GetImportEntriesRunStep importRunStep)
Environment:
- Identity Broker v5.1.0 Revision #0
- MIM 4.3.2266.0
Create Agents for Connector within Connector interface
I think IdB would be easier to use if when a configuration object was required but did not exist the user could easily create one without loosing their current object entries.
A good example is how the new Azure Portal works... if you need to create an object that requires another object to be created first; when the option appears to choose the second object you always have the option to make a new object (which if significant configuration is needed brings you to a new sub-screen and back to the original when completed).
The general idea is that users usually start off with a goal in mind and start down that track ("I need a connector!") and along the way they discover detail ("Oh, I also need an Agent, dam it!"); and ensuring the product permits that kind of thinking makes the product far more natural (and so easier) to use.
Unfortunately I don't know enough about web gui's to know how this can be easily accomplished. :/
Thanks for the feedback, Michael.
In the particular case of case of creating a connector with no available agents, the UI does direct you to create an agent, however it doesn't direct you back to the connector afterwards.
This would be quite difficult to implement currently, but we are planning an overhaul to the UI in an upcoming release, so I will add this to the list of desirable workflows that it should support.
Delete Threshold GUI Display Issue
Visual appearance examples (CSV & SQL Connectors):
When typing a number:
The control can be dragged and the number will reflect accurately:
Recommendation:
- A different control could be used that more clearly shows a percentage similar to a progress bar (It is not immediately clear how to use the control)
- The control should correctly to reflect a manually entered number (Alternatively ability to enter a manual number could be removed and a text field could simply update depending on user's interaction with the progress bar; in which case the text field could have a "%" sign at the end making it clearer what interaction with the control equates to)
- The control should physically align with the text box and be in a similar style if possible
IdB:
Client Browser:
Thanks for the feedback, Michael.
I've added an item to our backlog to address this.
Success / Error Visuals
When notifications are shown in IdB they are shown with a yellow background regardless of the result.
In this way errors look visually similar to successes.
Success example:
Error example:
Recommend having different icons and background colours to distinguish between success and errors.
Tested with SQL Agent in IdB 5.2
SQL Server Database Agent > Use Standard Fields > Tool tip
The tool tip / information bubble for the "Use Standard Fields" radio buttons within the "SQL Server Database Agent" configuration page currently says:
"Whether to generate a connection string with the provided fields, or to simply enter one in full."
As this doesn't immediately correlate to the choices (Yes/No), this may be clearer to the user if updated to:
"Yes to to generate a connection string with the fields provided by the database table, No to enter one manually in full."
CSV Import: No HTTP resource was found that matches the request URI
Error:
When "Execute Import All" I receive:
No HTTP resource was found that matches the request URI 'http://localhost:59991/IdentityBroker/api/1.0/Connector/ImportAll?id=7355468d-c89d-43eb-a5fd-0829c5b9e40f'.
Further Connector Details:
IdB details:
Log:
CSV:
Steps to re-create:
1. Install IdB 5.2
2. Create CSV Connector for attached CSV (Set EmployeeID as Key)
3. Attempt full import
Troubleshooting steps so far:
- Server restart, same error
- Log review, couldn't find any pertinent entries
- Port 59991 test (telnet responds on localhost)
- CSV file permissions (IdB it can do initial read for header information and the service user has local administration rights)
- Other operation tests:
- Execute Import Changes results in a similar error
- Clear Connector does not error
- Disable does not error
- Add adapter for connector does not error
- Copy Connector does not error
Unify.Connect.Web.Shared.dll - it might require some other dll's. Please let me know if it works or not.
Minor usability suggestion: Installer next button grayed out until text box loses focus
When using the installer the "Next" button remains grayed out until all mandatory text box's have both text entered and have triggered a lost focus event.
This can lead to situations like the attached where the user has completed all fields correctly, but cannot click next until they change focus from the text box.
Would recommend that the "Next" button becomes available as soon as all mandatory fields contain valid information.
Tested with: UNIFY Identity Broker Service v5.2.0 RTM.msi on the "Service account" screen.
Steps to recreate:
1. Start installer
2. Complete to "Service account" screen
3. Check "Add log on as a service user rights."
4. Enter "Password:"
5. Enter "Account"
Customer support service by UserEcho