Identity Broker Forum
Welcome to the community forum for Identity Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.
Gateway was unable to be started due to One or more errors occurred.
Hi,
We have seen across multiple Broker instances that the following error occurs for LDAP gateways:
"The gateway <gateway name> (guid) was unable to be started due to One or more errors occurred."
Unfortunately there doesn't seem to be much more information that what is provided in the log. Examination of the log file further with CMTrace doesn't reveal anymore information.
In one particular affected customer's case, I checked the Azure Provisioning service to see if there was any significant event that may have caused this, but could not find anything there either.
The workaround is to Recycle the gateway, but this currently relies on manual checking to see if it has occurred or not and this appears to be happening on a frequent basis. We would like to address the root cause issue if possible.
Is there additional logging levels that could be applied to find out what could be causing this?
Thanks,
Liam
Time Offset Flag not re-evaluated when current time passes source field timestamp
My customer is failing UAT of the solution configuration because Time Offset Flags are not automatically updating when the source field timestamp is passed. There have not been any Clear Entity Changes run in this environment for many months, and entity data fields have been updated recently as part of the customer's UAT testing processes.
Example: entity ID 70cb5e8e-8a8d-48f9-a123-911a836574f4 in partition 838b79fc-a31e-4b70-bcc8-e94550b3ff57 in ACCC TEST. PostEnd, based on EndUTC, is still "No" but it should be "Yes".
Could you please check entity ID e71b989c-1a01-4542-9334-8e69c12abb6c on that same partition, which is due to see PostEnd change from "No" to "Yes" in around 15 hours from now (8/22/2023 2:00:00 PM UTC). Please confirm that it is all fine (i.e., a future change exists in the database) and then after the timestamp is passed I'll check and verify if the PostEnd value has updated automatically as it should.
Changes are registered for the times that the contributing transformations dictate they need to be registered. In this case, there could have been a scenario under which a transformation has determined, based on current (or previous) configuration, that a change should be created for that time because at that time a date time offset flag or similar needed to be recalculated. It may have been from one of the time offset fields that has a value already and is known to recalculate at that time.
The original part of the ticket is as you suspect - where clearing pending changes will remove future dated changes, and they won't be recreated through a generate changes process (which is something we've improved for UNIFYBroker 6.0).
The feature (Register-Contribution) was added to handle a scenario where a PowerShell transformation is adding/modifying a field, which is used in a transformation that can calculate future-dated changes (such as the Time Offset Flag transformation). With a normal chain of transformations (powershell aside), each adapter tracks the chain of where its source came from. This is done so we can calculate whether or not a change is needed for an entity (for example, if field X from relational connector A is used through a chain of transformations and then to calculate a datetime offset, we need to know on import if field X has a value which would trigger a change in the future, so we can register that change in the database so it recalculates at the right time, rather than too early / late). This calculation process is called Change Detection in the Broker engine.
Traditionally, the PowerShell transformation had no way of letting the Broker engine know how entity fields were being used, so it had no way of being involved in the change detection process. This also means it broke downstream change detection - if a PowerShell transformation is outputting a field value which is then used in a Time Offset Flag transformation, the engine had no way of knowing the source field of that value to notify of future dated changes.
The Register-Contribution call allows you to register this linkage to let the engine know how to handle those scenarios. So as an example, you may have an EndDate schema field coming from the parent or relational connector. You take this EndDate field in, and use a PowerShell transformation to convert it to UTC time, placing it into an EndTimestampUTC field. That EndTimestampUTC field is then used to calculate the PostEnd field through a TimeOffsetFlag. You would use the Register-Contribution call on this field, to essentially tell the adapter that "the PostEnd field passes through this magical script and results in the EndTimestampUTC field, so if there's a change on the PostEnd field it can be used to calculate changes on the EndTimestampUTC field". The adapter can then use that linkage to know that a change on the PostEnd field which sets the date in the future can be used to calculate a change in the future based on the configuration for the TimeOffsetFlag transformation.
The configuration would look similar to this (screenshot from the linked ticket):
TL;DR:
The PowerShell transformation does not participate in the change detection process by default. This can be enabled by manually describing the fields which contribute in some way to other fields, either created by the transformation, or pre-existing.
To do this, call the Register-Contribution method in the Schema Script for each instance of one field contributing to another.
# 'fieldA' contributes to the resulting value in 'fieldB'
Register-Contribution("fieldB", "fieldA");
Manually registering field contribution isn't required in most cases and for all fields, and can normally be omitted from the schema script. The typical situations where contribution registration would be required involve a PowerShell transformation preceding a Time Offset Flag or Business Day Offset transformations, where the contribution chain of the the involved Timestamp or Date fields is required to correctly schedule future-dated changes.
Support for DateRelational.Compare.String and Relational adapter transform types
I have encountered a UNIFYBroker customer who has DateRelational.Compare.String and Relational adapter transform types configured (UNIFYBroker 5.1.0#2). I have been asked to upgrade them to the latest UNIFYBroker release. Can you please confirm:
1. Are these transform types still available in the latest UNIFYBroker release?
2. Has their functionality or features changed since the 5.1.0#2 release?
3. If they are available, what are they now called in the UNIFYBroker UI?
Hi Adrian,
The DateRelational.Compare.String and Relational are old names for the current Join transformation. This transformation was reworked back in UNIFYBroker 4.1, so it's likely this configuration was upgraded from an old 3.x or 4.x config up to 5.1.
The product still respects the old transformation names, although may not
Between 5.1 and 5.3 there's been no changes to the way that entity windows and selections function.
There was no changes to the join transformation functionality itself, however there was minor changes made to the overall transformation process in terms of how changes are aggregated and reported (as support for postgresql was added). I don't expect this would impact functionality as we've not had other customers report issues between the versions.
If you are migrating the configuration rather than re-creating, you may find the UI continues to report the transformations using the old name (as you see in the screenshot above). Otherwise a new transformation can be created using the Join transform.
Let me know if you've got any more questions or have issues with the upgrade.
Aurion security user writeback fails for user ID field values with common prefix
At my customer site their Aurion instance is configured with security user "UserID" field values which are populated from the user's AD sAMAccountName (username) field. Their usernames have values like "jsmi" (for John Smith) and "jsmi1" (for Jane Smith).
When writing data back for a user like "jsmi" the following error is logged by UNIFYBroker and the update isn't actioned in Aurion:
20230725,04:16:00,UNIFYBroker,EntitySaver,Error,The entity jsmi (3a657f98-06df-47e0-b0d8-bfd0c19b250b) for the adapter Aurion Security User (c5460bd3-0167-4290-a2a0-180f8632a474) failed to update for the following reasons: Aurion API error -1: Cannot identify an unique Aurion User from User Match Value,Normal
It appears the issue here is that the Aurion API is unable to identify a single unique security user to update, when there is another user whose UserID starts with the same value (i.e., jsmi1).
Is there some other way to configure UNIFYBroker so that it can successfully update my customer's Aurion security user data?
I've now confirmed that the behaviour I reported above isn't actually happening - I misinterpreted what I was seeing. The true root cause of the error is a link mapping passing a changed UserID value to the Aurion connector, which meant that it was passing a UserMatch value that didn't exist to the API.
UNIFYConnect writing back Aurion data to fields that it's not configured to export to
Recently my customer refreshed their TEST HR SOT (Aurion) from PROD. I ran an import to pick up the updated data, but didn't notice that it failed (due to a duplicate value for a key field in the refreshed data). Then I cleared locker data and reloaded it.
Then I ran a baseline sync to write back two fields to the HR SOT. It appears that at this time data on all fields (and not just the write-back fields) of entities in the HR SOT was reverted to pre-refresh values.
Is it likely that when I ran the baseline sync UNIFYBroker/Plus applied the mappings from the outbound link on top of the pre-existing out-of-date connector data, and then overwrote all that old field data back to Aurion, even for fields that are not configured to be written back?
Hi Adrian,
The Aurion API only supports updating specific fields on the API, separate to the queries being read. Currently, the UNIFY Aurion connector maps all suitable* connector entity fields back to the API call.
* A suitable connector entity field is one where the field schema name matches the name provided by the default schema provider, in line with the appropriate connector documentation (such as Aurion Person Connector / UNIFYBroker knowledge / UNIFY Solutions )
If the appropriate schema field can't be found, then the value isn't set on the outgoing API call. According to the Aurion API documentation, this field would be ignored.
In this case, the baseline sync would have triggered the export operation on the connector for entities, which would have taken the reverse-transformed adapter entity (pre-refresh, as the import failed) and exported any fields that the connector was able to map - which is likely why those values got reverted.
I suspect that if you were to have different connector schema field names for any fields you're not wanting to have exported, and make use of the Query Mappings connector configuration, then only the expected fields would be updated.
We do have an item on the backlog to re-work the Aurion connector, having the connector schema be driven by the query with explicit configuration back to the API operations (rather than the inverse, as it stands currently).
We do also have an item to improve the Baseline Sync to avoid exporting entities when changes haven't been made, but we're working through the implications of that on true-up support (and potentially wouldn't have helped in this scenario if the values you were wanting to export were different already).
PowerShell sync task can't connect to AD
Sometimes I see errors in my customer's production environment when the birthright group provisioning PowerShell task is unable to connect to AD. This is happening immediately after a successful connection to AD has provisioned the user account. There are two types of errors that are returned, as below:
UnifyLog20230517.csv:1629:Add entities [Count:1] to connector AD User reported 1 entities saved, 0 failed. Duration: 00:00:00.1916629",Normal
UnifyLog20230518.csv:57203:Add entities [Count:3] to connector AD User reported 3 entities saved, 0 failed. Duration: 00:00:01.2855075",Normal
UnifyLog20230521.csv:219718:Add entities [Count:2] to connector AD User reported 2 entities saved, 0 failed. Duration: 00:01:00.0326068",Normal
UnifyLog20230521.csv:219982:20230521,15:41:05,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=aau,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:220247:20230521,15:43:05,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=jball,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:234120:Add entities [Count:2] to connector AD User reported 2 entities saved, 2 failed. Duration: 00:01:00.0287518",Normal
UnifyLog20230521.csv:234384:20230521,16:41:05,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=aau,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:234683:20230521,16:43:05,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=jball,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:248409:Add entities [Count:2] to connector AD User reported 2 entities saved, 2 failed. Duration: 00:01:00.0017363",Normal
UnifyLog20230521.csv:248672:20230521,17:41:06,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=aau,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:248971:20230521,17:43:06,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=jball,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:262577:Add entities [Count:2] to connector AD User reported 2 entities saved, 2 failed. Duration: 00:01:00.0161713",Normal
UnifyLog20230521.csv:262840:20230521,18:40:50,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=aau,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:263093:20230521,18:42:50,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=jball,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:276860:Add entities [Count:2] to connector AD User reported 2 entities saved, 2 failed. Duration: 00:01:00.0138167",Normal
UnifyLog20230521.csv:277241:20230521,19:40:52,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=aau,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:277494:20230521,19:42:52,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=jball,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:291308:Add entities [Count:2] to connector AD User reported 2 entities saved, 2 failed. Duration: 00:01:00.0170553",Normal
UnifyLog20230521.csv:291572:20230521,20:41:01,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=aau,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:291845:20230521,20:43:01,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=jball,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:305473:Add entities [Count:2] to connector AD User reported 2 entities saved, 2 failed. Duration: 00:01:00.0058264",Normal
UnifyLog20230521.csv:305736:20230521,21:40:51,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=aau,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:305989:20230521,21:42:51,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=jball,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:319874:Add entities [Count:2] to connector AD User reported 2 entities saved, 2 failed. Duration: 00:01:00.0170181",Normal
UnifyLog20230521.csv:320142:20230521,22:41:00,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=aau,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:320398:20230521,22:43:00,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=jball,OU=Standard
Users,OU=X,DC=local in AD: The operation returned because the timeout limit was exceeded.",Normal
UnifyLog20230521.csv:331465:Add entities [Count:2] to connector AD User reported 2 entities saved, 0 failed. Duration: 00:00:01.1680608",Normal
UnifyLog20230521.csv:331472:20230521,23:30:44,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=aau,OU=Standard
Users,OU=X,DC=local in AD: Unable to contact the server. This may be because this server does not exist, it is currently down, or it does not have the Active Directory Web Services running.",Normal
UnifyLog20230521.csv:331477:20230521,23:30:47,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=jball,OU=Standard
Users,OU=X,DC=local in AD: Unable to contact the server. This may be because this server does not exist, it is currently down, or it does not have the Active Directory Web Services running.",Normal
UnifyLog20230523.csv:10338:Add entities [Count:1] to connector AD User reported 1 entities saved, 0 failed. Duration: 00:00:01.0310308",Normal
UnifyLog20230523.csv:32001:Add entities [Count:3] to connector AD User reported 3 entities saved, 0 failed. Duration: 00:00:01.2325114",Normal
UnifyLog20230523.csv:32955:Add entities [Count:8] to connector AD User reported 8 entities saved, 0 failed. Duration: 00:00:02.0700229",Normal
UnifyLog20230523.csv:34211:Add entities [Count:4] to connector AD User reported 4 entities saved, 0 failed. Duration: 00:00:01.0275391",Normal
UnifyLog20230526.csv:12458:Add entities [Count:1] to connector AD User reported 1 entities saved, 0 failed. Duration: 00:00:01.1577689",Normal
UnifyLog20230531.csv:11081:Add entities [Count:1] to connector AD User reported 1 entities saved, 0 failed. Duration: 00:00:01.1605492",Normal
UnifyLog20230531.csv:11851:Add entities [Count:1] to connector AD User reported 1 entities saved, 0 failed. Duration: 00:00:01.1728933",Normal
UnifyLog20230602.csv:2129:Add entities [Count:1] to connector AD User reported 1 entities saved, 0 failed. Duration: 00:00:01.1171594",Normal
UnifyLog20230602.csv:2138:20230602,01:09:42,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=dtai2,OU=Standard
Users,OU=X,DC=local in AD: Unable to contact the server. This may be because this server does not exist, it is currently down, or it does not have the Active Directory Web Services running.",Normal
UnifyLog20230604.csv:21979:Add entities [Count:3] to connector AD User reported 3 entities saved, 0 failed. Duration: 00:00:01.5039543",Normal
UnifyLog20230605.csv:7281:Add entities [Count:1] to connector AD User reported 1 entities saved, 0 failed. Duration: 00:00:01.1775722",Normal
UnifyLog20230605.csv:24280:Add entities [Count:2] to connector AD User reported 2 entities saved, 0 failed. Duration: 00:00:01.4059702",Normal
UnifyLog20230606.csv:18238:Add entities [Count:1] to connector AD User reported 1 entities saved, 0 failed. Duration: 00:00:00.2258243",Normal
UnifyLog20230606.csv:20135:Add entities [Count:1] to connector AD User reported 1 entities saved, 0 failed. Duration: 00:00:01.2077376",Normal
UnifyLog20230606.csv:20865:Add entities [Count:1] to connector AD User reported 1 entities saved, 0 failed. Duration: 00:00:00.2686140",Normal
UnifyLog20230609.csv:11402:Add entities [Count:1] to connector AD User reported 1 entities saved, 0 failed. Duration: 00:00:00.1731736",Normal
UnifyLog20230611.csv:21783:Add entities [Count:1] to connector AD User reported 1 entities saved, 0 failed. Duration: 00:00:01.2460368",Normal
UnifyLog20230611.csv:21786:20230611,15:38:16,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=spoyn,OU=Standard
Users,OU=X,DC=local in AD: Unable to contact the server. This may be because this server does not exist, it is currently down, or it does not have the Active Directory Web Services running.",Normal
UnifyLog20230612.csv:24388:Add entities [Count:7] to connector AD User reported 7 entities saved, 0 failed. Duration: 00:00:01.7047121",Normal
UnifyLog20230612.csv:24410:20230612,15:40:07,UNIFYBroker,PowerShellTask,Error,"Birthright group assignment cannot be performed due to provision failure - error searching for user CN=aeasl,OU=Standard
Users,OU=X,DC=local in AD: Unable to contact the server. This may be because this server does not exist, it is currently down, or it does not have the Active Directory Web Services running.",Normal
UnifyLog20230612.csv:24465:Add entities [Count:2] to connector AD User reported 2 entities saved, 0 failed. Duration: 00:00:00.1749234",Normal
UnifyLog20230613.csv:11991:Add entities [Count:1] to connector AD User reported 1 entities saved, 0 failed. Duration: 00:00:00.2090408",Normal
UnifyLog20230613.csv:25059:Add entities [Count:2] to connector AD User reported 2 entities saved, 0 failed. Duration: 00:00:01.2958574",Normal
UnifyLog20230614.csv:17864:Add entities [Count:1] to connector AD User reported 1 entities saved, 0 failed. Duration: 00:00:00.1804325",Normal
UnifyLog20230614.csv:29130:Add entities [Count:2] to connector AD User reported 2 entities saved, 0 failed. Duration: 00:00:01.2327871",Normal
The birthright group provisioning is a critical event-driven call and it must succeed. Can you please investigate why it failed like this and see if there's some way to improve it's reliability?
Aurion connector exports fail when import runs concurrently due to logoff
When an Aurion connector import operation runs while a connector export is already running the export fails with its session logged off:
14:30:00 baseline sync kicks off export:
Synchronization job started syncing 7977 changes on the 'Managed User > Aurion Security User' link from the locker to adapter. Job ID: 9f521182-e52e-4082-8685-899600d4456f",Normal
14:33:37 evidence of exports occurring:
Add entities [Count:3] to connector Aurion Security User reported 3 entities saved, 3 failed. Duration: 00:00:01.0862857",Normal
14:51:15 scheduled import operation runs:
20230531,14:51:15,UNIFYBroker,Change detection engine,Information,"Change detection engine import all items started.
Change detection engine import all items for connector Aurion Security User started.",Normal
14:52:54 hundreds of failed updates reported due to logoff (shared session with import?):
20230531,14:52:54,UNIFYBroker,Connector,Information,"Update entities to connector completed.
Update entities 6375 to connector Aurion Security User reported 6375 entities saved, 225 failed. Duration: 00:19:11.1067288",Normal
20230531,14:52:54,UNIFYBroker,EntitySaver,Error,The entity bcoff (2a12bf64-7aec-4101-a696-fa84054b0a0d) for the adapter Aurion Security User (f3c9eba8-ccd2-447b-ba37-67796af63171) failed to update for the following reasons: Aurion API error -1: You are not logged on to the Aurion web services application server. Use the LOGON operation.,Normal
20230531,14:52:54,UNIFYBroker,EntitySaver,Error,The entity kbair (603121f8-2724-4d34-a177-630bb718656b) for the adapter Aurion Security User (f3c9eba8-ccd2-447b-ba37-67796af63171) failed to update for the following reasons: Aurion API error -1: You are not logged on to the Aurion web services application server. Use the LOGON operation.,Normal
…
Either import and export operations should be able to run concurrently without interfering with each other, or otherwise the system should not permit them to run concurrently.
Fix should be contained in the overarching fix for the LOGON issue.
Allow TCP keepalives to be set for Aurion connectors
Matt wrote in email:
I have found some documentation that suggest long-lived TCP connections in Azure components are terminated after 4 minutes. Normally, you’d hope that a terminated TCP connection would immediately result in an exception such as “the underlying connection was closed”.
... I was able to reproduce the lack of response on this report in both the PowerShell harness and SoapUI. After some testing to force the connection to stay alive, I was able to find a way to successfully get this report to import on the test VM.
.... I’ll have to investigate the best way to solve this one long term. It might be something we need to set inside the connector, or inside UNIFYBroker, or inside the platform. I’m not sure if the problem is unique to Aurion or whether we can replicate it elsewhere – that’ll be part of the investigation to determine the best way to fix it. This command shouldn’t even be necessary – so we’d have to investigate the side effects of it and ensure that we won’t break something else by having this set.
Due to my customer having long running reports, could you please provide a fix for this issue?
Aurion API function used by the Person connector for export
Hi @Matthew Davis @Beau Harrison
A customer has asked which Aurion API function is used by the Aurion Person connector export functionality. I believe it’s EMP_UPDATE_PERS. Can you please confirm?
Thanks
Hi Adrian,
The export functions used by the connectors is listed on their documentation pages:
Aurion Person Connector / UNIFYBroker knowledge / UNIFY Solutions
You're correct for the person connector - it uses the EMP_UPDATE_PERS function for exports.
AD User import: System.NullReferenceException: Object reference not set to an instance of an object.
The following error is occurring on both Full imports and Delta imports from Active Directory, in a customer UNIFYConnect environment:
20230512,02:28:25,UNIFYBroker,Change detection engine,Error,"Change detection engine import changes failed. Change detection engine import changes for connector AD User failed with reason One or more errors occurred.. Duration: 00:00:02.9714687 Error details: System.AggregateException: One or more errors occurred. ---> System.NullReferenceException: Object reference not set to an instance of an object. at Unify.Connectors.AD.ADConnector.TransformEntry(ADAgent agent, SearchResultEntry searchResultEntry, Int64& uSNChangedToken) at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at Unify.Framework.Collections.EnumerableExtensions.d__10`1.MoveNext() at System.Linq.Buffer`1..ctor(IEnumerable`1 source) at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source) at Unify.Product.IdentityBroker.AuditEntityPollingAsyncConnectorDecorator.<>c__DisplayClass1_0.b__0(IEnumerable`1 entities) at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass8_0`1.b__0(Task`1 t) at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass5_0`1.b__0(Task`1 t) at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke() at System.Threading.Tasks.Task.Execute() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Unify.Product.IdentityBroker.EventNotifierEntityPollingAsyncConnectorDecorator.d__1.MoveNext() --- End of inner exception stack trace --- at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification) at Unify.Product.IdentityBroker.ChangeDetectionEntityPollAsyncJob.RunBase() at Unify.Framework.DefinedScopeJobAuditTrailJobDecorator.Run() at Unify.Product.IdentityBroker.ConnectorJobExecutor.<>c__DisplayClass30_0.b__0() at Unify.Framework.AsynchronousJobExecutor.PerformJobCallback(Object state) ---> (Inner Exception #0) System.NullReferenceException: Object reference not set to an instance of an object. at Unify.Connectors.AD.ADConnector.TransformEntry(ADAgent agent, SearchResultEntry searchResultEntry, Int64& uSNChangedToken) at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at Unify.Framework.Collections.EnumerableExtensions.d__10`1.MoveNext() at System.Linq.Buffer`1..ctor(IEnumerable`1 source) at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source) at Unify.Product.IdentityBroker.AuditEntityPollingAsyncConnectorDecorator.<>c__DisplayClass1_0.b__0(IEnumerable`1 entities) at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass8_0`1.b__0(Task`1 t) at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass5_0`1.b__0(Task`1 t) at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke() at System.Threading.Tasks.Task.Execute() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Unify.Product.IdentityBroker.EventNotifierEntityPollingAsyncConnectorDecorator.d__1.MoveNext()<--- ",Normal
Customer support service by UserEcho
