Identity Broker Forum
Welcome to the community forum for Identity Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.
Organisations: Object reference not set to an instance of an object.
I am exporting Organisations to Sharepoint. As can be seen in the image below, the IdMParentProfileReference is being updated to include the full DN.
the following error is being thrown:
System.ServiceModel.FaultException`1[System.ServiceModel.ExceptionDetail]: Object reference not set to an instance of an object. (Fault Detail is equal to An ExceptionDetail, likely created by IncludeExceptionDetailInFaults=true, whose value is:
System.NullReferenceException: Object reference not set to an instance of an object.
at Unify.Connectors.SharePoint.SharePoint2010WCFService.UNIFYIdentityBrokerService.SharePoint2010OrganizationProfileService.<>c__DisplayClass29.<PopulateProfile>b__22(PropertyDataContract property)
at Unify.Connectors.SharePoint.SharePoint2010WCFService.UNIFYIdentityBrokerService.EnumeratorExtensions.Visit[T](IEnumerable`1 enumerable, Action`1 action)
at Unify.Connectors.SharePoint.SharePoint2010WCFService.UNIFYIdentityBrokerService.SharePoint2010OrganizationProfileService.PopulateProfile(OrganizationProfileData organizationProfile, OrganizationProfile profile, IEnumerable`1 schemaValueNames)
at Unify.Connectors.SharePoint.SharePoint2010WCFService.UNIFYIdentityBrokerService.SharePoint2010OrganizationProfileService.UpdateOrganizationProfile(OrganizationProfileData organizationProfile, String[] schemaValueNames)
at S...).
The IdMProfileReference is a reference between objects, so is set by the DN of the Parent Object.
Do I need to configure the IdMProfileReference to the full DN, or should the adapter be converting?
Matt,
Please try this one: Unify.Connectors.SharePoint.SharePoint2010WCFService.wsp
"The method or operation is not implemented" during reflection
20170622,04:40:15,UNIFY Identity Broker,Adapter,Error,"Adapter Adapter d68b1c92-f699-4484-b543-328a0607375a page errored on page reflection. Duration: 00:00:01.6547524. Error: System.NotImplementedException: The method or operation is not implemented. at Unify.Product.IdentityBroker.EntityIdBIDTemplateDistinguishedNameComponentExecutor.GetKey() at System.Linq.Enumerable.<selectmanyiterator>d__16`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at System.Linq.Enumerable.<selectmanyiterator>d__16`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at System.Linq.Enumerable.WhereEnumerableIterator`1.MoveNext() at System.Linq.Buffer`1..ctor(IEnumerable`1 source) at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source) at Unify.Product.IdentityBroker.KnownEntityBase`3.GetBaseKeysIter(TKey key) at Unify.Product.IdentityBroker.KnownEntityBase`3.GetValueOriginInformation(TKey key) at Unify.Product.IdentityBroker.EntityToEntityValueOriginsAdapter`2.<>c__DisplayClass3_0.<transform>b__0(GroupedNameValueCollectionKey schemaKey) at System.Linq.Enumerable.<selectmanyiterator>d__16`2.MoveNext() at System.Linq.Enumerable.<selectmanyiterator>d__16`2.MoveNext() at System.Linq.Buffer`1..ctor(IEnumerable`1 source) at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source) at Unify.Product.IdentityBroker.Adapter.WriteReflectionPageAdapterChanges(IAdapterEntityPartitionUpdatableContext adapterContext, IDictionaryTwoPassDifferenceReport`4 report, IAdapterEntity[] newAdapterEntities) at Unify.Product.IdentityBroker.Adapter.ReflectChangesInner() at Unify.Product.IdentityBroker.Adapter.ReflectChanges() at Unify.Product.IdentityBroker.AdapterAuditingDecorator.ReflectChanges() at Unify.Product.IdentityBroker.AdapterNotifierDecorator.ReflectChanges() at Unify.Product.IdentityBroker.ReflectAdapterOnChangeDueJob.<runbase>b__9_0(IOperationalAdapter adapter).
Please try placing the following file Unify.IdentityBroker.Entity.Schema.dll into the Services directory and restarting the service.
An error occurred at the adapter level, before the entity was exported to the connector.
Error exporting users to Sharepoint:
Unify.Framework.UnifyDataException: An error occurred at the adapter level, before the entity was exported to the connector. Check the logs for any exceptions related to the export.
at Unify.Product.IdentityBroker.Adapter.<>c.<.ctor>b__24_5
Hi Matt, Please replace the following DLL: Unify.Connectors.Microsoft.SharePoint.dll and re-request the schema - the RecordId field should swap to not required.
Connector Test Harness Not Working v5.1.0 with IdB Plus
I've attempted to install the Connector Test Harness . I unzipped the folder and placed the files in the web bin as directed. After a restart of the service there is no PlugIns link in the menu bar. I navigated manually to http://localhost:8008/plugin and it served a page but with just a title saying PlugIns and nothing else.
Installed components:
- Identity Broker 5.1.0
- Identity Broker Plus 5.1.0
- Identity Broker for Chris21 5.1.0
- Identity Broker for Active Directory 5.1.0
Hi Daniel,
Can you please remove Unify.IdentityBroker.Connector.TestHarness.dll from the Web\bin directory and instead add Unify.Connect.Web.Connector.TestHarness.dll
Add request failed as the converted DN blah does not match the request DN otherBlah
Seeing the error below in exporting users to Sharepoint.
Is there a DN requirement in Sharepoint?
Add request failed as the converted DN UID=18df1b3e-7787-429b-b0a0-ddad2ed4b1a4,OU=SPUsers,DC=IdentityBroker does not match the request DN CN=wxli,OU=SPUsers,DC=IdentityBroker.
Hi Matt,
This error indicates that the DN that you are generating in your IDM platform differs from the DN generated by Identity Broker based on the Distinguished Name Template for your adapter. You'll need to reconfigure one or the other so that they match. Just a note that if you use @IdBID in the DN template, you will also need to supply a value for the entryUUID field as part of your add requests.
Powershell connector in IdB fails on import, "You cannot call a method on a null-valued expression"
Import All and Import Changes both fail with the same error message: "Change detection engine import all items for connector Staff Advanced Attribute Precedence Connector failed with reason You cannot call a method on a null-valued expression.. Duration: 00:04:36.5985550"
Checked the data the script should be pulling in and it appears to be fine. Logging in powershell script suggests it finishes its part just fine.
Have tried clearing entities from the IdB connector.
Each import fails at varying entity counts, sometimes round numbers like 10000 or 11500 other times 10781.
Regarding the failure at certain points - that'll be because Identity Broker internally batches up entities so that it can more efficiently perform change detection.
I had a quick look at the script - your logging could be replaced/supplemented with https://unifysolutions.jira.com/wiki/display/IDB51/Logger
The failure is inside your script, so better error handling/logging would help you identify what's going wrong with it. It's like one of your calls is returning null, then you're carrying on as though it was fine - thus causing the exception (think null reference exception - but for PowerShell).
Questions around IdB plus solution - Chris21 to AD & Exchange
Do we
have schemas for the Chris21 forms somewhere?
Does IdB plus have a concept of initial flow only? For password
For provisioning mailboxes via IdB plus, would I just write a PowerShell script in the post-provisioning step? Does post-provisioning only run on creation or also on synchronisation?
How does syncing the manager attribute to AD in IdB Plus work? Do I generate a DN in the transformation and flow that or is there something special with reference attributes especially to do with the order of provisioning (manager not provisioned/joined yet but a reference is flowed)?
What triggers a synchronisation on a specific user? Because in Chris21 the manager is in a position and if the person filling that position changes it will need to update the manager attribute on all users whose manager just changed.
I'm also not sure where DN calculation should take place since it needs to be ensured unique. Do I have access to the entities in a pre-provisioning script like I have in a PowerShell adapter transformation so that I can check for uniqueness then set it back to the entity and have that flow out on provision? Same for sAMAccountName.
Do we have schemas for the Chris21 forms somewhere?
Yes, it's one of our most widely used connectors, check out any of the other projects or fire up a demo machine.
Does IdB plus have a concept of initial flow only? For password
Yes, for connectors that support password sync they often have a concept of an initial password script.
For provisioning mailboxes via IdB plus, would I just write a PowerShell script in the post-provisioning step? Does post-provisioning only run on creation or also on synchronisation?
https://unifysolutions.jira.com/wiki/display/IDBPLUS51/Tasks
How does syncing the manager attribute to AD in IdB Plus work? Do I generate a DN in the transformation and flow that or is there something special with reference attributes especially to do with the order of provisioning (manager not provisioned/joined yet but a reference is flowed)?
This has been done before, check out another solution.
What triggers a synchronisation on a specific user? Because in Chris21 the manager is in a position and if the person filling that position changes it will need to update the manager attribute on all users whose manager just changed.
https://unifysolutions.jira.com/wiki/display/IDBPLUS51/Synchronization
I'm also not sure where DN calculation should take place since it needs to be ensured unique. Do I have access to the entities in a pre-provisioning script like I have in a PowerShell adapter transformation so that I can check for uniqueness then set it back to the entity and have that flow out on provision? Same for sAMAccountName.
https://unifysolutions.jira.com/wiki/display/IDBPLUS51/Tasks
"Attempted to perform an unauthorized operation" Error on Export
Permissions like error upon export to Sharepoint. I have reviewed the Pre-reqs and it appears as though the service account has the appropriate rights (screenshots below).
Are there additional rights required?
Matthew
System.ServiceModel.FaultException`1[System.ServiceModel.ExceptionDetail]: Attempted to perform an unauthorized operation. (Fault Detail is equal to An ExceptionDetail, likely created by IncludeExceptionDetailInFaults=true, whose value is: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation. at Microsoft.Office.Server.UserProfiles.OrganizationProfileValueCollection.CheckUpdatePermissions() at Microsoft.Office.Server.UserProfiles.ProfileValueCollectionBase.set_Value(Object value) at Microsoft.Office.Server.UserProfiles.OrganizationProfile.set_DisplayName(String value) at Unify.Connectors.SharePoint.SharePoint2010WCFService.UNIFYIdentityBrokerService.SharePoint2010OrganizationProfileService.PopulateProfile(OrganizationProfileData organizationProfile, OrganizationProfile profile, IEnumerable`1 schemaValueNames) at Unify.Connectors.SharePoint.SharePoint2010WCFService.UNIFYIdentityBrokerService.SharePoint2010OrganizationProfileService.UpdateOrganizationProfile(OrganizationProfileData organizationProfile, String[] schemaValueNames) at SyncInvokeUpdateOrganizationProfile(Object , Object[] , Object[] ) ...).
In all three cases, the stack traces show the error is raised inside the Microsoft library (Microsoft.Office.Server.UserProfiles) and we are reporting them as-is.
How do I convert the stored bigintvalue to a datetime?
I'm doing some data analysis and need to get a datetime value out of the IdB database where it is stored as a BigIntValue. How do I convert this to a readable format? I found a select query that would convert Unix time but it didn't work on these values (Arithmetic overflow error). Anyway the IdB values look different to those examples.
They are .NET ticks (UTC). TicksToTime.ps1
However, keep in mind that operations directly against the database are not supported and could also change/break between versions.
Incorrect Error Reporting in AD Connector OU Misconfiguration
When the Object Container is misconfigured in an AD Connector the error that you get does not describe the issue. The error you get is something like
"System.FormatException: Index (zero based) must be greater than or equal to zero and less than the size of the argument list."
when it should be something like "
System.Exception: Received error code NoSuchObject. Message: 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=contosso,DC=com'
---> System.DirectoryServices.Protocols.DirectoryOperationException: The object does not exist.
"
Customer support service by UserEcho
