Identity Broker Forum
Welcome to the community forum for Identity Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.
Modify type returned by Time Offset Flag transformation.
The value output by the Time Offset Flag Transformation that FIM imports from IdB 3.x is interpreted as a boolean. There might be some automatic casting occurring based on selection of the attribute type in the Identity Broker FIM connector.
5.1 returns a string and the automatic casting is not available.
Is there any way to select the returned object type?
Hi Matt,
No, the type of the field generated by a Time Offset Flag transformation must be a string type and cannot currently be changed.
Reflection fails with "An item with the same key has already been added"
Accountname is a DistinguishedName attribute & is used in Sharepoint connector as the Key and also as the DN in adapter.
No key duplication errors are being seen.
Data can be imported without error with Adapter disabled.
When 'Generate Changes' is performed the error below is thrown. Is this the correct way to use a DN attribute as a DN? Not sure if this is a bug or misconfiguration.
<AdapterConfiguration AdapterId="4e96758c-06c5-44dd-9f32-557b3e75d16f" AdapterName="SharePoint Profiles" containerName="SPUsers" enabled="false" BaseConnectorId="770d9450-dcc8-41c9-b0b4-bc2d46fdc3ae" class="person"> <dn template="[AccountName]" /> <Groups /> <adapterEntityTransformationFactory name="Sequential"> <adapter name="Move" key="1bec7d3a-9384-49b6-ad4b-8266e5a286b0"> <Extended> <columnMappings> <columnMapping SourceAttribute="UserProfile_GUID" TargetAttribute="UserProfileGUID" /> </columnMappings> </Extended> </adapter> </adapterEntityTransformationFactory> </AdapterConfiguration>
20170605,07:13:28,UNIFY Identity Broker,Adapter,Error,"Request to reflect change entities of the adapter. Request to reflect change entities of the SharePoint Profiles (4e96758c-06c5-44dd-9f32-557b3e75d16f) adapter errored with message: An item with the same key has already been added.. Duration: 00:00:00.5937686 Error details: System.ArgumentException: An item with the same key has already been added. at System.ThrowHelper.ThrowArgumentException(ExceptionResource resource) at System.Collections.Generic.Dictionary`2.Insert(TKey key, TValue value, Boolean add) at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer) at Unify.Product.IdentityBroker.Adapter.ConvertPageAndUpdateContainers(IEntity[] entities, Boolean updateContainers) at Unify.Product.IdentityBroker.Adapter.ReflectChangesInner() at Unify.Product.IdentityBroker.Adapter.ReflectChanges() at Unify.Product.IdentityBroker.AdapterAuditingDecorator.ReflectChanges() at Unify.Product.IdentityBroker.AdapterNotifierDecorator.ReflectChanges() at Unify.Product.IdentityBroker.ReflectAdapterOnChangeDueJob.<RunBase>b__9_0(IOperationalAdapter adapter)",Normal
Hi Matt,
I have identified the cause of the issue, and the following Unify.Framework.IO.LDIF.dll, when placed into the Services directory, should resolve this. This patch will be included in future versions of Identity Broker v5.1 and up.
The Connector Does not support anchor modification
Hi,
i dont find much documentation on error codes for the Identity Broker, but this anchor modification is a new error that i see in the exporting errors.
Can someone explain to me what this is, and how to fix this?
Hi Werner,
This is currently documented at Anchor Modification and Handling Renames. It means that the solution is attempting to update the value of the key field for the connector - for a connector that doesn't support the operation. The fix is to stop attempting these operations.
Thanks.
Query T001F065_ACTUAL_POSITION_NO in IdB 5.x Aurion Position query
Client DBA was able to determine that the Aurion position connector actually runs 3 queries in IDB version 3 and 5.
The first and third are identical but the second script is totally different.
In version 3, the position appears to be retrieved from "T001F065_ACTUAL_POSITION_NO" whereas in version 5 appears to try to determine position information from "T101F005_POSITION_NO".
Is it possible to have the position query retrieve data from "T001F065_ACTUAL_POSITION_NO" in IdB 5.x?
OK, It sounds as though there is a misalignment between dev & prod. Will ask them to update the environment.
Boolean Constant attribute appears as String in connector space
As shown in the image below, Boolean constant appears as a string in the Connector Space.
Without knowing what sharing exists in MIM between MAs for identical object types and attributes, it seems you have a bug on your hands. You've demonstrated that we are reporting the correct type to MIM and that MIM is capable of understanding the schema correctly, but for some reason with that name it's stuck thinking it's a string. You'll have to either raise a support ticket with Microsoft, or stick to the changed field name and move on.
Export Returns Entity Schema Validation Error
Previous Version: Microsoft Dynamics CRM Connector 4.1.1.1
Upgraded Version: Microsoft Dynamics CRM Connector 5.1.0.0
Management Agent Export Error:
System.Exception: A -2147204326 fault occurred with message A validation error occurred. The value of 'address3_addresstypecode' on record of type 'contact' is outside the valid range.. See the server logs for details.
[Microsoft.Crm.ObjectModel: Microsoft.Crm.ObjectModel.TargetAttributeValidationPlugin]
[fc743e7d-fbea-4695-bdb9-7d78334c8474: TargetAttributeValidationPlugin]
at Unify.Product.IdentityBroker.DynamicsCrmAgent.GetException(OrganizationServiceFault fault)
IdB Stack Trace
Request to retrieve logs.
Request to retrieve logs failed with message Collection was modified; enumeration operation may not execute.. Date: 31/05/2017. Skip: 0. Take: 10. Search: address3_addresstypecode. Duration: 00:00:03.7129126
Error details:
System.InvalidOperationException: Collection was modified; enumeration operation may not execute.
at System.Collections.Generic.List`1.Enumerator.MoveNextRare()
at System.Linq.Enumerable.WhereListIterator`1.MoveNext()
at System.Linq.Enumerable.<SkipIterator>d__4d`1.MoveNext()
at System.Linq.Enumerable.<TakeIterator>d__3a`1.MoveNext()
at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
at Unify.Framework.Logging.LoggingEngineNotifierDecorator.<>c__DisplayClass6_0.<ReadLogSearch>b__0()
at Unify.Framework.Notification.NotifierDecoratorBase.Notify[TResult](ITaskNotificationFactory notificationFactory, Func`1 function)
at Unify.Framework.Logging.LoggingEngineNotifierDecorator.ReadLogSearch(DateTime date, String search, Int32 skip, Int32 take)
at Unify.Product.IdentityBroker.IdentityServiceCollector.ReadLogSearchSkipTake(DateTime date, String search, Int32 skip, Int32 take)
at SyncInvokeReadLogSearchSkipTake(Object , Object[] , Object[] )
at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc)
at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
Confirmed this is a CRM/client specific issue and can be safely ignored.
The new ECMA 2.0 IdB MA export run profile returns "cd-error" after the IdB/CRM Connector upgrade (from v4.x to v5.1.x)
The new ECMA 2.0 IdB Mangement Agent Export Run Profile Returns "cd-error" after the IdB/CRM Connector Upgrade (from v4.x to v5.1.x)
Previous Version: Microsoft Dynamics CRM Connector 4.1.1.1
Upgraded Version: Microsoft Dynamics CRM Connector 5.1.0.0
IdB error logs
| .Net
SqlClient Data Provider: System.Data.SqlClient.SqlException (0x80131904): Transaction (Process ID 56) was deadlocked on lock resources with another process and has been chosen as the deadlock victim. Rerun the transaction. at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction) ..... Error Number:1205,State:48,Class:13 |
Summary from Aneesh (private comment):
To recap, this issue is caused by imports and exports to CRM (though via different connectors) running at the same time and timing out. Curtis, you suggested running two operations in isolation. I reviewed the CRM Management Agents (MA) and I can see that this MA (Dynamics CRM – Export) is only used for exporting change back to the CRM and there is a separate MA called “Dynamics CRM – Users” is created to import changes from CRM. I am not sure why two separate management agents created instead of just one for both import and export operations. I will check with the client. If no real reason, I will recommend merging both MA’s into just one MA to avoid any concurrency issues.
Date handling changes
I have a date attribute in my Aurion Adapter called DateCommenced.
In the IdB UI it appears as 2010-05-24.
When it imports into MIM, it's a string type and is shown in the connector space as:
2010-05-24T00:00:00:000
When I look at FIM, (which we're replacing) it's also a string type, however it's shown in the connector space as:
2010-05-24
Has something changed in the handling of Dates between 3.x and 5.x?
Yes, this is a fix in v4.0 as per http://voice.unifysolutions.net/topics/499-support-date-format-in-ldif-that-is-recognised-by-fim-portal/ and https://unifysolutions.jira.com/browse/IDB-662.
Time Offset Flag Transformation throws error when no data present
The UI is displaying "Specified argument was out of the range of valid values. Parameter name: key" after configuring a Time Offset Flag Transformation. Looking at the data, there is nothing currently in the column, I suspect this might be causing the error.
There are two configured transformations:
<adapter name="TimeOffsetFlag" key="e761c890-313b-4b88-bfcf-272595dcf784">
<Extended offset="-P15DT10H" sourceColumn="DateCommenced" destinationColumn="EmployeeStarted" LesserValue="True" EqualValue="True" GreaterValue="False" NullValue="False" adjustForLocal="false" xmlns="" />
</adapter>
<adapter name="TimeOffsetFlag" key="00eaab5c-89e9-41b4-9728-e7b342d07db8">
<Extended offset="PT10H" sourceColumn="DateTerminated" destinationColumn="EmployeeTerminated" LesserValue="False" EqualValue="True" GreaterValue="False" NullValue="True" adjustForLocal="false" xmlns="" />
</adapter>
The first one foes not throw an error. The second one does.
Hi Matt,
Where is the UI displaying this error? Is it under the Transformations section, between a heading Time Offset Flag and its corresponding description? Please ensure that you don't have duplicate column names in your adapter, i.e. that there isn't already a column named DateTerminated. If there is, either rename the existing column or change the Target for the Time Offset Flag Transformation.
Object reference not set to an instance of an object error when attempting to retrieve schema
When trying to retrieve schema, MIM throws error below.
Log Name: Application Source: FIMSynchronizationService Date: 30/05/2017 8:44:54 AM Event ID: 6801 Task Category: Server Level: Error Keywords: Classic User: N/A Computer: dc1devfim01.dev.apra.gov.au Description: The extensible extension returned an unsupported error. The stack trace is: "Unify.Product.IdentityBroker.LdapOperationException: Object reference not set to an instance of an object. at Unify.Product.IdentityBroker.LdapConnection.SendRequest(ILdapRequest request) at Unify.Product.IdentityBroker.LdapConnection.GetSchema(String schemaDn) at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() at System.Linq.Enumerable.Aggregate[TSource](IEnumerable`1 source, Func`3 func) at Unify.Product.IdentityBroker.LdapConnectionProxy.get_LdapSchema() at Unify.Product.IdentityBroker.LdapConnectionProxy.get_Schema() at Unify.Product.IdentityBroker.UnifyLdapConnectorTypeProxy.GetSchema(KeyedCollection`2 configParameters) at Unify.Product.IdentityBroker.UnifyLdapConnector.GetSchema(KeyedCollection`2 configParameters) Forefront Identity Manager 4.4.1459.0"Error in logs is as follows:
20170529,22:44:53,UNIFY Identity Broker,Security engine,Information,"Require an LDAP access level Request to require LDAP access level Read completed successfully.",Verbose 20170529,22:44:53,UNIFY Identity Broker,LDAP engine,Error,"Handling of LDAP schema request. Handling of LDAP schema request from user mim on connection 127.0.0.1:65135 for the server schema failed with error ""Ob ject reference not set to an instance of an object."". Duration: 00:00:00.",Normal 20170529,22:44:53,UNIFY Identity Broker,LDAP Engine,Error,"An error occurred on client from 127.0.0.1:65135. More detail s: Internal Server Error #11: System.NullReferenceException: Object reference not set to an instance of an object. at Unify.Product.IdentityBroker.SearchRequestHandlerBase.HandleRequest(IRfcLdapMessage message, CancellationToken tok en, Action`1 postAction) at Unify.Product.IdentityBroker.RequestHandlerAuditingDecorator.HandleRequest(IRfcLdapMessage message, CancellationTo ken token, Action`1 postAction) at Unify.Product.IdentityBroker.LDAPRequestHandlerSecurityDecorator.HandleRequest(IRfcLdapMessage message, Cancellati onToken token, Action`1 postAction) at Unify.Product.IdentityBroker.LDAPConnection.<RespondToMessageAsync>d__33.MoveNext()",Normal 20170529,22:44:53,UNIFY Identity Broker,LDAP engine,Information,"Handling of LDAP unbind request. Handling of LDAP unbind request received on connection mim to connect as user 127.0.0.1:65135 started.",Verbose 20170529,22:44:53,UNIFY Identity Broker,Security engine,Information,"Require an LDAP access level
Hi Matt,
Thanks for the feedback, I agree that the product could handle this more gracefully, and we'll take it into consideration.
For your immediate issue, you should be able to resolve this by removing the container corresponding to the previous container name and re-populating the adapter entity context.
Customer support service by UserEcho
