@HSF, We migrated IdB4.0 to 4.1 and we have configured in FIM to flow email address to update back in chris21. And during testing chris21 tech team found that IdB is updating attributes like surname, dob etc in addition to email address. I checked all connector and adapter configuration, there is no flow to the above attributes. in FIM there is just one export flow from MV to chris21 person, email address. I can send the adapter and connector config, but couldnt find a way to add them here.

I'm getting the following error on import from Identity Broker for chris21 v4.1.

Change detection engine import all items failed.Change detection engine import all items for connector Chris21 Person Connector failed with reason An error occurred while evaluating a task on a worker thread. See the inner exception details for information.. Duration: 00:00:51.0016320
Error details:
Unify.Framework.EvaluatorVisitorException: An error occurred while evaluating a task on a worker thread. See the inner exception details for information. ---> System.ArgumentException: An item with the same key has already been added.
at System.Collections.Generic.Dictionary`2.Insert(TKey key, TValue value, Boolean add)
at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer)
at System.Linq.Enumerable.ToDictionary[TSource,TKey](IEnumerable`1 source, Func`2 keySelector)
at Unify.Product.IdentityBroker.PageableEntityChangesReportGenerator`2.ToDistinctChangesEnumerable(IEnumerable`1 entitiesWithKey, IHashSet`1& knownEntityKeys)
at Unify.Product.IdentityBroker.PageableEntityChangesReportGenerator`2.CreateDifferencesReport(IEnumerable`1 knownEntities, IEnumerable`1 newEntities)
at Unify.Product.IdentityBroker.RepositoryChangeDetectionWorkerBase.PerformChangeDetectionOnConnectorEntityPage(IEnumerable`1 connectorEntities, Int32& index, Int32 entitiesProcessedSoFar, IEntityChangesReportGenerator`2 reportGenerator, IHashSet`1 seenKeys)
at Unify.Product.IdentityBroker.RepositoryChangeDetectionWorkerBase.<>c__DisplayClass12_0.<PerformChangeDetection>b__0(IEnumerable`1 page)
at Unify.Framework.Visitor.ThreadsafeVisitorEvaluator`1.ThreadsafeItemEvaluator.Evaluate()
--- End of inner exception stack trace ---
at Unify.Framework.Visitor.ThreadsafeVisitorEvaluator`1.CheckForException()
at Unify.Framework.Visitor.ThreadsafeVisitorEvaluator`1.WaitForAvailableThread()
at Unify.Framework.Visitor.ThreadsafeVisitorEvaluator`1.Visit()
at Unify.Product.IdentityBroker.RepositoryChangeDetectionWorkerBase.PerformChangeDetection(IEnumerable`1 connectorEntities)
at Unify.Product.IdentityBroker.ChangeDetectionImportAllJob.ImportAllChangeProcess()
at Unify.Product.IdentityBroker.ChangeDetectionImportAllJob.RunBase()
at Unify.Framework.DefinedScopeJobAuditTrailJobDecorator.Run()
at Unify.Product.IdentityBroker.ConnectorJobExecutor.<>c__DisplayClass27_0.<Run>b__0()
at Unify.Framework.AsynchronousJobExecutor.PerformJobCallback(Object state)

Aurion is giving me multiple security records per person. I have been told the only way to select the correct record is to go for the one where "Clearance Date To" is NULL. How do I do this in IdB 5?

I know I have seen this before, but cannot find it anywhere.

The ISAS connector at TAFE is a SQL connector and is not showing me its config in any kind of user friendly way. Any idea what needs to be done to rectify? I assume (but do not know) that it used to be correct.

Does IdentityBroker support the SQL AlwaysOn Availability Groups feature introduced with SQL2016? An "early adopter" preview of a MIM2016 supporting this feature has just been made available to MVPs, and with growing awareness of this feature, it would be good to put this on the roadmap if it's not already there.

Import is failing for Google User Settings Connector after exactly 1 hour (log entries attached).

Error Google User Settings.txt

I've noticed in the AdapterEnginePlugInKey config file, when creating adapter transformations, the powershell transformation lists its name as PoweShell:

<adapter name="PoweShell" key="fcc41e33-bff4-4286-8aa8-610a46f2d9ce">              
    <Extended xmlns="">
        <Scripts transformationScript="..." />
    </Extended>
</adapter>

Not a huge deal; no loss of functionality has been reported because of it as far as i'm aware.

Client is reporting an issue with IdB 5.1.0 Rev 2 where DN creation is not escaping LDAP reserved characters, resulting in an exception being thrown on reflection attempt.

Exception message (truncated):

20170224,04:30:52,UNIFY Identity Broker,Adapter,Error,"Request to reflect change entities of the adapter.Request to reflect change entities of the COPP Class adapter (44f6b6c4-005e-420c-9331-21b04e0cbf77) adapter errored with message: Value 2 is not a valid hexadecimal number.Parameter name: sourceValue. Duration: 00:00:01.0537045
Error details:System.ArgumentException: Value 2 is not a valid hexadecimal number.Parameter name: sourceValue
at Unify.Framework.IO.DNComponentAttributeValueParserAdapter.Transform(String sourceValue)

1\2 MS
1\2C

In IDB 3.0, the values were being escaped for DN creation:

"UID=COPP:1\\2 MS,DC=class class COPP COPP:1\2 MS"
"UID=COPP:1\\2C,DC=class class COPP COPP:1\2C"

In V3, the DN creation was set up as the following:

<dn>    
    <dnComponent name="Field" attributeType="CN" key="srksNumber"/>
    <dnComponent name="Constant" attributeType="DC" value="student"/>
</dn>

In V5, it is set up as follows:

<dn template="CN=[srksNumber]" />

Few other differences between the V3 and V5 setup for the client; V3 used custom connector while V5 is using OOTB SQL connector. I've attached the adapter configuration for both 3 and 5 to this issue.

AdapterEngine.extensibility.config.xml - v3 config

Unify.Product.IdentityBroker.AdapterEnginePlugInKey.extensibility.config.xml - v5 config

It's my understanding that the DN is meant to be automatically escaped for creation - is there a configuration step that has been missed in this case?

See Client Ticket for further details / attachments: https://unifysolutions.jira.com/browse/ACTDET-49

I have made a backup of the IdB 4.0 files and run the install of 4.1.5, but it didn't upgrade the configuration files. I have edited the connector and adapter files by removing expert v7.5 so that we only have chris21.

I am getting the error below when adding a group with other groups as members. I can add the groups to membership manually and the subsequent import imports the membership with the correct DN.

Error Nested Group Members.txt

Image below shows the groups added manually and the one that is failing. The failing group was added manually to confirm it is possible.