Using IDB5 (5.0.3 - not yet confirmed if this is still an issue with 5.0.4, but looking at the list of fixes, I suspect so).

Exporting a user to DET's CAMS system, for which a connector has been written. In Dev the system uses a dummy web service front end to allow users to be exported. If an export occurs when the service is unavailable, then an error is returned to the MA (in this case a missing end point error). That is as expected.

At this point, an entity search in the adapter does not show the user as being there.

Starting the web service and repeating the export from FIM, gives a cd-existing-object error.

To enable the export to complete successfully, it was necessary to run an import all on the the IDB5 connector - even though this reported no pending changes and no change to the number of adapter entities.

Any idea what might be going on?

When searching adapter space and trying to filter on a GUID based attribute, if the value put in the filter is not a GUID, then a System.FormatException is thrown (no surprise there). The problem is (and I am not sure if this is a bug or simply how it should behave) that I cannot find any way to clear that error or clear the filter. The only way to get a valid entity search screen back is to restart the service or restart the browser. It would be nice if refreshing the adapter view or re-selecting the entity count would present the normal entity list

With IDB5.0.3 configured for the Extensible Connectivity 2 Management Agent using the dll from the Unify Identity Broker for Microsoft FIM 5.0.3 installer.

Create an export run profile with an object limit.

Run the export run profile

All pending export objects are exported and when the run completes, the status message indicates that object limit was reached. See screenshots.

Please look at adding the following fields to the WorkDay Connector:

• Primary Business Address (Formatted_Address based of the primary="true" type="WORK"
• Priimary Business Office Phone (Formatted_Phone based of the primary="true" type="WORK" usage descriptor="Telephone")
• Primary Business Mobile Phone (Formatted_Phone based of the primary="true" type="WORK" usage descriptor="Mobile")
• Primary Private Mobile Phone (Formatted_Phone based of the primary="true" type="HOME" usage descriptor="Mobile")

Adding of the signing of log files whould ensure that we can show they were not modified, which would in turn provide a chain of evidence for auditors...

The CSV connector is exhibiting some strange behaviour when exporting. See below a file that was written to. Telephone is a multivalue string field in the connector schema - the rest are strings.

Telephone and email have seemingly switched value types. I am assuming this is why the string value array writing has appeared.

Task:
Installation of Identity Broker for SAP HCM

Task List:
1. Install Identity Broker service
2. Configure Identity Broker service
3. Install and configure connector and adapter components.

After the successfull installation of Identity Broker service the Identity Broker database was created and the Identity Broker script ran sucessfully. The next step was to configure the service with the datbase connection details as given below. Upon starting the Identity Broker service the following error was captured as given below.

The error indicates that the connection string is missing in the configuration file however the string is present in the DataEngine.extensibility.config.xml configuration.

DataEngine Configuration:
<DataEngine>
<dataRepository>
<dataConnection name="sql" repository="FIM_DEV_Unify_IdentityBroker" connectionString="Data Source=amausgcdbad05;Initial Catalog=FIM_DEV_Unify_IdentityBroker;Integrated Security=True" />
</dataRepository>
</DataEngine>

DataEngine Configuration Values:
Database type = SQL
Database server = amausgcdbad05
Database Name = FIM_DEV_Unify_IdentityBroker

Event Viewer:

• <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
• <System>
  <Provider Name="UNIFY Identity Broker v3.0 service" />
  <EventID Qualifiers="0">0</EventID>
  <Level>2</Level>
  <Task>0</Task>
  <Keywords>0x80000000000000</Keywords>
  <TimeCreated SystemTime="2011-01-11T23:07:57.000000000Z" />
  <EventRecordID>1264</EventRecordID>
  <Channel>Application</Channel>
  <Computer>AMSGCQAP01.int.alliedmills.com.au</Computer>
  <Security />
  </System>
• <EventData>
  <Data>Service cannot be started. Unify.Framework.AdoNetDataControlConfigurationException: Missing connectionString attribute from <dataConnection name="sql" repository="FIM_DEV_Unify_IdentityBroker" /> at Unify.Framework.AdoNetDataControlFactoryBase.SetConfiguration(XElement configurationElement) at Unify.Framework.SqlServerDataControlFactory..ctor(XElement element) at Unify.Framework.SqlServer.SqlServerDataControlGenerator.CreateComponent(XElement element) at Unify.Framework.PlugInGeneratorBase`4.CreateComponent(TFactoryInfo factoryInformation) at Unify.Framework.StoredValuesEngine..ctor(IAdoNetDataControlGenerator dataControlGenerator, DirectoryInfo executingAssemblyDirectory) at Unify.Framework.StoredValuesEnginePlugInFactory.CreateComponent(IUnifyEnginePlugInFactoryInformation factoryInformation) at Unify.Framework.DependencyPlugInGenerator`4..ctor(ICollection`1 plugInGenerator, IPlugInFactory`2 factoryInformationFactory) at Unify.Framework.UnifyEngine..ctor(IEnumerable`1 additionalPlugInFactories, Di...</Data>
  </EventData>
  </Event>

When performing a delta import, the MA performs a change log request for the last seen change log entry. If the change log entry has been cleared or truncated so the last seen change log entry no longer exists the delta operation stops and the following exception message is logged by FIM

The extensible extension returned an unsupported error.
 The stack trace is:
 
 "System.Exception: Changelog corruption detected. Could not find changelog entry with change number 48.
   at Unify.Product.IdentityBroker.LdapConnectionProxy.PartitionDeltaRequestPaged(String partitionDN, Int64 lastChangeNumber, Int32 pageSize) in s:\HG\Product\FIMMA\Working\Source\Unify.IdentityBroker.FIMAdapter\LdapConnectionProxy.cs:line 189
   at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
   at Unify.Product.IdentityBroker.ExtensionMethods.Take[TSource](IEnumerator`1 source, Int32 count, IList`1& items)
   at Unify.Product.IdentityBroker.ExtensionMethods.<Page>d__0`1.MoveNext()
   at Unify.Product.IdentityBroker.ImportProxy.Import(GetImportEntriesRunStep importRunStep) in s:\HG\Product\FIMMA\Working\Source\Unify.IdentityBroker.FIMAdapter\ImportProxy.cs:line 113
Forefront Identity Manager 4.1.3599.0"

The MA should perform some kind of discovery procedure at this point. Also ensure that a last seen change number of 0 (changeLogKey auto increment starts at 1) is covered.

I need to know how to implement gtrListFilters in IdB4.0.
The doco for the filters is documented here:
https://unifysolutions.jira.com/wiki/display/IDBCHRS305/Frontier+chris21+connector#Frontierchris21connector-GTRfilterformat

Below is one of the filters I need to implement. I can't see anywhere in the GUI this can be implemented.

<connectorconfiguration configuration="readingAndWritingConnector">
	<connector connector="Unify.Connectors.Chris21.GTR" id="{BB362CE2-985C-486d-9D53-8A5C4909B938}" name="Chris21 Placement Connector" key="detnumber">
		<entitySchema>
			<field name="detnumber" validator="string" readonly="True" required="True" key="True" />
			<field name="posstart" validator="date" readonly="True" required="True" key="True" />
			<field name="posend" validator="date" readonly="True" />
			<field name="posnumber" validator="string" readonly="True" />
			<field name="posstatus" validator="string" readonly="True" />
			<field name="posempocc" validator="string" readonly="True" />
		</entitySchema>
		<entitySchemaValidators>
			<validator name="string" validatorGenerator="Unify.Framework.EntityStringValidatorFactory,Unify.Framework.Entity.Schema" />
			<validator name="date" validatorGenerator="Unify.Framework.EntityDateValidatorFactory,Unify.Framework.Entity.Schema" />
		</entitySchemaValidators>
		<image>iVBO<snip> VORK5CYII=</image>
		<communicator logActive="True" type="http" gtrForm="pos" gtrName="broker1prod" gtrSecurePassword="9Wu6XRqV4pgisJmPm4WO3Q==" gtrPassword="" skipLogout="False" gtrAllowHttp="True" gtrShowTranslations="False" gtrListRequest="Default" gtrChunkSize="1000" httpUri="https://hrselfservice/Web/Scalable/c21connect.asp" encoding="UTF-8" contentType="application/x-www-form-urlencoded">
			<gtrListFilters>
				<gtrListFilter filterValue="posend:GE:{DATETODAY}:or" />
				<gtrListFilter filterValue="posend:EQ::" />
			</gtrListFilters>
		</communicator>
	</connector>
	<getAllEntities>
		<timing name="RecurringTimespan">
			<timespan value="864000000000" />
		</timing>
	</getAllEntities>
</connectorconfiguration>

Generating an FIM Packaged Management Agent for an adapter and selecting a Save Location of FIM Instance under the Save Options the IdB creates three new folders

.\UIShell\XMLs\PackagedMAs

under the path where the packaged MA file should be created

%Program Files%\Microsoft Forefront Identity Manager\2010\Synchronization Service\UIShell\XMLs\PackagedMAs

which in the test environment resulted in the xml being placed in the following directory:

C:\Program Files\Microsoft Forefront Identity Manager\2010\Synchronization Service\UIShell\XMLs\PackagedMAs\UIShell\XMLs\PackagedMAs