Identity Broker Forum

Welcome to the community forum for Identity Broker.

Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.

  1. Forum: UNIFYBroker Forum
0
Fixed

Issue creating Identity Broker MA that has Boolean Attributes in Schema

Richard Courtenay 11 years ago in UNIFYBroker/Microsoft Identity Manager updated by anonymous 10 years ago 7

I've created a single Powershell Connector and Adapter as per the attached documents. If I attempt to create a new MA in FIM 2010 R2, I get the following error after entering my credentials and attempting to proceed from the connectivity portion of the FIM MA config:

Unable to retrieve schema. Error: An anchor attribute defined by the extension must not be of type Reference or Boolean. A multivalued attribute defined by the extension must not be of type Boolean.

In the event log I see:

Log Name: Application
Source: FIMSynchronizationService
Event ID: 6801
Level: Error


The extensible extension returned an unsupported error.
 The stack trace is:
 
 "System.Collections.Generic.KeyNotFoundException: The given key was not present in the dictionary.
   at System.Collections.Generic.Dictionary`2.get_Item(TKey key)
   at Unify.Product.IdentityBroker.SchemaEntryToAttributeTypeAdapter.Transform(String schemaEntry)
   at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext()
   at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer)
   at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector)
   at Unify.Product.IdentityBroker.LdapConnectionProxy.get_Schema()
   at Unify.Product.IdentityBroker.UnifyLdapConnectorTypeProxy.GetSchema(KeyedCollection`2 configParameters)
Forefront Identity Manager 4.1.3627.0"

My DN is defined as UID=UFYGuid

That UFYGuid is not one of the Boolean attributes (it is type GUID).

If I change the schema of the connector so that the two Boolean attributes are of type string, then I can proceed to create the MA without any other changes.


IdB 5 Config.zip
ldap.png
0
Fixed

An attempt to call FirstOrDefault on an empty entity repository using a field name results in a System.InvalidOperationException exception.

Shane Day (Chief Technology Officer) 15 years ago updated by anonymous 10 years ago 5

The following test:

        [Test]
        public void FirstOrDefaultWithNoDataTest()
        {
            using (var entityContext = CreateAndPrepareContext(PartitionId))
            {
               var firstItem = entityContext.Entities.FirstOrDefault(item => item.GetValueOrDefault<StringValue>(CreateEntityKey("NotThere")) == "Hello");

               Assert.IsNull(firstItem);
            }
        }

fails with the following exception:

System.InvalidOperationException : Sequence contains no elements

This fault should be corrected, and the above unit test included in the KnownEntityRepositoryTestFixtureBase test fixture.

0
Fixed

Identity Broker Full Import Scheduling

Richard Green 14 years ago updated by anonymous 10 years ago 8

Hi Guys,

I've run accross an interesting issue with identity broker import scheduling. As an example, I have the following full import schedule configured for the DET Oneschool connector in SPOT:

<getAllEntities>
<timing name="Daily" offset="06:00:00" UseLocal="True" />
</getAllEntities>

The issue we are seeing, is that with this config, whenever the service is started a full import is immeadiately kicked off on this connector, regardless of the time of day. If the service is stopped and started again the same day, the import runs again.

I have seen the same behaviour on the WCIS connector with this config:

<getAllEntities>
<timing name="Daily" offset="05:30:00" UseLocal="True" />
</getAllEntities>

However for the imports that are scheduled to run at after hours in the evening, this behaviour is not exhibited. For example, the following config is on the HRuI connector:

<getAllEntities>
<timing name="Daily" offset="18:00:00" UseLocal="True" />
</getAllEntities>

It appears that any runs that are scheduled for the morning, reoccur whenever the service is started. As the Oneschool connector contains ~600k entities, this is rather inconvenient.

I've attached the entire connector config if needed for analysis. Is there anything evidently wrong here that can be quickly corrected? Is this a known issue?

Cheers
Richard

0
Completed

Improve feedback on inaccessible extensibility directory

Tony Sheehy 14 years ago updated by anonymous 10 years ago 6

When the extensibility directory cannot be written to due to permissions, the following is logged:

Application: Unify.Service.Connect.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at Unify.Product.IdentityBroker.IdentityBrokerEngine.Dispose()
   at Unify.Framework.DisposeVisit.DisposeVisitMethod[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.__Canon)
   at Unify.Framework.Visitor.Visit[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Action`2<System.__Canon,Int32>)
   at Unify.Framework.UnifyEngine`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Dispose()
   at Unify.Service.IdentityBrokerService.Dispose(Boolean)
   at System.ComponentModel.Component.Dispose()
   at System.ServiceProcess.ServiceBase.Run(System.ServiceProcess.ServiceBase[])
   at Unify.Service.ConnectServiceBootStrap.Main()

This does not really explain what's actually happening, and should be updated to reflect the exact cause for why the service couldn't start.

0
Fixed

Service fails to start due to Null reference exception.

Tony Sheehy 14 years ago updated by anonymous 10 years ago 4

The following is being logged with a clean installation using the most recent installer in prdgrp-test1.

Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at Unify.Framework.Data.DataEngine..ctor(IConfigurationEngine configurationEngine, IStandardPostEngine postEngine)
   at Unify.Framework.Data.DataEnginePlugInFactory`1.CreateComponent(IUnifyEnginePlugInFactoryInformation`1 factoryInformation)
   at Unify.Framework.DependencyPlugInGenerator`4..ctor(ICollection`1 plugInGenerator, IPlugInFactory`2 factoryInformationFactory)
   at Unify.Framework.UnifyEngine`1..ctor(TBranding branding, IEnumerable`1 additionalPlugInFactories, DirectoryInfo executingAssemblyLocation, IsolatedStorageFile isolatedStorageLocation)
   at Unify.Service.IdentityBrokerServiceEngine..ctor(DirectoryInfo assemblyExcutionPath, IsolatedStorageFile isolatedFile, IIdentityBrokerBranding branding)
   at Unify.Service.IdentityBrokerService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
0
Fixed

Null values stored to database for multivalue attributes

Matthew Clark 14 years ago updated by anonymous 10 years ago 6

During a full import from a MOSS List adapter, the following error is thrown inside the lazy evaluation stream. This may be because of a bad or incorrect null check in the LDIF components:

Value cannot be null.
at Unify.Framework.IO.LDIFSafeStringFilter.IsSafe(String sourceValue) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO.LDIF\LDIFSafeStringFilter.cs:line 46
at Unify.Framework.IO.LDIFValueSpec.WriteComponent(TextWriter writer) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO.LDIF\LDIFValueSpec.cs:line 41
at Unify.Framework.IO.LDIFAttrvalSpec.WriteComponent(TextWriter writer) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO.LDIF\LDIFAttrvalSpec.cs:line 56
at Unify.Framework.IO.LDIFAttrvalRecord.WriteComponent(TextWriter writer) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO.LDIF\LDIFAttrvalRecord.cs:line 60
at Unify.Framework.IO.LDIFComponentFileGenerator`1.GenerateFile(TextWriter writer, IEnumerable`1 entries) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO.LDIF\LDIFComponentFileGenerator.cs:line 46
at Unify.Product.IdentityBroker.LDIFAdapterBase.<>c_DisplayClass14`1.<CreateLDIFComponentStream>b_13(Stream stream) in S:\Hg\Product\IdentityBroker\IdentityBroker\Source\Adapter\Unify.IdentityBroker.Adapter.Remoting\LDIFAdapterBase.cs:line 399
at Unify.Framework.IO.LazyEvaluationStream.Evaluate(Object obj) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO\LazyEvaluationStream.cs:line 124

0
Answered

Sharepoint connector ignores proxy configuration

Matthew Woolnough 13 years ago in UNIFYBroker/Microsoft SharePoint updated by anonymous 10 years ago 3

Configuring following settings in an attempt to use Fiddler to debug connection.
Connector ignores proxy configuration, it does not appear to route traffic to proxyUri.

<communicator
ignoreCertificateError="True"
pollingChangeTokenOffset="-1.00:00:00"
credentials="Custom"
proxy="Custom"
preauthenticate="true"
timeout="02:00:00"
proxyUri="http://localhost:8888"
uri="http://kweb.bne.catholic.edu.au/informationservices/SSAS/SSA/"
domain="CATHOLIC"
user="svc_FIM_SharePoint"
securePassword="TE+bBSNefb5uHPQAhhSpsw==" certificate="" listName="eMinerva Exceptions - All Schools" viewName="" rowLimit="100">
</communicator>

0
Fixed

GetTransformedEntities: The transaction is in doubt

Tony Sheehy 14 years ago updated by anonymous 10 years ago 8

The following exception was encountered during a full import of two adapters:

An exception has occured whilst performing a job for adapter 9c0cc85e-de5b-448e-946d-73f3323f5a78 job GetTransformedEntities (ParallelGate):
System.Transactions.TransactionInDoubtException: The transaction is in doubt. ---> System.Data.SqlClient.SqlException: Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding.
at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning()
at System.Data.SqlClient.TdsParserStateObject.ReadSniError(TdsParserStateObject stateObj, UInt32 error)
at System.Data.SqlClient.TdsParserStateObject.ReadSni(DbAsyncResult asyncResult, TdsParserStateObject stateObj)
at System.Data.SqlClient.TdsParserStateObject.ReadNetworkPacket()
at System.Data.SqlClient.TdsParserStateObject.ReadByte()
at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
at System.Data.SqlClient.TdsParser.TdsExecuteTransactionManagerRequest(Byte[] buffer, TransactionManagerRequestType request, String transactionName, TransactionManagerIsolationLevel isoLevel, Int32 timeout, SqlInternalTransaction transaction, TdsParserStateObject stateObj, Boolean isDelegateControlRequest)
at System.Data.SqlClient.SqlInternalConnectionTds.ExecuteTransactionYukon(TransactionRequest transactionRequest, String transactionName, IsolationLevel iso, SqlInternalTransaction internalTransaction, Boolean isDelegateControlRequest)
at System.Data.SqlClient.SqlDelegatedTransaction.SinglePhaseCommit(SinglePhaseEnlistment enlistment)
--- End of inner exception stack trace ---
at System.Transactions.TransactionStatePromotedIndoubt.PromotedTransactionOutcome(InternalTransaction tx)
at System.Transactions.CommittableTransaction.Commit()
at System.Transactions.TransactionScope.InternalDispose()
at System.Transactions.TransactionScope.Dispose()
at Unify.Framework.Data.LinqContextConversionBase`4.SubmitChanges()
at Unify.Framework.ParallelGate.ParallelGateJob.RunBase()
at Unify.Framework.AsynchronousJobExecutor.PerformJobCallback(Object state)
  • The CPU usage while these adapters were importing was consistently around 98/99% usages, with 200k memory usage.
  • There were 10k and 9.999k entities in the respective adapters being imported.
  • The full imports into FIM both suceeded, and took
    • 6 minutes 11 seconds and,
    • 5 minutes 24 seconds to complete respectively.
  • Additionally, the second adapter was moving from a DN Format of:
0
Fixed

Identity Broker authentication issues with ISA Proxy

Mark Southwell 15 years ago in UNIFYBroker/Aurion updated by anonymous 10 years ago 18

When attempting to import from Aurion error thrown:

System.New.webException: The remote server returned an error: (407) Proxy Authentication Required.

Proxy authentication is configured in the ConnectorEngine.extensibility.config.xml.

Config files and error log attached.


Application log errors.txt
ConnectorEngine.extensibility.config.xml
Unify.Service.Connect.exe.config
UnifyLog20110906.csv
0
Answered

Improve handling of Root Organization behaviour

Matthew Clark 14 years ago in UNIFYBroker/Microsoft SharePoint updated by anonymous 10 years ago 4

See APRA-38, IDBSP-47 and http://social.technet.microsoft.com/Forums/en-US/sharepoint2010programming/thread/e9c91765-4c35-424d-888d-58e993783855. SharePoint 2010 will become unresponsive if the root organization is set to be its own parent, even though SharePoint does not prevent you from doing so programmatically or via the UI. Both the UI and the object model are affected by this bug. SharePoint considers the root organization to be the first organization with a parent of -1 in its database (ie. how it determines its value of the RootOrganization property). It is operationally and functionally valid for multiple organizations to exist with a parent of -1, and also to be self-referential (ie. their own parent), but doing so on the profile SharePoint considers its root brings about this instability. The connector could account for this functional limitation by preventing the solution from modifying the parent of the root organization. It is then up to solution implementers to ensure the behaviour of their hierarchy is correct.

Estimate includes work initial research carried out already, as well as implementing and testing.



Customer support service by UserEcho