Identity Broker Forum
Welcome to the community forum for Identity Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.

Disabled Adapters should return false on Changes Available
Disabled Adapters should return false on Changes available, with correct alerts on disabling Relational/Base connectors (and corresponding clearing alerts on enabling the adapter).
This is to prevent the FIM or potentially/alternatively EB logs from being flooded with resultant messages about the target adapters being disabled.
This would put the requirement on the user to be aware of the state of IDB with regards to Adapter enablement - the justification for this being that only explicit/manual changes to IdentityBroker components can disable adapters, which means that the user who should care about the adapter being disabled has already been a part of the domain of IdentityBroker in the first place.

Issue creating Identity Broker MA that has Boolean Attributes in Schema
I've created a single Powershell Connector and Adapter as per the attached documents. If I attempt to create a new MA in FIM 2010 R2, I get the following error after entering my credentials and attempting to proceed from the connectivity portion of the FIM MA config:
Unable to retrieve schema. Error: An anchor attribute defined by the extension must not be of type Reference or Boolean. A multivalued attribute defined by the extension must not be of type Boolean.
In the event log I see:
Log Name: Application Source: FIMSynchronizationService Event ID: 6801 Level: Error The extensible extension returned an unsupported error. The stack trace is: "System.Collections.Generic.KeyNotFoundException: The given key was not present in the dictionary. at System.Collections.Generic.Dictionary`2.get_Item(TKey key) at Unify.Product.IdentityBroker.SchemaEntryToAttributeTypeAdapter.Transform(String schemaEntry) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer) at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector) at Unify.Product.IdentityBroker.LdapConnectionProxy.get_Schema() at Unify.Product.IdentityBroker.UnifyLdapConnectorTypeProxy.GetSchema(KeyedCollection`2 configParameters) Forefront Identity Manager 4.1.3627.0"
My DN is defined as UID=UFYGuid
That UFYGuid is not one of the Boolean attributes (it is type GUID).
If I change the schema of the connector so that the two Boolean attributes are of type string, then I can proceed to create the MA without any other changes.
IdB 5 Config.zip
ldap.png

An attempt to call FirstOrDefault on an empty entity repository using a field name results in a System.InvalidOperationException exception.
The following test:
[Test] public void FirstOrDefaultWithNoDataTest() { using (var entityContext = CreateAndPrepareContext(PartitionId)) { var firstItem = entityContext.Entities.FirstOrDefault(item => item.GetValueOrDefault<StringValue>(CreateEntityKey("NotThere")) == "Hello"); Assert.IsNull(firstItem); } }
fails with the following exception:
System.InvalidOperationException : Sequence contains no elements
This fault should be corrected, and the above unit test included in the KnownEntityRepositoryTestFixtureBase test fixture.

Identity Broker Full Import Scheduling
Hi Guys,
I've run accross an interesting issue with identity broker import scheduling. As an example, I have the following full import schedule configured for the DET Oneschool connector in SPOT:
<getAllEntities>
<timing name="Daily" offset="06:00:00" UseLocal="True" />
</getAllEntities>
The issue we are seeing, is that with this config, whenever the service is started a full import is immeadiately kicked off on this connector, regardless of the time of day. If the service is stopped and started again the same day, the import runs again.
I have seen the same behaviour on the WCIS connector with this config:
<getAllEntities>
<timing name="Daily" offset="05:30:00" UseLocal="True" />
</getAllEntities>
However for the imports that are scheduled to run at after hours in the evening, this behaviour is not exhibited. For example, the following config is on the HRuI connector:
<getAllEntities>
<timing name="Daily" offset="18:00:00" UseLocal="True" />
</getAllEntities>
It appears that any runs that are scheduled for the morning, reoccur whenever the service is started. As the Oneschool connector contains ~600k entities, this is rather inconvenient.
I've attached the entire connector config if needed for analysis. Is there anything evidently wrong here that can be quickly corrected? Is this a known issue?
Cheers
Richard

Improve feedback on inaccessible extensibility directory
When the extensibility directory cannot be written to due to permissions, the following is logged:
Application: Unify.Service.Connect.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException Stack: at Unify.Product.IdentityBroker.IdentityBrokerEngine.Dispose() at Unify.Framework.DisposeVisit.DisposeVisitMethod[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.__Canon) at Unify.Framework.Visitor.Visit[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Action`2<System.__Canon,Int32>) at Unify.Framework.UnifyEngine`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Dispose() at Unify.Service.IdentityBrokerService.Dispose(Boolean) at System.ComponentModel.Component.Dispose() at System.ServiceProcess.ServiceBase.Run(System.ServiceProcess.ServiceBase[]) at Unify.Service.ConnectServiceBootStrap.Main()
This does not really explain what's actually happening, and should be updated to reflect the exact cause for why the service couldn't start.

Service fails to start due to Null reference exception.
The following is being logged with a clean installation using the most recent installer in prdgrp-test1.
Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object. at Unify.Framework.Data.DataEngine..ctor(IConfigurationEngine configurationEngine, IStandardPostEngine postEngine) at Unify.Framework.Data.DataEnginePlugInFactory`1.CreateComponent(IUnifyEnginePlugInFactoryInformation`1 factoryInformation) at Unify.Framework.DependencyPlugInGenerator`4..ctor(ICollection`1 plugInGenerator, IPlugInFactory`2 factoryInformationFactory) at Unify.Framework.UnifyEngine`1..ctor(TBranding branding, IEnumerable`1 additionalPlugInFactories, DirectoryInfo executingAssemblyLocation, IsolatedStorageFile isolatedStorageLocation) at Unify.Service.IdentityBrokerServiceEngine..ctor(DirectoryInfo assemblyExcutionPath, IsolatedStorageFile isolatedFile, IIdentityBrokerBranding branding) at Unify.Service.IdentityBrokerService.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Null values stored to database for multivalue attributes
During a full import from a MOSS List adapter, the following error is thrown inside the lazy evaluation stream. This may be because of a bad or incorrect null check in the LDIF components:
Value cannot be null.
at Unify.Framework.IO.LDIFSafeStringFilter.IsSafe(String sourceValue) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO.LDIF\LDIFSafeStringFilter.cs:line 46
at Unify.Framework.IO.LDIFValueSpec.WriteComponent(TextWriter writer) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO.LDIF\LDIFValueSpec.cs:line 41
at Unify.Framework.IO.LDIFAttrvalSpec.WriteComponent(TextWriter writer) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO.LDIF\LDIFAttrvalSpec.cs:line 56
at Unify.Framework.IO.LDIFAttrvalRecord.WriteComponent(TextWriter writer) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO.LDIF\LDIFAttrvalRecord.cs:line 60
at Unify.Framework.IO.LDIFComponentFileGenerator`1.GenerateFile(TextWriter writer, IEnumerable`1 entries) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO.LDIF\LDIFComponentFileGenerator.cs:line 46
at Unify.Product.IdentityBroker.LDIFAdapterBase.<>c_DisplayClass14`1.<CreateLDIFComponentStream>b_13(Stream stream) in S:\Hg\Product\IdentityBroker\IdentityBroker\Source\Adapter\Unify.IdentityBroker.Adapter.Remoting\LDIFAdapterBase.cs:line 399
at Unify.Framework.IO.LazyEvaluationStream.Evaluate(Object obj) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO\LazyEvaluationStream.cs:line 124

Sharepoint connector ignores proxy configuration
Configuring following settings in an attempt to use Fiddler to debug connection.
Connector ignores proxy configuration, it does not appear to route traffic to proxyUri.
<communicator
ignoreCertificateError="True"
pollingChangeTokenOffset="-1.00:00:00"
credentials="Custom"
proxy="Custom"
preauthenticate="true"
timeout="02:00:00"
proxyUri="http://localhost:8888"
uri="http://kweb.bne.catholic.edu.au/informationservices/SSAS/SSA/"
domain="CATHOLIC"
user="svc_FIM_SharePoint"
securePassword="TE+bBSNefb5uHPQAhhSpsw==" certificate="" listName="eMinerva Exceptions - All Schools" viewName="" rowLimit="100">
</communicator>

GetTransformedEntities: The transaction is in doubt
The following exception was encountered during a full import of two adapters:
An exception has occured whilst performing a job for adapter 9c0cc85e-de5b-448e-946d-73f3323f5a78 job GetTransformedEntities (ParallelGate): System.Transactions.TransactionInDoubtException: The transaction is in doubt. ---> System.Data.SqlClient.SqlException: Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding. at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning() at System.Data.SqlClient.TdsParserStateObject.ReadSniError(TdsParserStateObject stateObj, UInt32 error) at System.Data.SqlClient.TdsParserStateObject.ReadSni(DbAsyncResult asyncResult, TdsParserStateObject stateObj) at System.Data.SqlClient.TdsParserStateObject.ReadNetworkPacket() at System.Data.SqlClient.TdsParserStateObject.ReadByte() at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) at System.Data.SqlClient.TdsParser.TdsExecuteTransactionManagerRequest(Byte[] buffer, TransactionManagerRequestType request, String transactionName, TransactionManagerIsolationLevel isoLevel, Int32 timeout, SqlInternalTransaction transaction, TdsParserStateObject stateObj, Boolean isDelegateControlRequest) at System.Data.SqlClient.SqlInternalConnectionTds.ExecuteTransactionYukon(TransactionRequest transactionRequest, String transactionName, IsolationLevel iso, SqlInternalTransaction internalTransaction, Boolean isDelegateControlRequest) at System.Data.SqlClient.SqlDelegatedTransaction.SinglePhaseCommit(SinglePhaseEnlistment enlistment) --- End of inner exception stack trace --- at System.Transactions.TransactionStatePromotedIndoubt.PromotedTransactionOutcome(InternalTransaction tx) at System.Transactions.CommittableTransaction.Commit() at System.Transactions.TransactionScope.InternalDispose() at System.Transactions.TransactionScope.Dispose() at Unify.Framework.Data.LinqContextConversionBase`4.SubmitChanges() at Unify.Framework.ParallelGate.ParallelGateJob.RunBase() at Unify.Framework.AsynchronousJobExecutor.PerformJobCallback(Object state)
- The CPU usage while these adapters were importing was consistently around 98/99% usages, with 200k memory usage.
- There were 10k and 9.999k entities in the respective adapters being imported.
- The full imports into FIM both suceeded, and took
- 6 minutes 11 seconds and,
- 5 minutes 24 seconds to complete respectively.

Identity Broker authentication issues with ISA Proxy
When attempting to import from Aurion error thrown:
System.New.webException: The remote server returned an error: (407) Proxy Authentication Required.
Proxy authentication is configured in the ConnectorEngine.extensibility.config.xml.
Config files and error log attached.
Application log errors.txt
ConnectorEngine.extensibility.config.xml
Unify.Service.Connect.exe.config
UnifyLog20110906.csv
Customer support service by UserEcho