Identity Broker Forum

Welcome to the community forum for Identity Broker.

Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.

  1. Forum: UNIFYBroker Forum
0
Completed

Disabled Adapters should return false on Changes Available

Tony Sheehy 13 years ago updated by anonymous 10 years ago 5

Disabled Adapters should return false on Changes available, with correct alerts on disabling Relational/Base connectors (and corresponding clearing alerts on enabling the adapter).

This is to prevent the FIM or potentially/alternatively EB logs from being flooded with resultant messages about the target adapters being disabled.

This would put the requirement on the user to be aware of the state of IDB with regards to Adapter enablement - the justification for this being that only explicit/manual changes to IdentityBroker components can disable adapters, which means that the user who should care about the adapter being disabled has already been a part of the domain of IdentityBroker in the first place.

0
Fixed

Issue creating Identity Broker MA that has Boolean Attributes in Schema

Richard Courtenay 10 years ago in UNIFYBroker/Microsoft Identity Manager updated by anonymous 10 years ago 7

I've created a single Powershell Connector and Adapter as per the attached documents. If I attempt to create a new MA in FIM 2010 R2, I get the following error after entering my credentials and attempting to proceed from the connectivity portion of the FIM MA config:

Unable to retrieve schema. Error: An anchor attribute defined by the extension must not be of type Reference or Boolean. A multivalued attribute defined by the extension must not be of type Boolean.

In the event log I see:

Log Name: Application
Source: FIMSynchronizationService
Event ID: 6801
Level: Error


The extensible extension returned an unsupported error.
 The stack trace is:
 
 "System.Collections.Generic.KeyNotFoundException: The given key was not present in the dictionary.
   at System.Collections.Generic.Dictionary`2.get_Item(TKey key)
   at Unify.Product.IdentityBroker.SchemaEntryToAttributeTypeAdapter.Transform(String schemaEntry)
   at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext()
   at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer)
   at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector)
   at Unify.Product.IdentityBroker.LdapConnectionProxy.get_Schema()
   at Unify.Product.IdentityBroker.UnifyLdapConnectorTypeProxy.GetSchema(KeyedCollection`2 configParameters)
Forefront Identity Manager 4.1.3627.0"

My DN is defined as UID=UFYGuid

That UFYGuid is not one of the Boolean attributes (it is type GUID).

If I change the schema of the connector so that the two Boolean attributes are of type string, then I can proceed to create the MA without any other changes.


IdB 5 Config.zip
ldap.png
0
Fixed

An attempt to call FirstOrDefault on an empty entity repository using a field name results in a System.InvalidOperationException exception.

Shane Day (Chief Technology Officer) 15 years ago updated by anonymous 10 years ago 5

The following test:

        [Test]
        public void FirstOrDefaultWithNoDataTest()
        {
            using (var entityContext = CreateAndPrepareContext(PartitionId))
            {
               var firstItem = entityContext.Entities.FirstOrDefault(item => item.GetValueOrDefault<StringValue>(CreateEntityKey("NotThere")) == "Hello");

               Assert.IsNull(firstItem);
            }
        }

fails with the following exception:

System.InvalidOperationException : Sequence contains no elements

This fault should be corrected, and the above unit test included in the KnownEntityRepositoryTestFixtureBase test fixture.

0
Fixed

Identity Broker Full Import Scheduling

Richard Green 14 years ago updated by anonymous 10 years ago 8

Hi Guys,

I've run accross an interesting issue with identity broker import scheduling. As an example, I have the following full import schedule configured for the DET Oneschool connector in SPOT:

<getAllEntities>
<timing name="Daily" offset="06:00:00" UseLocal="True" />
</getAllEntities>

The issue we are seeing, is that with this config, whenever the service is started a full import is immeadiately kicked off on this connector, regardless of the time of day. If the service is stopped and started again the same day, the import runs again.

I have seen the same behaviour on the WCIS connector with this config:

<getAllEntities>
<timing name="Daily" offset="05:30:00" UseLocal="True" />
</getAllEntities>

However for the imports that are scheduled to run at after hours in the evening, this behaviour is not exhibited. For example, the following config is on the HRuI connector:

<getAllEntities>
<timing name="Daily" offset="18:00:00" UseLocal="True" />
</getAllEntities>

It appears that any runs that are scheduled for the morning, reoccur whenever the service is started. As the Oneschool connector contains ~600k entities, this is rather inconvenient.

I've attached the entire connector config if needed for analysis. Is there anything evidently wrong here that can be quickly corrected? Is this a known issue?

Cheers
Richard

0
Completed

Improve feedback on inaccessible extensibility directory

Tony Sheehy 13 years ago updated by anonymous 10 years ago 6

When the extensibility directory cannot be written to due to permissions, the following is logged:

Application: Unify.Service.Connect.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at Unify.Product.IdentityBroker.IdentityBrokerEngine.Dispose()
   at Unify.Framework.DisposeVisit.DisposeVisitMethod[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.__Canon)
   at Unify.Framework.Visitor.Visit[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Action`2<System.__Canon,Int32>)
   at Unify.Framework.UnifyEngine`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Dispose()
   at Unify.Service.IdentityBrokerService.Dispose(Boolean)
   at System.ComponentModel.Component.Dispose()
   at System.ServiceProcess.ServiceBase.Run(System.ServiceProcess.ServiceBase[])
   at Unify.Service.ConnectServiceBootStrap.Main()

This does not really explain what's actually happening, and should be updated to reflect the exact cause for why the service couldn't start.

0
Fixed

Service fails to start due to Null reference exception.

Tony Sheehy 13 years ago updated by anonymous 10 years ago 4

The following is being logged with a clean installation using the most recent installer in prdgrp-test1.

Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at Unify.Framework.Data.DataEngine..ctor(IConfigurationEngine configurationEngine, IStandardPostEngine postEngine)
   at Unify.Framework.Data.DataEnginePlugInFactory`1.CreateComponent(IUnifyEnginePlugInFactoryInformation`1 factoryInformation)
   at Unify.Framework.DependencyPlugInGenerator`4..ctor(ICollection`1 plugInGenerator, IPlugInFactory`2 factoryInformationFactory)
   at Unify.Framework.UnifyEngine`1..ctor(TBranding branding, IEnumerable`1 additionalPlugInFactories, DirectoryInfo executingAssemblyLocation, IsolatedStorageFile isolatedStorageLocation)
   at Unify.Service.IdentityBrokerServiceEngine..ctor(DirectoryInfo assemblyExcutionPath, IsolatedStorageFile isolatedFile, IIdentityBrokerBranding branding)
   at Unify.Service.IdentityBrokerService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
0
Fixed

Null values stored to database for multivalue attributes

Matthew Clark 13 years ago updated by anonymous 10 years ago 6

During a full import from a MOSS List adapter, the following error is thrown inside the lazy evaluation stream. This may be because of a bad or incorrect null check in the LDIF components:

Value cannot be null.
at Unify.Framework.IO.LDIFSafeStringFilter.IsSafe(String sourceValue) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO.LDIF\LDIFSafeStringFilter.cs:line 46
at Unify.Framework.IO.LDIFValueSpec.WriteComponent(TextWriter writer) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO.LDIF\LDIFValueSpec.cs:line 41
at Unify.Framework.IO.LDIFAttrvalSpec.WriteComponent(TextWriter writer) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO.LDIF\LDIFAttrvalSpec.cs:line 56
at Unify.Framework.IO.LDIFAttrvalRecord.WriteComponent(TextWriter writer) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO.LDIF\LDIFAttrvalRecord.cs:line 60
at Unify.Framework.IO.LDIFComponentFileGenerator`1.GenerateFile(TextWriter writer, IEnumerable`1 entries) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO.LDIF\LDIFComponentFileGenerator.cs:line 46
at Unify.Product.IdentityBroker.LDIFAdapterBase.<>c_DisplayClass14`1.<CreateLDIFComponentStream>b_13(Stream stream) in S:\Hg\Product\IdentityBroker\IdentityBroker\Source\Adapter\Unify.IdentityBroker.Adapter.Remoting\LDIFAdapterBase.cs:line 399
at Unify.Framework.IO.LazyEvaluationStream.Evaluate(Object obj) in c:\workspaces\DEV\FrameworkCore\Source\IO\Unify.Framework.IO\LazyEvaluationStream.cs:line 124

0
Answered

Sharepoint connector ignores proxy configuration

Matthew Woolnough 12 years ago in UNIFYBroker/Microsoft SharePoint updated by anonymous 10 years ago 3

Configuring following settings in an attempt to use Fiddler to debug connection.
Connector ignores proxy configuration, it does not appear to route traffic to proxyUri.

<communicator
ignoreCertificateError="True"
pollingChangeTokenOffset="-1.00:00:00"
credentials="Custom"
proxy="Custom"
preauthenticate="true"
timeout="02:00:00"
proxyUri="http://localhost:8888"
uri="http://kweb.bne.catholic.edu.au/informationservices/SSAS/SSA/"
domain="CATHOLIC"
user="svc_FIM_SharePoint"
securePassword="TE+bBSNefb5uHPQAhhSpsw==" certificate="" listName="eMinerva Exceptions - All Schools" viewName="" rowLimit="100">
</communicator>

0
Fixed

GetTransformedEntities: The transaction is in doubt

Tony Sheehy 13 years ago updated by anonymous 10 years ago 8

The following exception was encountered during a full import of two adapters:

An exception has occured whilst performing a job for adapter 9c0cc85e-de5b-448e-946d-73f3323f5a78 job GetTransformedEntities (ParallelGate):
System.Transactions.TransactionInDoubtException: The transaction is in doubt. ---> System.Data.SqlClient.SqlException: Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding.
at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning()
at System.Data.SqlClient.TdsParserStateObject.ReadSniError(TdsParserStateObject stateObj, UInt32 error)
at System.Data.SqlClient.TdsParserStateObject.ReadSni(DbAsyncResult asyncResult, TdsParserStateObject stateObj)
at System.Data.SqlClient.TdsParserStateObject.ReadNetworkPacket()
at System.Data.SqlClient.TdsParserStateObject.ReadByte()
at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
at System.Data.SqlClient.TdsParser.TdsExecuteTransactionManagerRequest(Byte[] buffer, TransactionManagerRequestType request, String transactionName, TransactionManagerIsolationLevel isoLevel, Int32 timeout, SqlInternalTransaction transaction, TdsParserStateObject stateObj, Boolean isDelegateControlRequest)
at System.Data.SqlClient.SqlInternalConnectionTds.ExecuteTransactionYukon(TransactionRequest transactionRequest, String transactionName, IsolationLevel iso, SqlInternalTransaction internalTransaction, Boolean isDelegateControlRequest)
at System.Data.SqlClient.SqlDelegatedTransaction.SinglePhaseCommit(SinglePhaseEnlistment enlistment)
--- End of inner exception stack trace ---
at System.Transactions.TransactionStatePromotedIndoubt.PromotedTransactionOutcome(InternalTransaction tx)
at System.Transactions.CommittableTransaction.Commit()
at System.Transactions.TransactionScope.InternalDispose()
at System.Transactions.TransactionScope.Dispose()
at Unify.Framework.Data.LinqContextConversionBase`4.SubmitChanges()
at Unify.Framework.ParallelGate.ParallelGateJob.RunBase()
at Unify.Framework.AsynchronousJobExecutor.PerformJobCallback(Object state)
  • The CPU usage while these adapters were importing was consistently around 98/99% usages, with 200k memory usage.
  • There were 10k and 9.999k entities in the respective adapters being imported.
  • The full imports into FIM both suceeded, and took
    • 6 minutes 11 seconds and,
    • 5 minutes 24 seconds to complete respectively.
  • Additionally, the second adapter was moving from a DN Format of:
0
Fixed

Identity Broker authentication issues with ISA Proxy

Mark Southwell 14 years ago in UNIFYBroker/Aurion updated by anonymous 10 years ago 18

When attempting to import from Aurion error thrown:

System.New.webException: The remote server returned an error: (407) Proxy Authentication Required.

Proxy authentication is configured in the ConnectorEngine.extensibility.config.xml.

Config files and error log attached.


Application log errors.txt
ConnectorEngine.extensibility.config.xml
Unify.Service.Connect.exe.config
UnifyLog20110906.csv


Customer support service by UserEcho