Identity Broker Forum

Welcome to the community forum for Identity Broker.

Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.

  1. Forum: UNIFYBroker Forum
0
Fixed

WCF Communicator UI in Framework is incomplete

Matthew Clark 11 years ago updated by anonymous 9 years ago 1

The WCF communicator in UI is improperly formatted and does not use correct labels. It also seems to be using the wrong control for the impersonation level. This is affecting the SharePoint and EMinerva connectors.


WCFail.png
0
Completed

Merge related transformations

Tony Sheehy 12 years ago updated by anonymous 9 years ago 15

The following transformation groupings could be merged into single transformations with additional filters/cleared:

  • Membership List, Membership List Composite Key, Membership List Composite Key with String Priority, Membership List Date Relational
  • Date Relational (Standard, Next Placement, Recent, Relevant, String Priority), Relational (standard/string priority), Composite Relational, Composite Relational with String Priority, Time relational and prioritized, time relational.

Where additional filters that could be merged are seen as:

  • The implementations of IncludeItem for relational transformations,

and where standard keyed transformations could be represented as composite key transformations with a single key.

This would substantially cut down on the number of transformations users are expected to understand or wade through before getting to a useful transformation.

Additionally, update the descriptions of transformations on the documentation / factories.

0
Answered

Identity Broker and Password Reset

Bob Bradley 13 years ago updated by anonymous 9 years ago 12

The "enable password management" checkbox is disabled and unselected in the attached screenshot. Does this mean that password sync is not supported with a standard IdB implementation? @VicEd there will be a need to establish a connector with an external directory purely for password sync (no normal attribute flows ... just a connector for each object), and in this special case the "placeholder" connector would be perfect at providing the necessary anchor (cs object) to implement a change/set password extension for this directory.


IdB.FIMMA.ConfigureExtensions.png
0
Fixed

Unable to Upgrade IdB v4.1.1 to v4.1.3

Monash 10 years ago updated by anonymous 9 years ago 12

Hi

We are unable to upgrade from v4.1.1 to v4.1.3 of Identity Broker Service

Our server was on v4.1.1 RTM

1) First we had tried a "attempt upgrade" to v4.1.3. It failed with SQL error (attached screenshot)

2) Then we thought probably we need to go v4.1.2 first before.. So we downloaded "UNIFY Identity Broker Service v4.1.2 RC1 x64". Upgraded to that. Worked. Then tried v4.1.3 upgrade and failed again

Please let us know how to fix this asap

We do have a backup of v4.1.1 DB with us.

Regards


IdentityBroker Upgrade.sql
unifyidb.sql
Upgrade Error.JPG
0
Answered

Identity Broker for NIM requires a permanent, unique key be specified for associations

Nick Mathas 13 years ago in UNIFYBroker/Novell Identity Manager updated by anonymous 9 years ago 11

I have a question about Identity Broker that relates to the SA Water Project I am currently working on. This is probably a question which I will need to talk with someone about, but thought I should follow the process and put it in Jira first.

Patrick, I have assigned this to you on the basis of advice from Shane, as you are the Prduct Group Operations Leaad, as per the Jira page on Product Group Support (https://unifysolutions.jira.com/wiki/display/PRDGRP/Support)...

I have a problem with the the interaction between Identity Broker and NIM, I am hoping that this is a lack of understanding on my part.

What I need to be able to do is trigger the equivalent of a FIM full import. The mechanism for doing this within NIM is called a "migrate from connected system". This fails within NIM with the error message: "Not enough information to migrate instance xxx"

To achieve the same result, I think one of the following two options may work:

1. If I was able to specify which attribute in the Adapter is used as the Unique Key provided to NIM (if I could specify the detnumber from CHRIS21 as the key that would be great); this is currently a DN which changes when you "Clear all connectors". This causes a problem in NIM because it makes every record seem like an entirely new "person" until it attempts to match the record; then the matched recoird thinks it has a different matching record from CHRIS21 and thows an erro in NIM
2. Or, is it possible specify that all records in the adapter space are "new" whilst keeping the previous DN.I think this would be similar to clearing all associated changes records in the entity repository without generating a new DN for the record in the adpater space...

0
Fixed

MultiValue Union transformation not working

Tony Sheehy 12 years ago updated by anonymous 9 years ago 7

A multivalue union configured with a date field fails with:

Adapter import all entities for adapter failed.
Adapter import all entities for adapter 02dcad6e-a5d8-4b34-8650-1bb5e917ec2a failed with reason Invalid date time - the value passed was Unify.Framework.IValue[]. Duration: 00:00:01.3974610
Error details:
Unify.Product.IdentityBroker.EntitySchemaValidationException: Invalid date time - the value passed was Unify.Framework.IValue[] ---> System.Exception: Unify.Framework.IValue[] could not be parsed into a valid DateTime format.
--- End of inner exception stack trace ---
at Unify.Product.IdentityBroker.EntityDateTimeTypeSchemaValidator`1.CreateValue(Object dataValue)
at Unify.Product.IdentityBroker.MultiValueUnionTransformation.<Transform>d__0.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
at Unify.Product.IdentityBroker.Adapter.ReflectPage(IAdapterEntityPartitionUpdatableContext adapterContext, IEnumerable`1 entities, HashSet`1 seenEntities, ParallelGate gate)
at Unify.Product.IdentityBroker.Adapter.<>c__DisplayClass11a.<GetTransformedEntities>b__10d(IEnumerable`1 page)
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at Unify.Framework.Collections.ActionOnExceptionEnumerator`1.MoveNext()
at Unify.Framework.Collections.EnumerableExtensions.<ActionOnLast>d__17`1.MoveNext()
at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
at System.Linq.Enumerable.<ConcatIterator>d__71`1.MoveNext()
at Unify.Framework.IO.LDIFComponentFileGenerator`1.GenerateFile(TextWriter writer, IEnumerable`1 entries)
at Unify.Product.IdentityBroker.LDIFAdapterBase.<>c__DisplayClass14`1.<CreateLDIFComponentStream>b__13(Stream stream)
at Unify.Framework.IO.LazyEvaluationStream.Evaluate(Object obj)

We believe the validator being passed through by the factory is incorrect.

0
Fixed

Improve exception for schema mismatch

Tony Sheehy 12 years ago in UNIFYBroker/Microsoft Identity Manager updated by anonymous 9 years ago 4

The following is the exception thrown when the schema of an adapter does not match the generated XMA schema from FIM.

The given key was not present in the dictionary.
   at System.Collections.Generic.Dictionary`2.get_Item(TKey key)
   at Unify.Product.IdentityBroker.LDIFToAdapterEntitySaveAdapterBase`1.<>c__DisplayClassf.<ConvertValues>b__b(<>f__AnonymousType0`2 item)
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
   at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
   at Unify.Product.IdentityBroker.LDIFToAdapterEntitySaveChangeAdapter.GetConvertedValuesFromSchema(String objectClass, IEnumerable`1 values)
   at Unify.Product.IdentityBroker.LDIFToAdapterEntitySaveChangeAdapter.<Transform>d__3.MoveNext()
   at Unify.Product.IdentityBroker.LDIFAdapterBase.ExportChanges(ExportedLDIFForAdapter exportedLdifForAdapter)
   at SyncInvokeExportChanges(Object , Object[] , Object[] )
   at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
   at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
   at Unify.Product.IdentityBroker.IdentityBrokerManagementAgentProxy.ExportEntry(ModificationType modificationType, String[] changedAttributes, CSEntry csentry)
Forefront Identity Manager 4.0.3606.2"
0
Fixed

Container Foreign Key conflict on delete connector

Tony Sheehy 13 years ago updated by anonymous 9 years ago 4

On deleting a connector that has been used for FIM Exports and CSV full-imports, the following exception was thrown:

System.ServiceModel.FaultException`1[System.ServiceModel.ExceptionDetail]: The ALTER TABLE statement conflicted with the FOREIGN KEY constraint "FK_Container_Container". The conflict occurred in database "Unify.IdentityBroker", table "dbo.Partition", column 'PartitionId'. (Fault Detail is equal to An ExceptionDetail, likely created by IncludeExceptionDetailInFaults=true, whose value is: System.Data.SqlClient.SqlException: The ALTER TABLE statement conflicted with the FOREIGN KEY constraint "FK_Container_Container". The conflict occurred in database "Unify.IdentityBroker", table "dbo.Partition", column 'PartitionId'. at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning()
at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
at System.Data.SqlClient.SqlCommand.RunExecuteNonQueryTds(String methodName, Boolean async)
at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(DbAsyncResult result, String methodName, Boolean sendToPipe)
at System...).
0
Completed

Review transformations

Tony Sheehy 13 years ago updated by anonymous 9 years ago 11

It is currently quite difficult to find the transformation you're after, namely:

  • There are two "Multivalue relationship distinguished name generator" transformations.
  • There is a "Date Relational Group" transformation, which is packed between the multi value transformations, and it's not clear that it's actually a Membership List transformation.
  • The terminology for Membership List in and of itself might be worth looking at for the sake of usability; and in any case the regression test itself as "Group Membership {0}

    " transformations

  • The Multi-value relationship DN generator transformation should probably loose the 'DN Generator' part and just be "Multivalue Relationship" for the sake of brevity.
  • The list of transformations is not currently ordered in any discernable fashion. (Either alphabetically or in order of expected amount of use).
  • Some transformation logic is duplicated, with the only difference being the relationship being one-to-one vs many-to-many. Please remove the one-to-one keeping in mind backwards compatibility (from IDB-414).

With regards to transformation descriptions, it may also be worth including a use case for the transformation; for instance although the description of Is Operative pretty obviously explains what it does it is not immediately obvious what it can be used to do.

0
Fixed

Cicso UCM IdB connector - Query request too large

Carol Wapshere 12 years ago in UNIFYBroker/Cisco Unified Communications Manager updated by anonymous 9 years ago 9

Attempting first imports into IdB. Using the exact same config as Test however in test there are only 60 people in UCM. In prod there are over 7000. I'm getting this in the IdB log:

<SOAP-ENV:Body xmlns:SOAP-ENV=<span class="code-quote">""http:<span class="code-comment">//schemas.xmlsoap.org/soap/envelope/"</span>">
</span>  <SOAP-ENV:Fault>
    <faultcode>SOAP-ENV:Client</faultcode>
    <faultstring>Query request too large. Total rows matched: 19317. Suggestive Row Fetch: less than 1514</faultstring>
    <detail>
      <axl:Error xmlns:axl=<span class="code-quote">""http:<span class="code-comment">//www.cisco.com/AXL/API/7.1"</span>">
</span>        <axl:code>5011</axl:code>
        <axl:message>Query request too large. Total rows matched: 19317. Suggestive Row Fetch: less than 1514</axl:message>
        <request>executeSQLQuery</request>
      </axl:Error>
    </detail>
  </SOAP-ENV:Fault>
</SOAP-ENV:Body>

AdapterEngine.extensibility.config.xml
ConnectorEngine.extensibility.config.xml


Customer support service by UserEcho