The following error is thrown when a large number of containers are being updated:

This was found while configured SALES-230. Within a composite, I have an address and person connector. The address DNs are set up such that they are contained by the person object (eg. person CN=100001 with address CN=H,CN=100001). If the person objects are cleared and reimported, the attempt to update all the containers fails with the above error.

The following error occurs when attempting to make use of a non-LDAP compliant named field, even when the field name will not be part of the final schema (in this case it's used in the dn generator):

System.ArgumentException: new_personid is not a valid LDAP attribute name
Parameter name: attributeName
 at Unify.Product.IdentityBroker.AdapterEntityValueCollectionKey..ctor(String valueName) in c:\workspaces\DEV\IdentityBroker\Source\Entity\Unify.IdentityBroker.Entity.Interfaces\AdapterEntityValueCollectionKey.cs:line 46
 at Unify.Product.IdentityBroker.AdapterEntityValueCollectionKey.op_Implicit(String field) in c:\workspaces\DEV\IdentityBroker\Source\Entity\Unify.IdentityBroker.Entity.Interfaces\AdapterEntityValueCollectionKey.cs:line 176
 at Unify.Connect.Web.AdapterController.SaveFieldDNGenerator(FieldDNComponentGeneratorViewInformation viewInformation) in c:\workspaces\DEV\IdentityBroker\Source\Studio\Unify.Connect.Web\Controllers\AdapterController.cs:line 1444
 at lambda_method(Closure , ControllerBase , Object[] )
 at System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary`2 parameters)
 at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary`2 parameters)
 at System.Web.Mvc.ControllerActionInvoker.<>c__DisplayClass15.<InvokeActionMethodWithFilters>b__12()
 at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethodFilter(IActionFilter filter, ActionExecutingContext preContext, Func`1 continuation)
 at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethodWithFilters(ControllerContext controllerContext, IList`1 filters, ActionDescriptor actionDescriptor, IDictionary`2 parameters)
 at System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName)

The schema shouldn't validate this here, especially when the field is only being used in a dn generator.

Polling has had to be disable in the Organization Connector.

When OrganizationProfileManager.GetChanges(token); is called, the exception below is thrown.

This is due to the OrganizationProfileMembershipChange constructor containing a cast directly from an object to an int.

The code for polling is already written, only the interface on the connector was removed.

Check online sources, find a patch or raise an issue with Microsoft.

Specified cast is not valid.
   at Microsoft.Office.Server.UserProfiles.OrganizationProfileMembershipChange..ctor(ProfileManagerBase profileManager, SqlDataReader reader, Boolean loadProfile, ProfileBase profile)
   at Microsoft.Office.Server.UserProfiles.ProfileBase.GetOneChange(ProfileManagerBase profileManager, SqlDataReader sqlRecords, Boolean restrictToColleagueProperties, Boolean loadProfile, ProfileBase profile)
   at Microsoft.Office.Server.UserProfiles.ProfileBase.GetChanges(ProfileManagerBase profileManager, Int32 viewerRights, ProfileBaseChangeQuery changeQuery, Boolean restrictToColleagueChanges, Boolean fSortDescending, ProfileBase profile)
   at Microsoft.Office.Server.UserProfiles.ProfileBase.GetChanges(ProfileManagerBase profileManager, Int32 viewerRights, ProfileBaseChangeQuery changeQuery)
   at Microsoft.Office.Server.UserProfiles.OrganizationProfileManager.GetChanges(ProfileBaseChangeQuery changeQuery)
   at Microsoft.Office.Server.UserProfiles.OrganizationProfileManager.GetChanges(UserProfileChangeToken changeToken)
   at Unify.Connectors.SharePoint.SharePoint2010WCFService.UNIFYIdentityBrokerService.SharePoint2010OrganizationProfileService.GetChangedOrganizationProfileIds(String oldChangeToken)

I have a few thoughts around Identity Broker based on relatively recent interactions with the product. Hopefully I won't have doubled up too much with others or missed functionality that might already be there.

COMMON TRANSFORMATIONS
Over time I have seen quite a bit of work needing to be done in SQL to prepare or cleanse data prior to Broker (or straight ILM) being involved. This may just be simple views or complex changes. Currently views need to be developed still with Broker when things could perhaps be solved with a few common simple transformations such as:

• Trimming leading and / or trailing spaces
• Case changes (toupper, tolower)

DATA LOADING and management

• Ability to specify a query (akin to a SQL view definition) when retrieving data from a SQL repository)
• Ability to archive / age data out of the store so the connector space is reduced (e.g. if a record is inactive for more than 90 days don't present through to the adapter interface)

INTERFACE and OPERATIONAL MANAGEMENT

• Ability search for individual records rather than having to return all adaper or connector space records
• More visibility of teh transformations (I think this has already been referenced but thought I would support it)
• Better scheduling. We need to be able to schedule daily and time based delta and full loads. i.e. akin to what is being delivered with the newer Event Broker.
• Timing: Please at least let us work in seconds (and minutes and hours) rather than "ticks"
• Better visibility around what is happenning and what is in the data repository

I am sure there are a few others, but this is a start.
thanks,
Craig Gilmour

To achieve similar configuration speed/ease benefits of Event Broker v3.1, an auto-configuration process should be considered for Identity Broker v4.1.

This issue has an explicit prerequisite for IDB-932, as being able to talk to target systems will be a prerequisite to describe their object classes.

Unlike FIM Event Broker where we have to ask a number of questions about each management agent, we could describe the partitions of a Chris21 or TRIM etc. in a standard manner. This means no custom UI per instance.

Definitions of connectors are much closer to schema providers, namely many connectors can be described by dynamic/static unique identifiers. Those that can't could be described away with bespoke Alerts.

With our definitions of connectors defined in concrete, we can systematically define standard adapters. Whether they're standard would be debatable, but they would at least be a backbone for the implementation, and hopefully get us the 80/20.

I get the following error when trying to perform a Full Import of the configured SAP Employee Connector

20121121,01:02:23,Change detection engine import all items failed.,Change detection engine,Warning,"Change detection engine import all items for connector Employee Connector failed with reason An attempt was made to load a program with an incorrect format. (Exception from HRESULT: 0x8007000B). Duration: 00:00:00
Error details:
System.BadImageFormatException: An attempt was made to load a program with an incorrect format. (Exception from HRESULT: 0x8007000B)
at SAP.Connector.Connection.Open()
at Unify.Communicators.SapHRCommunicator.SapHrCommunicator.Open()
at Unify.Communicators.SapHRCommunicator.SapHrCommunicator.GetEmployees(String statusType, DateTime startDate, DateTime endDate, String infoType, IEnumerable`1 subTypes, IEnumerable`1 employeeIdRecords)
at Unify.Connectors.SapHrEmployeeConnector.ProcessGetEntities(IEnumerable`1 employeeRecords)
at Unify.Framework.ConnectorToReadingConnectorBridge.GetAllEntities(IStoredValueCollection storedValueState)
at Unify.Framework.EventNotifierReadingConnectorDecoratorBase`1.GetAllEntities(IStoredValueCollection storedValues)
at Unify.Framework.ChangeDetectionImportAllJob.ImportAllChangeProcess()
at Unify.Framework.ChangeDetectionImportAllJob.RunBase()
at Unify.Framework.MutexJobDecorator.Run()
at Unify.Framework.DefinedScopeJobAuditTrailJobDecorator.Run()
at Unify.Framework.AsynchronousJobExecutor.PerformJobCallback(Object state)",Normal

I originally had the x64 version of Identity Broker installed and later realised that this is unsupported by the SAP Connector. Uninstalled it and went with an x86 version, as well as the x86 installer of the SAP connector. The net rrsult being that my environment has:
[*] Identity Broker 3.0.7.6 x86
[*] Identity Broker for SAP HCM 3.0.1.3 x86

I've attached my connector config.

The error appears to be identical to that reported at https://unifysolutions.jira.com/browse/ALDMLS-20 for previous Identity Broker versions.

After failing to resolve this in the DSEWPaC environment, I installed an x86 version of Identity Broker locally and the SAP connector and reproduced the error on my own system.

If a adapter DN template is generated using the IdBID, a LDAP client cannot add entities as the add request requires a DN, which includes a new guid value, however the IdBID is still generated for the entities creation. This means the DN supplied doesn't match the newly created entities generated DN, resulting in the following error.

Handling of LDAP add request.
Handling of LDAP add request from user Admin on connection 192.168.16.54:53591 to add an entity with a distinguished name of UID=EA866F73-1AFD-483C-9D8B-37DE4A982A38,OU=childCon,DC=IdentityBroker failed with error "Add request failed as the converted DN UID=7f30b4c7-dd4d-4aef-9200-ee9570282069,OU=childCon,DC=IdentityBroker does not match the request DN UID=EA866F73-1AFD-483C-9D8B-37DE4A982A38,OU=childCon,DC=IdentityBroker.". Duration: 00:00:00.0250182.

The current design of Identity Broker commits updates to entities to the database at internally defined intervals. This additional feature will allow the connector to run cleanup functions on the source system after it is certain that the commit on Identity Broker has succeeded.

The change should add something like the following method to the Unify.Framework.Collections.EnumerableExtensions library:

public static IEnumerable<T> ActionAfterCommit<T>(this IEnumerable<T> source, Action actionOnLast);

Edit (Adam): Another possible pattern is another interface that connectors could optionally implement.

Identity Broker timings allows us to specify how often a particular operation runs... however (to my knowledge) it does not allow us to specify when to commence the timer for that timing. By default, timings start from the time the service starts.

For example, we can set a connector to perform a full import every 24 hours... but we cannot set the connector to import every 24 hours AT MIDNIGHT.

The ability to specify a start time for operations in Identity Broker (and also Event Broker 3) would be beneficial, as clients often ask us to schedule operations for out-of-hours.

See the following stack trace:

System.NullReferenceException: Object reference not set to an instance of an object.
   at Unify.Framework.ArrayEqualityComparer`1.GetHashCode(T[] obj) in S:\hg\Framework\Core\v3.0.4\Source\Collections\Unify.Framework.Collections\Comparers\ArrayEqualityComparer.cs:line 65
   at Unify.Framework.MultiKeyValue.GetHashCode() in S:\hg\Framework\Core\v3.0.4\Source\Entity\Unify.Framework.Entity.Interfaces\MultiKeyValue.cs:line 98
   at System.Collections.Generic.GenericEqualityComparer`1.GetHashCode(T obj)
   at System.Collections.Generic.Dictionary`2.Insert(TKey key, TValue value, Boolean add)
   at System.Collections.Generic.Dictionary`2.Add(TKey key, TValue value)
   at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer)
   at System.Linq.Enumerable.ToDictionary[TSource,TKey,TElement](IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector)
   at Unify.Repository.EntityRepositoryExtensions.ConvertConnectorEntitiesWithRepositoryEntities(IEnumerable`1 connectorEntities, IMultiKey`1 schemaKey, IQueryable`1 sourceEntities, Guid connectorId, IEnumerable`1 originalEntities) in C:\hg\Framework\Core\Master\Source\Entity\Unify.Repository.Entity\EntityRepositoryExtensions.cs:line 94
   at Unify.Framework.Adapter.SaveEntities(IEnumerable`1 entities, Boolean reflect) in S:\hg\Framework\Core\v3.0.4\Source\Adapter\Unify.Framework.Adapter\Adapter.cs:line 463
   at Unify.Framework.Adapter.SaveEntity(IAdapterEntity entity, Boolean reflect) in S:\hg\Framework\Core\v3.0.4\Source\Adapter\Unify.Framework.Adapter\Adapter.cs:line 387
   at Unify.Framework.CompositeAdapter.SaveEntity(IAdapterEntity entity) in S:\hg\Framework\Core\v3.0.4\Source\Adapter\Unify.Framework.Adapter\CompositeAdapter.cs:line 215
   at Unify.Framework.AdapterNotifierDecorator.SaveEntity(IAdapterEntity entityToSave) in S:\hg\Framework\Core\v3.0.4\Source\Adapter\Unify.Framework.Adapter\AdapterNotifierDecorator.cs:line 200
   at Unify.Framework.LDIFAdapter.ExportAdapterEntity(IAdapterEntity adapterEntity, Guid adapterId) in S:\hg\Framework\Core\v3.0.4\Source\Adapter\Unify.Framework.Adapter.Remoting\LDIFAdapter.cs:line 118
   at Unify.Framework.LDIFAdapterServiceHostDecorator.ExportAdapterEntity(IAdapterEntity adapterEntity, Guid adapterId) in S:\hg\Framework\Identity Broker\v3.0\Source\Unify.Framework.ConnectEngine\LDIFAdapterServiceHostDecorator.cs:line 69
   at SyncInvokeExportAdapterEntity(Object , Object[] , Object[] )
   at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
   at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage4(MessageRpc& rpc)
   at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)",Normal

Related to issue IDBSP-6