I know we've had issues with this one in the past, but as FIM/TeamCity are two prominent examples of it seeming possible and we generally only target 2008 R2 + these days we should take another look.

Custom actions may also have been a problem before because of 2008 certification, but 2012 only suggests the following is not allowed:

Nested install custom actions (type 7, 23, and 39)

EDIT: This would be in the form of a checkbox where people can opt out.

IdB provides meaningless GUIDs instead of name when reporting errors in UI. Need to provide name of connector or adapter.

Example:
Adapter import all entities for adapter e14dde8a-73ff-4723-acbd-b34f5cb38ac0 failed with reason EMAIL_ADDR is not a valid LDAP attribute name Parameter name: attributeName. Duration: 00:00:01.1860000

New c21 users do not have their position populated in ILM until VERY late in their lifecycle (sporadic population of position data). As a result users do not have any associated position information / manager details etc at provision time.

I have not seen this at any other client site.

Example User
Employee ID: 1200210

RAW GTR:

cbr="detlst",gw_transactionid="17",detnumber="1200210",dettitle="MR",detsurname="Mazereeuw",detdatejnd="2012-12-03",
detg1name1="Martin",detg1name2,detprefnm,detpresurn,dettele,detbirdate="1967-04-17",detmarcd,detemailad,detterdate,
detntid,dettempdt2,dettempdte,detsubpos="OTA012",detalttele,updatetag="MORROWE ;21127140110",accesslevel="add",status="ok" 

C21 Org Unit Connector imports all position information correctly

C21 Placement Connector provides the correct reference between posnumber and employeeID/detNumber

C21 Employee ADAPTER does NOT show associated position information for the new user - This occurs WEEKS later

I originally thought there was an error with the relationship processing in the adapter configuration within idB. All connector information seems to be available for the relationship to occur, although the adapter does not present the information with the relationships intact...

This is very strange as the transformations seem to be correct for all existing users RE position information - It just seems to be processed at a later date regardless of if the information is available in identity broker..

I will post the adapter config tonight

HALP!

Test file connector imports data which contains start and an end date. An adapter is configured with this as it base connector and applies Is Operative Transformation as follow:

A full import brings in the changes to the Is Operative Column (Active) on changes are shown using a delta.

General UI:

I think the aim should be to have as much above 'the fold' as possible. I dont like having to scroll down to see essential info. The Logo takes up waaay to much space. Approx 1/3 of the screen is wasted on the logo & white space.

Logs in IdB & EvB dont update in real-time, which means the admin needs to:

• Refresh screen; then if there have been lots of changes:
• Click to the highest page number; and maybe:
• Scroll to bottom of page

something like this (rewritten for .NET) would be nice:

http://logio.org/

Newest log item always at top of page, no need to refresh.

The list connector is not returning errors on saves, giving the appearance that failed exports are successful. Handling should be added to the ModifyListItemAndReturnId method such that the connector can handle messages such as the following (where an update is attempted on a non-existent list item):

<Results xmlns="http://schemas.microsoft.com/sharepoint/soap/"><Result ID="1,Upd
ate"><ErrorCode>0x81020016</ErrorCode><ErrorText>Item does not exist

The page you selected contains an item that does not exist.  It may have been de
leted by another user.</ErrorText></Result></Results>

Estimate includes testing

From Bob Bradley:

Other ideas are ways to avoid user errors during agent/connector config, e.g.
1. AD/ADLDS changes plug-in
Wondering if something similar to the MMC snap-in LDAP query builder could be added to the Event Broker gui? Something perhaps like http://softwaretopic.informer.com/ldap-query-builder/ or http://jxplorer.org/
2. SQL changes, etc. plugins
Similar to LDAP query builder, wondering if there is a SQL query builder? Maybe something like http://redquerybuilder.appspot.com/?

Both AHG and GCCC have plans to upgrade to chris21 v7.5 in the not too distant future. It appears that in the extensive release notes for that version, it is mentioned that some database tables have been changed. Given the current issues at AHG, they have specifically asked us to confirm whether that upgrade will require changes to the Identity Broker solution.

Put the following into my dev environment and the portalAccessMembersDN column did not generate. No errors present. Not urgently required for this project, but would help in efficency down the track.

<adapter name="Multivalue.GenerateDNs"
InputKey="portalAccessMembers"
GroupTarget="portalAccessMembersDN"
groupValueType="Integer">
<dn>
<dnComponent name="Field" attributeType="UID" key="MultivaluePart"/>
<dnComponent name="Constant" attributeType="DC" value="Parent"/>
</dn>
</adapter>