Identity Broker Forum
Welcome to the community forum for Identity Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.

Investigate rich editors for LDAP/SQL queries
From Bob Bradley:
Other ideas are ways to avoid user errors during agent/connector config, e.g.
1. AD/ADLDS changes plug-in
Wondering if something similar to the MMC snap-in LDAP query builder could be added to the Event Broker gui? Something perhaps like http://softwaretopic.informer.com/ldap-query-builder/ or http://jxplorer.org/
2. SQL changes, etc. plugins
Similar to LDAP query builder, wondering if there is a SQL query builder? Maybe something like http://redquerybuilder.appspot.com/?

potential implications for v7.5 of chris21
Both AHG and GCCC have plans to upgrade to chris21 v7.5 in the not too distant future. It appears that in the extensive release notes for that version, it is mentioned that some database tables have been changed. Given the current issues at AHG, they have specifically asked us to confirm whether that upgrade will require changes to the Identity Broker solution.

Multivalue.GenerateDNs Doesn't return group column
Put the following into my dev environment and the portalAccessMembersDN column did not generate. No errors present. Not urgently required for this project, but would help in efficency down the track.
<adapter name="Multivalue.GenerateDNs"
InputKey="portalAccessMembers"
GroupTarget="portalAccessMembersDN"
groupValueType="Integer">
<dn>
<dnComponent name="Field" attributeType="UID" key="MultivaluePart"/>
<dnComponent name="Constant" attributeType="DC" value="Parent"/>
</dn>
</adapter>

Implications of an Oracle version upgrade for chris 21 environment on Identity Broker for chris21
Gold Coast City Council has asked whether an upgrade of Oracle from Version 9 to either 10g or 11g will have any impact on Identity Broker for chris21. It is presumed that there is NO associated upgrade to the chris21 application version.

CSV Connector does not seem to pick up multivalue fields
The field "Telphone" is multivalue, and the following line is being imported:
13,Matthew Clark,1337,"0413371337,0412123123",another@address.com
However, the Telephone value is still being sent to FIM as a single valued field:
dn: CN=859cbd1d-fe77-4cd7-b88d-998f12aae491
objectClass: csvPerson
IdBID: 859cbd1d-fe77-4cd7-b88d-998f12aae491
Key: 13
Name: Matthew Clark
EmployeeID: 1337
Telephone: 0413371337,0412123123
Email: another@address.com

Improve visibility of missing schema mappings
It's pretty easy to miss the fact that you have to update the connector after the schema is updated, a yellow bar similar to that used in the standard warnings above the schema mappings would help this.

Chris21 Connector failed connection displays password in UI
The error from Chris21 is passed straight through to the IdB UI and displays the password.
I don't think this is desirable.

Form discovery
Enable the connector to fetch the names of available Chris21 forms on configuration. We could use the scripted dropdown control so that it does not become cumbersome to navigate the hundreds of forms available by default.
Estimate includes restructuring the UI for the required multi-step approach, and research into how to retrieve form details via GTR.

Installer does not create permission for user in database
The Service Account user is not created in the Database and therefore the service cannot start. I would expect that the user would be created if the database is being created.

Adds over LDIF adapter not working
Because of the use of the GetObjectClass method which uses an object's DN to work out which schema it should use, new objects are not found for added entities exported to the adapter. The following error is thrown:
Specified argument was out of the range of valid values.
Parameter name: A matching entity with distinguished name CN=Identity could not be found in adapter with id a2157878-8417-468e-a6dd-d634cec68b0e.
For adds, the adapter should be checking for the presence of the objectClass attribute exclusively (which is present in the LDIF).
Customer support service by UserEcho