Connecting from UNIFYConnect to my customer's Chris21 via PortBridge I am seeing some strange API delays.

For DET I see the following - connection successful, then a one minute delay before all the records come through:

For POS it's a bit more problematical - connection successful, but nearly 5 minute delay before the records come through, accompanied by a "loop time limit" timeout error which aborts the import:

Do you have any suggestions what might be going on to result in this behaviour?

The customer is filtering the results we see to just a small number of records, as this is a small-scale POC.

Priority: Critical
Impact: Use of transformation renders whole UNIFYConnect environment unusable

A join transformation on a single valued field is causing high CPU, Memory and Database resource consumption. 

Source adapter has 7000 entities. Connector being joined to has 7100 entities. 

May be of interest: The field being joined to in the connector  has some values as "empty" rather than null.

Priority: Low/Medium
Impact: Higher than necessary UNIFYConnect resource consumption

With a connector and adapter configured in UNIFYBroker, and the adapter has multiple transformations registered (such as joins and future dated changes), a change appears to be registered in the change table for each combination of entity + transformation. 

This can result in 8-10 changes being registered for the same entity. While this isn't impactful from a change perspective (the latter computations of changes result in no actual changes being made to the adapter entity), a connector import of 7000 entities is resulting in upwards of 60,000 changes being registered which results in unnecessary delays of processing and computation on the database.

In UNIFYConnect very occasionally Change Sync won't run (either from a schedule or when invoked manually from the UI) when there are pending changes on the link.  Service restart doesn't help, but running a Baseline Sync does.  I have no idea what causes it to get into this state I'm afraid.

The error Changes register item processing on connector TechOne Person failed with reason Cannot process a DateTime of type 'Unspecified' is logged for an adapter which has a join to another connector with a Timestamp field that was populated by PowerShell when that adapter's base connector imports a new or updated entity, even when that Timestamp field has DateTime kind 'Utc' or 'Local'.

My config has two PowerShell connectors, TechOne Person and TechOne Position.  The Position connector has two fields StartTimestampUTC and EndTimestampUTC which are set to valid DateTime values, of kind 'Utc'.  There is one adapter, TechOne Person, for which the Person connector is a base, and the Position connector is a Join transform with StartTimestampUTC and EndTimestampUTC fields both mapped into adapter fields.

When a new record is present in the Person connector import, reflection causes the above error message to be logged, but the adapter record is created correctly nevertheless.  When a subsequent Generate Changes is run on the adapter, the error is not logged.  If the record is reimported with updated values, the error is logged.

My customer is seeing this error, even though Handle Certificate Errors is set to "None":

Here's the config:

Port 80 without SSL works fine, with an otherwise identical configuration.

In case it's relevant, the connection to Chris21 is via a UNIFYConnect PortBridge tunnel on a non-standard IIS port number (444).  It's not possible to use port 443 due to restrictions on the customer side.

I am trying to connect to a new customer's Chris21 instance (via PortBridge, just to make it more complicated) and they don't appear to have a "Scalable/c21connect.asp" endpoint in their Chris21 install. How do I work out what URI to use instead?

Hi Team,

We are currently experiencing an issue with a HPRM Associations Connector where by the schema has seemingly updated automatically and changed the Key attribute's (Uri) required value to 'false'. It also seems the field is locked (see in the below image) so it cannot be manually overridden to put the connector back in a working state.

This then, as a result, breaks the corresponding Adapter as the Uri field is used as a part of the DN. Broker provides the following error in the logs:

"

An error has occurred: Error in adapter HPRM Associations distinguished name configuration: The DN component part 'CN=[Uri]' could not be executed as the field Uri is not required. An empty field would result in a DN of 'CN='.

full error:
System.Exception: Swagger Exception could not be parsed. SE response code: 500; SE response text: {"Message":"An error has occurred.","ExceptionMessage":"Error in adapter HPRM Associations distinguished name configuration: The DN component part 'CN=[Uri]' could not be executed as the field Uri is not required. An empty field would result in a DN of 'CN='.","ExceptionType":"Unify.Framework.UnifyConfigurationException","StackTrace":" at Unify.Product.IdentityBroker.AdapterEngine.ValidateAdapterForEnabling....

"

Checking the UAT environment, I can see that the HPRM Associations connector still has the Uri field's required value set to true.

I can see the fix for this particular issue would be fix the source for wherever the schema is being drawn from. So I'm looking to see if you could tell me where the Connector is getting the schema from. In addition as it seemly committed a modification to the schema from the source without a user committing it through the GUI, would you be able to elaborate on when the connector commits changes to the schema?

Thanks in advance

Hi Team,

A customer has reported high CPU usage for the UnifyBroker service coming to me initial with the following report:

"In the past month we have been getting High CPU (90%) usage of the UnfyBroker service. We are using version v5.3.3. There has been no change in the environment other than the normal Microsoft patches once a month. It is occurring on both our prod and uat environments."

Confirm some further details with the customer I got the following spec information on the hosts and details about the behaviour:

"Specs on the servers.

Name Memory vCPU OS

PRD 16Gb 4 2016

UAT          14Gb 4 2016

Processor type - Intel(R) Xeon(R) Gold 5118 CPU @ 2.30GHz, 2295 Mhz, 1 Core(s), 1 Logical Processor(s)

The high cpu is more often on the uat server which processes the same data as prod for new accounts but the changes during the day are very minimal. The cpu usage does come down after

The utilization in some instances has cleared itself. Some have been by stopping the service. Timing is from 10 mins to an hour for uat. Interestingly on the prd server the time has been for several hours."

Some initial adjustments were made to the scheduler to ensure nothing is overlapping, though this wasn't really happening much anyway. These adjustments did not see any improvement to the situation.

Additionally the customer reported back the entity counts in the connectors to get a gauge for the size of the environment:

"Connector Prod Uat

Employee CSV 10792 10792

Position CSV 10792 10792

Teams 14805 1035

AD 45683 51356

Adapters

Person 10792 10792

Position 10792 10792"

Looking at the extensibility for the setup there are a number of powershell transform in the environment, which may explain some high cpu usage while connectors or running, though doesn't seem to explain why the high cpu usage continues afterwards.  

Finally the following resource monitor screenshots were provided to see what is consuming the resources for the service while no connectors are running:

I have confirmed no out of bounds scripts are contacting the service. And that there aren't a large number of WebUI sessions open that could be causing issues. So I am looking for the next steps in troubleshooting this one. Are you able to provide any guidance in figuring out what could be consuming the resources like this?

Let me know if there is any further information I can provide you.

Thanks in advance

An update from Azure via the SCIM gateway is being passed through to the adapter as a large XML document, as shown in this UNIFYBroker PowerShell log entry in a reverse adapter transform:

Before this SCIM update was received, the JobTitle field in the adapter for this user was NULL.  After the export update was received and processed the field in the adapter contained the XML document content.  Here is what the Azure POD showed:

According to Azure, it doesn't appear to be updating the title SCIM attribute (which ismapped to the JobTitle adapter field) at all, but nevertheless UNIFYBroker is populating it with XML document content by the time it gets to the adapter reverse transform.

Here's the adapter reverse transform (which doesn't do anything with JobTitle) showing the logging code: