Identity Broker Forum
Welcome to the community forum for Identity Broker.
Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.

Identifying previously denied entities in UNIFYBroker/Plus post-provisioning and synchronisation tasks
Entities that have been pushed onto $denySync in an link's pre-provisioning task may need to be excluded from certain operations in the synchronisation and post-provisioning tasks. For example, if an AD user has not been excluded from provisioning then an attempt to assign birthright AD groups will always fail, and should not be performed.
If would be helpful if there was some mechanism (e.g. a $denySync.ContainsEntity($Entity) method which returns $True if the entity has been .Push()ed previously) to allow detection of this situation.
The current workaround is to duplicate/copy the code from the pre-provisioning task which determines when to add the entity to $denySync into the post-provisioning and/or synchronisation task.

This has been implemented and is available in the release of UNIFYConnect V6, which will be made available shortly.

HPRM Trim associations connector failing to import
I am currently experiencing issues importing with a trim associations connector, I believe its the same as https://voice.unifysolutions.net/knowledge-bases/7/articles/3145-micro-focus-content-manager-associations-connector. The issue in particular is a timeout issue generating the below error. I don't recall a time when this connector was ever working as it has been misconfigured in the past. Please note other location connectors work fine and the agent connector successfully.
Some issue we had in the past, were this connector appeared to be mapped to the "location" connector and has since been update to the "associations".
Thinking something that was possibly incorrect with this config, I tried creating a new connector from scratch and the xml generated is the following, which appears to be the wrong connector type.
Apologies for the images instead of copy/paste, I cannot easily get the config out of the environment. Let me know if you need more information.
Currently running UNIFYBroker 5.3.3
HP TRIM connector 5.3.0.0

Error When Creating or Editing Multivalued Group Transformation on Adapter
I get the following error either when creating a new multivalued group transform or when editing one that already exists. It occurs after you hit save on the Pick Connector screen.

Entity Id search doesn't work
When I put an Entity Id into the search field on the Entity Search screen, UNIFYBroker doesn't search for the entity.
This is particularly problematical when searching by ID for one entity in a large partition, since the only way to find it is to order by Entity Id and browse result pages one by one, matching Entity Ids visually until the required entity is found. Even after selecting "Show 100 entries" for a customer with a large number of entities this takes many minutes and dozens of click-wait-for-page-load-look-and-scroll cycles. Sometimes this process needs to be repeated for many Entity Ids and it becomes frustrating and wastes time.

Entity Search filter OR option
When multiple filters are applied on an entity search the operator applied is by default an AND. A checkbox option(s) similar to say the MIM Portal entity search filtering options would be ideal, but at a minimum the ability to OR filters would be handy to assist test scenarios and troubleshooting.

Chris21 import unexpectedly hangs
A chris21 DET import has hung, seemingly forever. Is there some way to find out what caused it to hang? Could we have a timeout added so it automatically recovers. Right now there's no way to find out there's an issue until the customer rings to ask why processing has stopped.

This has been implemented and is available in the release of UNIFYConnect Module for Chris21, which will be made available shortly.

AD outbound link ends up with join errors to non-existent adapter entities during normal operation
Following successful initial data load and a number of normal HRIS/AD connector import cycles an outbound link to AD has somehow ended up with a join to a non-existent adapter entity (in the case above, eeb1ac7e-fda0-4f64-a509-2af2a88ac22f).
Could this be 4306 Non-existant adapter joins when outgoing baseline syncs fail back to haunt me again? :(

Chris21 API delays and timeouts
Connecting from UNIFYConnect to my customer's Chris21 via PortBridge I am seeing some strange API delays.
For DET I see the following - connection successful, then a one minute delay before all the records come through:
For POS it's a bit more problematical - connection successful, but nearly 5 minute delay before the records come through, accompanied by a "loop time limit" timeout error which aborts the import:
Do you have any suggestions what might be going on to result in this behaviour?
The customer is filtering the results we see to just a small number of records, as this is a small-scale POC.

Seems like this problem is occuring because the customer has defined server-side filtering of the records returned to us, and sometimes the backend runs for over 280 seconds without passing a result back to the Chris21 web service, at which point it times out. Sadly, we haven't been able to find where that 280 seconds delay is configured yet. But the issue is definitely on the Chris21 end.
It should be OK to set this ticket non-private, I was careful to redact customer details and credentials.

Join transformation resulting in high resource consumption
Priority: Critical
Impact: Use of transformation renders whole UNIFYConnect environment unusable
A join transformation on a single valued field is causing high CPU, Memory and Database resource consumption.
Source adapter has 7000 entities. Connector being joined to has 7100 entities.
May be of interest: The field being joined to in the connector has some values as "empty" rather than null.

This has been implemented and is available in the release of UNIFYConnect V6, which will be made available shortly.

Duplicate changes registered for the same entity in the adapter
Priority: Low/Medium
Impact: Higher than necessary UNIFYConnect resource consumption
With a connector and adapter configured in UNIFYBroker, and the adapter has multiple transformations registered (such as joins and future dated changes), a change appears to be registered in the change table for each combination of entity + transformation.
This can result in 8-10 changes being registered for the same entity. While this isn't impactful from a change perspective (the latter computations of changes result in no actual changes being made to the adapter entity), a connector import of 7000 entities is resulting in upwards of 60,000 changes being registered which results in unnecessary delays of processing and computation on the database.
Customer support service by UserEcho