We recently encountered an issue where a significantly large connector import contained a user with some bad data which mismatched its expected schema type (Identity Broker schema expected an integer, where the target system fed in the value "1.00E+01"). This is obviously quite frustrating, especially if this could happen at the end of a large import from a critical system, where large amounts of changes are expected. This is the behaviour of most of our current connectors (if not all, eg. Chris21, SharePoint).
An alternative considered was to individually log the entities which contain bad data, and continue the import. However, this has further reaching implications:
- If the Identity Broker logs are not routinely monitored, entities containing bad data could be completely ignored in the solution
- If a user is provisioned through the identity management solution, and at a later stage has bad data introduced, the user could be removed by a connector full import, and would then flow through as a delete through the solution
Identity Broker currently does not have a "strong" mechanism for informing users of events such as these outside of its current behaviour of halting the entire import. An alerting system similar to Event Broker 3 could prove useful, but still faces the dilemma of being ignored if not routinely monitored.
Can we make any improvements to address this issue?
Customer support service by UserEcho