Error during idB5 import

Ryan Crossingham 9 years ago updated by anonymous 9 years ago 10

Hi Product team!

I'm not sure if this is the best place to be adding in support request seeing as though these have now been moved to VSO. If you would like me to add remove this issue and repost, please let me know.

Currently importing an LDAP Group (Powershell connector) into FIM - Nothing crazy on the transforms and receiving the following error on import

 "Unify.Product.IdentityBroker.LdapOperationException: Internal Server Error #11: Sequence contains more than one element
   at Unify.Product.IdentityBroker.LdapConnection.GetMessage(Int32 messageId)
   at Unify.Product.IdentityBroker.SearchRequest.Send(Func`2 send, Func`2 recv)
   at Unify.Product.IdentityBroker.LdapConnection.SendRequest(ILdapRequest request)
   at Unify.Product.IdentityBroker.LdapConnectionProxy.<SearchRequestPaged>d__6.MoveNext()
   at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
   at Unify.Product.IdentityBroker.ExtensionMethods.Take[TSource](IEnumerator`1 source, Int32 count, IList`1& items)
   at Unify.Product.IdentityBroker.ExtensionMethods.<Page>d__0`1.MoveNext()
   at Unify.Product.IdentityBroker.ImportProxy.Import(GetImportEntriesRunStep importRunStep)
Forefront Identity Manager 4.1.3646.0"

Please see attached connector and adapter config

This error sounds as though it could be data related - If you require additional logging on the clients data set please let me know.


Hi Ryan Crossingham,

At the moment the process is still the same, the issue should be raised against the client (https://unifysolutions.sharepoint.com/teams/CTO/PRDGRP/Shared%20Documents/Policies/Internal%20support%20and%20requests.docx?Web=1). Unless it's just a personal lab or unrelated to a client, in which case it can be raised on PRODUCT.

I've linked Curtis Lusmore to this issue and asked that he take a look.


Hi Ryan Crossingham,

Please attach the Identity Broker logs, it should help narrow down the issue much quicker.


Handling of LDAP search request.
Handling of LDAP search request from user idBFull on connection targeting OU=LDAPGroups,DC=IdentityBroker with a scope of WholeSubtree failed with error "Unable to write data to the transport connection: An established connection was aborted by the software in your host machine.". Duration: 00:03:09.6969246.

Please attach the log file.

Hi Ryan Crossingham,

Two of the errors in the log suggest to me that your adapter has multiple entities with the same distinguished name, which would be caused by multiple entities with the same 'cn' value in the LDAP Group Connector, which causes problems in adapter reflection and LDAP imports. Unfortunately I can't tell from the logs which value is being duplicated. Can you please check if this is indeed the case, and if so you will need to either change the DN template to ensure uniqueness or address why you are receiving duplicate values from the source system.

Richard is having a look at this now - Will update once he's done

Hi Ryan Crossingham,

Any progress on this issue? I can provide a patch to increase logging around the exception to assist in finding the duplicate DN values if that would help.

We have constructed the DN a little differently and now the imports seem to fine
thanks for the assist

Excellent. We've raised an issue to improve the error messages around this problem for future releases.