- UNIFYBroker Forum
-
Ideas
Cannot create a DN in the format UID=-12345
It would be great to be able to extend the definition of a valid IdB DN to include the "-".
The following error is raised when attempting to export a new record to an underlying SQL entity via IdB4:
Log Name: Application Source: FIMSynchronizationService Date: 13/04/2017 3:07:52 PM Event ID: 6801 Task Category: Server Level: Error Keywords: Classic User: N/A Computer: CENTRELINK-FIM.unifyfim.unifytest.local Description: The extensible extension returned an unsupported error. The stack trace is: "System.Exception: Error occurred when attempting to save entity with distinguished name UID=-281283620 Error: 1 items failed schema validation during Adapter operation. Check log for validation errors. at Unify.Product.IdentityBroker.Adapter.GetReverseTransformedEntities(IEnumerable`1 entities) at Unify.Product.IdentityBroker.Adapter.AddEntities(IEnumerable`1 entities, EntityToConnectorEntityBridge[]& backwardAdapterEntities) at Unify.Product.IdentityBroker.Adapter.AddEntities(IEnumerable`1 entities) at Unify.Product.IdentityBroker.AdapterNotifierDecoratorBase`1.AddEntity(IAdapterEntity entity) at Unify.Product.IdentityBroker.AdapterNotifierDecoratorBase`1.AddEntity(IAdapterEntity entity) at Unify.Product.IdentityBroker.LDIFAdapterBase.HandleExportAdd(IAdapter adapter, IAdapterEntitySaveChange pendingAdd) at Unify.Product.IdentityBroker.LDIFAdapterBase.ExportChanges(ExportedLDIFForAdapter exportedLdifForAdapter) at SyncInvokeExportChanges(Object , Object[] , Object[] ) at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs) at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc) at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet) at Unify.Product.IdentityBroker.IdentityBrokerManagementAgentProxy.ExportEntry(ModificationType modificationType, String[] changedAttributes, CSEntry csentry) at Unify.Product.IdentityBroker.IdentityBrokerManagementAgent.ExportEntry(ModificationType modificationType, String[] changedAttributes, CSEntry csentry) Forefront Identity Manager 4.0.3732.2" Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="FIMSynchronizationService" /> <EventID Qualifiers="49152">6801</EventID> <Level>2</Level> <Task>3</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2017-04-13T05:37:52.000000000Z" /> <EventRecordID>2307483</EventRecordID> <Channel>Application</Channel> <Computer>CENTRELINK-FIM.unifyfim.unifytest.local</Computer> <Security /> </System> <EventData> <Data>System.Exception: Error occurred when attempting to save entity with distinguished name UID=-281283620 Error: 1 items failed schema validation during Adapter operation. Check log for validation errors. at Unify.Product.IdentityBroker.Adapter.GetReverseTransformedEntities(IEnumerable`1 entities) at Unify.Product.IdentityBroker.Adapter.AddEntities(IEnumerable`1 entities, EntityToConnectorEntityBridge[]& backwardAdapterEntities) at Unify.Product.IdentityBroker.Adapter.AddEntities(IEnumerable`1 entities) at Unify.Product.IdentityBroker.AdapterNotifierDecoratorBase`1.AddEntity(IAdapterEntity entity) at Unify.Product.IdentityBroker.AdapterNotifierDecoratorBase`1.AddEntity(IAdapterEntity entity) at Unify.Product.IdentityBroker.LDIFAdapterBase.HandleExportAdd(IAdapter adapter, IAdapterEntitySaveChange pendingAdd) at Unify.Product.IdentityBroker.LDIFAdapterBase.ExportChanges(ExportedLDIFForAdapter exportedLdifForAdapter) at SyncInvokeExportChanges(Object , Object[] , Object[] ) at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs) at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc) at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc) at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet) at Unify.Product.IdentityBroker.IdentityBrokerManagementAgentProxy.ExportEntry(ModificationType modificationType, String[] changedAttributes, CSEntry csentry) at Unify.Product.IdentityBroker.IdentityBrokerManagementAgent.ExportEntry(ModificationType modificationType, String[] changedAttributes, CSEntry csentry) Forefront Identity Manager 4.0.3732.2</Data> </EventData> </Event>
I don't see why this should be an invalid DN - e.g. it is perfectly acceptable in ADLDS.
The reason for wanting to do this was in a test scenario where I need to enforce uniqueness so I don't clash with an existing range of identities - so flipping the sign was the simplest way to achieve this.
In the end I was able to come up with another way of generating a unique ID, but I thought this deserved consideration anyhow.
Answer
Hi Bob,
I note that the error states "1 items failed schema validation during Adapter operation. Check log for validation errors.". Could you please attach the relevant logs so we can check the validation error? I'm not sure this is related to the distinguished name.
Sorry Curtis I can't do that - this is from too long ago now and rolled off the logs, and the environment has progressed to UAT testing with the customer so I can't spend a couple of hours now recreating the scenario. The problem was surfaced on export (ADD) from FIM attempting to create a new connector entry where the DN would have been in the above format - adds only failed when there was a '-' present (succeeded 100% of the time otherwise).
Customer support service by UserEcho
Closed, not enough information provided.