Broker/AD agent doesn't allow setting or save of 'Scope' configuration setting
Adrian Corston 4 years ago in UNIFYBroker/Microsoft Active Directory • updated 2 years ago • 15
Using Broker/Microsoft Active Directory v220.127.116.11 RTM I tried changing the "Scope" configuration setting from "Base" to "Subtree" using the UI and it immediately reverted back to "Base" after saving. Looking in the ConnectorEnginePluginKey extensibility file the scope setting appears to be missing altogether, so I can't manually set it:
Customer support service by UserEcho
Adding searchScope="subtree" or searchScope="Subtree" to the appropriate section of the XML configuration file (as advised by Matt) and restarting the Broker service then re-running the Import All did not result in any user objects being imported. As a comparison point, the same search expression was run in ldp.exe (with the same credentials, and connection string) and it loaded around a dozen user objects.
I changed the OU to point directly to a single user object, and that object imported fine with an Import All. So it looks like the Import All is using a search scope of "Base".
Confirming the agent version:
I repeated the approaches outlined above in this ticket after having copied that DLL to the Identity Broker\Services folder and restarting both Broker and IIS, but it did not make any obvious difference and did not give me the outcome I need.
If you would like me to list every step explicitly here then please let me know, but they are essentially the same as those documented extensively above.
Thanks Beau, that's worked. Cheers!
A year later, on a new customer and same problem. I suspect that this patch hasn't made it into a new release of the UNIFYBroker AD Connector yet.
Any idea when that might happen?
That's correct - there's been nothing else done to require a release, so unfortunately we haven't done one yet. We're planning some releases in the next few months, so the patch will likely make it into a new release of the connector then. For now the patch can continue to be used to resolve the issue. If there's a requirement for a new release including the patch, please let us know and we'll roll up a fresh release for you.
No worries. The solution is only in development at the moment, and they can go live with the patched DLL if necessary.
Hi Matt/Beau, I am still having this problem with a brand new v5.3.3 install. Can you please confirm whether or not this patch made it into that release? If not then could I please have a patch for v5.3.3 for my customer?
The latest release of Broker for AD is still v5.3.0 from 2018. You'll still need to use the patch provided above.
I can't find the patch any more. Could you please re-provide it?
Thanks, I can see it attached to this ticket now.