Bugs
0
Under review
One InsufficientAccessRights error writing to AD results in thousands of lines of error messages in the UNIFYBroker log
Adrian Corston 1 year ago
in UNIFYBroker Service
•
updated by Beau Harrison (Senior Product Software Engineer) 1 year ago •
4
When a write to AD fails with an InsufficientAccessRights error UNIFYBroker writes an error log entry for every user in the current update batch, which usually numbers in the thousands. This is unwieldy, and due to log write throughput limitation in UNIFYConnect environments this results in degraded service logging functionality for several minutes at a time, while the logs are being written and new log entries cannot be viewed.
The AD LDAP export exception could be escalated as a single entity update failure, rather than a failure of an entire batch of entities.
Customer support service by UserEcho
It seems that once this exception occurs no further updates go through to AD. So one problematical user causes the whole solution to stop working, turning an otherwise minor issue into a major P1 outage on the service :(
Hi Adrian
Thanks for the report. This is definitely something that should be handled better, both in terms of the error logging and the failure recovery. Adding this to the v6.0 backlog.
Will all our existing UNIFYConnect customers be moved across to v6.0 when it is ready? Otherwise this is something that I believe should be addressed in the current service offering.
That's the intent, yes.