1. UNIFYBroker Forum
  2. UNIFYBroker/Microsoft Active Directory
  3. Bugs
0
Fixed

AD User import: System.NullReferenceException: Object reference not set to an instance of an object.

Adrian Corston 2 years ago in UNIFYBroker/Microsoft Active Directory updated by Matthew Davis (Technical Product Manager) 2 months ago 4

The following error is occurring on both Full imports and Delta imports from Active Directory, in a customer UNIFYConnect environment:

20230512,02:28:25,UNIFYBroker,Change detection engine,Error,"Change detection engine import changes failed.
Change detection engine import changes for connector AD User failed with reason One or more errors occurred.. Duration: 00:00:02.9714687
Error details:
System.AggregateException: One or more errors occurred. ---> System.NullReferenceException: Object reference not set to an instance of an object.
   at Unify.Connectors.AD.ADConnector.TransformEntry(ADAgent agent, SearchResultEntry searchResultEntry, Int64& uSNChangedToken)
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at Unify.Framework.Collections.EnumerableExtensions.d__10`1.MoveNext()
   at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
   at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
   at Unify.Product.IdentityBroker.AuditEntityPollingAsyncConnectorDecorator.<>c__DisplayClass1_0.b__0(IEnumerable`1 entities)
   at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass8_0`1.b__0(Task`1 t)
   at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass5_0`1.b__0(Task`1 t)
   at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke()
   at System.Threading.Tasks.Task.Execute()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Unify.Product.IdentityBroker.EventNotifierEntityPollingAsyncConnectorDecorator.d__1.MoveNext()
   --- End of inner exception stack trace ---
   at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
   at Unify.Product.IdentityBroker.ChangeDetectionEntityPollAsyncJob.RunBase()
   at Unify.Framework.DefinedScopeJobAuditTrailJobDecorator.Run()
   at Unify.Product.IdentityBroker.ConnectorJobExecutor.<>c__DisplayClass30_0.b__0()
   at Unify.Framework.AsynchronousJobExecutor.PerformJobCallback(Object state)
---> (Inner Exception #0) System.NullReferenceException: Object reference not set to an instance of an object.
   at Unify.Connectors.AD.ADConnector.TransformEntry(ADAgent agent, SearchResultEntry searchResultEntry, Int64& uSNChangedToken)
   at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
   at Unify.Framework.Collections.EnumerableExtensions.d__10`1.MoveNext()
   at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
   at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
   at Unify.Product.IdentityBroker.AuditEntityPollingAsyncConnectorDecorator.<>c__DisplayClass1_0.b__0(IEnumerable`1 entities)
   at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass8_0`1.b__0(Task`1 t)
   at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass5_0`1.b__0(Task`1 t)
   at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke()
   at System.Threading.Tasks.Task.Execute()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Unify.Product.IdentityBroker.EventNotifierEntityPollingAsyncConnectorDecorator.d__1.MoveNext()<---
",Normal

Answer

Answer
Fixed
Matthew Davis (Technical Product Manager) 2 months ago

This has been implemented and is available in the release of UNIFYConnect Module for Active Directory, which will be made available shortly.

Adrian Corston 2 years ago

The PowerShell testing below identified that krbtgt_AzureAD is the user causing UNIFYBroker to abort the import.

Filtered it out in the connector and the import is now successful:

Filter (&(objectClass=user)(objectCategory=Person)(!(name=krbtgt_AzureAD)))

Adrian Corston 2 years ago

Please close this ticket, mark it Fixed, and update the UNIFYBroker voice documentation to require that users being imported by the AD connector must have values for accountExpires, userAccountControl and uSNChanged.

Under review
Matthew Davis (Technical Product Manager) 2 years ago

Hi Adrian,

Thanks for the update - that's a great piece of information. We'll definitely update the documentation, but we'll also see whether there's better ways to handle these scenarios (rather than expecting those values to be set implicitly) to handle scenarios like this better.

Answer
Fixed
Matthew Davis (Technical Product Manager) 2 months ago

This has been implemented and is available in the release of UNIFYConnect Module for Active Directory, which will be made available shortly.

Customer support service by UserEcho