Identity Broker Forum

Welcome to the community forum for Identity Broker.

Browse the knowledge base, ask questions directly to the product group, or leverage the community to get answers. Leave ideas for new features and vote for the features or bug fixes you want most.

0
Fixed

Adds over LDIF adapter not working

Matthew Clark 12 years ago in UNIFYBroker/Microsoft Identity Manager updated by anonymous 8 years ago 2

Because of the use of the GetObjectClass method which uses an object's DN to work out which schema it should use, new objects are not found for added entities exported to the adapter. The following error is thrown:

Specified argument was out of the range of valid values.
Parameter name: A matching entity with distinguished name CN=Identity could not be found in adapter with id a2157878-8417-468e-a6dd-d634cec68b0e.

For adds, the adapter should be checking for the presence of the objectClass attribute exclusively (which is present in the LDIF).

0
Completed

Better error message when fields are of the wrong type

Matthew Clark 13 years ago in UNIFYBroker/Microsoft Identity Manager updated by anonymous 8 years ago 5

When attempting to export users to MOSS, the AccountName attribute was assigned from an incorrect field, rather than a string containing the DN as assigned by the provisioning logic. A more useful error message could be returned in this case, stating that the DN is of the incorrect type.

For reference, here was the error message provided:

The extensible extension returned an unsupported error in MIIS.
The stack trace is:

"System.ArgumentException: dnComponentString
at Unify.Framework.DistinguishedNameComponent.CreateDNComponent(String dnComponentString)
at Unify.Framework.ReferenceValueToDistinguishedNameValueAdapter.Transform(ReferenceValue sourceValue)
at Unify.Framework.ChainValueAdapter`3.Transform(TBaseValue baseValue)
at ... "

0
Fixed

Generated xMA cannot be created in FIM

Matthew Clark 12 years ago in UNIFYBroker/Microsoft Identity Manager updated by anonymous 6 years ago 5

Generated management agents cannot be created successfully in FIM. The MA is visible in the drop down on the Create Management Agent screen, but attempting to configure it results in an "8023090D" error. No other information is available in the Windows event log.


8023090D.png
0
Fixed

FIM/ILM LDIF Service - MaxReceivedMessageSize being surpassed

Tony Sheehy 13 years ago in UNIFYBroker/Microsoft Identity Manager updated by anonymous 8 years ago 5

The MaxReceivedMessageSize is being surpassed for large imports - ~500,000 entities and upwards.

A quick fix is to simply edit the MaxReceivedMessageSize to be its maximum value:

maxReceivedMessageSize = "2147483647"

However, this may only be hiding a more ingrained systematic problem - Why is the IDB Service sending a SOAP message that would surpass the recommended configuration?.

A determination needs to be made about the correct course of action with regards to this behaviour.

0
Fixed

Support date format in LDIF that is recognised by FIM Portal

When exporting a date field (such as EmployeeStart) to the FIM portal, if this field has been supplied by a date field in Identity Broker, a datetime-string-format-incorrect error occurs.

The work around is to use a concatenation of T00:00:00.000 on the end of the date value.

As in improvement, Identity Broker should supply this field in a format that FIM recognizes.

0
Answered

Identity Broker Provisioning

Peter Wass 12 years ago in UNIFYBroker/Microsoft Identity Manager updated by anonymous 8 years ago 4

Do we have any examples of provisioning to Broker if the object has a multi-part DN (eg: UID=<object>,OU=users). Currently I'm getting an error in that OU=users does not exist. Has this been done? Proven not to work?

0
Fixed

Values for a binary data type attribute are not returned (by confirming import) when exported to Identity Broker from ILM 2007 FP1

Bob Bradley 13 years ago in UNIFYBroker/Microsoft Identity Manager updated by anonymous 8 years ago 7

Values exported successfully to the "objectSid" attribute (binary data type) of the person object from ILM are not being returned in a subsequent delta import, nor are they returning in a full import either.
The purpose of using this data type is that it is the native data type for the AD objectSid (unique directory identifier), ensuring a guaranteed match via a direct join rule and attribute flow.
I have implemented a work-around using the "objectGUID" attribute (also binary data type in AD and in the ILM metaverse, but a guid data type in Identity Broker. The downside of this work-around is that rules extension logic is required to convert byte arrays to guids, via string data types in the ILM MA CS. This is quite convoluted and while it works, the use of objectSid would be far preferable (simpler to maintain and troubleshoot).

I first witnessed this behaviour (which I believe to be a bug) in Identity Broker 3.0.0, and upgrading to 3.0.5 has made no difference. Please escalate this to the UNIFY PG for prioritisation.

0
Answered

There is no primary object class on this image

André van der Westhuizen 9 years ago in UNIFYBroker/Microsoft Identity Manager updated by anonymous 8 years ago 21

I have created an MA for the telephone file list and when I run an export to update the telephone number I receive the following error:

The management agent controller encountered an unexpected error.
 
 "BAIL: MMS(3740): d:\bt\37281\private\source\miis\ma\extensible\export.cpp(2809): 0x8023030d (There is no primary object class on this image.)
BAIL: MMS(3740): d:\bt\37281\private\source\miis\ma\extensible\export.cpp(2046): 0x8023030d (There is no primary object class on this image.)
BAIL: MMS(3740): d:\bt\37281\private\source\miis\ma\extensible\export.cpp(521): 0x8023030d (There is no primary object class on this image.)
BAIL: MMS(3740): d:\bt\37281\private\source\miis\cntrler\cntrler.cpp(9812): 0x80230808 (The management agent run was terminated as there were unspecified management agent errors.)
BAIL: MMS(3740): d:\bt\37281\private\source\miis\cntrler\cntrler.cpp(8533): 0x80230808 (The management agent run was terminated as there were unspecified management agent errors.)
Forefront Identity Manager 4.1.3599.0"

Herewith the update to the object:

<?xml version="1.0" encoding="UTF-16"?>
<mmsml xmlns="http://www.microsoft.com/mms/mmsml/v2" step-type="export">
  <directory-entries>
<delta operation="update" dn="CN=4,OU=telephone,DC=IdentityBroker">
 <anchor encoding="base64">SAAAAEMATgA9ADQALABPAFUAPQB0AGUAbABlAHAAaABvAG4AZQAsAEQAQwA9AEkAZABlAG4AdABpAHQAeQBCAHIAbwBrAGUAcgAAAA==</anchor>
 <attr name="Mobile" operation="update" type="string" multivalued="false">
  <value operation="delete">04159876523</value>
  <value operation="add">612-555-0100</value>
 </attr>
</delta>
  </directory-entries>
</mmsml>

There is no events in the Identity Broker log files.


screenshot-1.png
screenshot-2.png
screenshot-3.png
Unify.Framework.Collections.dll
Unify.IdentityBroker.Adapter.dll
UnifyLog20150213.csv
UnifyLog20150215 - 1st dll.csv
UnifyLog20150215 - 2nd dll.csv
UnifyLog20150215 - 3rd dll.csv
UnifyLog20150216 - 4th DLL.csv
UnifyLog20150216 - adapterfile.csv
UnifyLog20150216 - Exclusion of collection.csv
UnifyLog20150216 - new collection.csv
0
Answered

Creating IdB 5 ECMA2 receive error: "Could not load file or assembly 'Microsoft.MetadirectoryServicesEx, Version=4.1.3.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'

André van der Westhuizen 9 years ago in UNIFYBroker/Microsoft Identity Manager updated by anonymous 8 years ago 5

I have installed the UNIFY Identity Broker for Microsoft FIM v5.0.2 RTM x64.msi and have copy the Unify.IdentityBroker.FIMAdapter.dll to the extension directory.

I'm creating the ECMA 2 MA to be used with Unify.IdentityBroker.FIMAdapter.dll, as per https://unifysolutions.jira.com/wiki/display/IDBFIM50/Management+Agent I receive the following error:

I receive the following error in the event viewer:

Log Name:      Application
Source:        FIMSynchronizationService
Date:          8/25/2015 4:00:04 PM
Event ID:      6300
Task Category: Server
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      SVR-FIM.FIMTest.local
Description:
The server encountered an unexpected error:
 
 "Could not load file or assembly 'Microsoft.MetadirectoryServicesEx, Version=4.1.3.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)

   at System.Reflection.RuntimeAssembly.GetExportedTypes(RuntimeAssembly assembly, ObjectHandleOnStack retTypes)
   at System.Reflection.RuntimeAssembly.GetExportedTypes()
   at Microsoft.MetadirectoryServices.Impl.ScriptHost.InitializeWorker(InitializeArguments pArgs)


InnerException=>
none
"
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="FIMSynchronizationService" />
    <EventID Qualifiers="49152">6300</EventID>
    <Level>2</Level>
    <Task>3</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2015-08-25T06:00:04.000000000Z" />
    <EventRecordID>14368</EventRecordID>
    <Channel>Application</Channel>
    <Computer>SVR-FIM.FIMTest.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data>Could not load file or assembly 'Microsoft.MetadirectoryServicesEx, Version=4.1.3.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)

   at System.Reflection.RuntimeAssembly.GetExportedTypes(RuntimeAssembly assembly, ObjectHandleOnStack retTypes)
   at System.Reflection.RuntimeAssembly.GetExportedTypes()
   at Microsoft.MetadirectoryServices.Impl.ScriptHost.InitializeWorker(InitializeArguments pArgs)


InnerException=&gt;
none
</Data>
  </EventData>
</Event>

image.png
image1.PNG
miiserver.exe.config
0
Answered

System.ServiceModel.QuotaExceededException:The maximum message size quota for incoming messages (204003200) has been exceeded

André van der Westhuizen 9 years ago in UNIFYBroker/Microsoft Identity Manager updated by anonymous 8 years ago 4

Mail from Nirmal:

Hi Andre,

Here is the error I found in event logs of FIM Sync server.

IDB logs are fine and have no errors or warnings since 4 July. Error on 4 July was related to internet issues experienced by whole company.

Regards

Log Name:      Application
Source:        FIMSynchronizationService
Date:          5/07/2015 4:42:46 AM
Event ID:      6801
Task Category: Server
Level:         Error
Keywords:      Classic
User:          N/A
Computer:    
 NIOSHSFIM01V.news.newslimited.local
Description:
The extensible extension returned an unsupported error.
 The stack trace is:
 "System.Exception: Error encountered attempting
import: System.IO.IOException: An exception has been thrown when reading the
stream. ---> System.ServiceModel.CommunicationException: The maximum message
size quota for incoming messages (204003200) has been exceeded. To increase the
quota, use the MaxReceivedMessageSize property on the appropriate binding
element. ---> System.ServiceModel.QuotaExceededException: The maximum
message size quota for incoming messages (204003200) has been exceeded. To
increase the quota, use the MaxReceivedMessageSize property on the appropriate
binding element.

   --- End of inner exception stack trace ---

   at
System.ServiceModel.Channels.MaxMessageSizeStream.PrepareRead(Int32
bytesToRead)

   at
System.ServiceModel.Channels.MaxMessageSizeStream.Read(Byte[] buffer, Int32
offset, Int32 count)

   at System.ServiceModel.Channels.DelegatingStream.Read(Byte[]
buffer, Int32 offset, Int32 count)

   at
System.ServiceModel.Channels.DetectEofStream.Read(Byte[] buffer, Int32 offset,
Int32 count)

   at System.IO.BufferedStream.Read(Byte[] array,
Int32 offset, Int32 count)

   at System.Xml.EncodingStreamWrapper.Read(Byte[]
buffer, Int32 offset, Int32 count)

   at
System.Xml.XmlBufferReader.TryEnsureBytes(Int32 count)

   at System.Xml.XmlBufferReader.GetBuffer(Int32
count, Int32& offset, Int32& offsetMax)

   at System.Xml.XmlUTF8TextReader.ReadText()

   at System.Xml.XmlUTF8TextReader.Read()

   at System.Xml.XmlBaseReader.MoveToContent()

   at
System.ServiceModel.Dispatcher.StreamFormatter.MessageBodyStream.Read(Byte[]
buffer, Int32 offset, Int32 count)

   --- End of inner exception stack trace ---

   at
System.ServiceModel.Dispatcher.StreamFormatter.MessageBodyStream.Read(Byte[]
buffer, Int32 offset, Int32 count)

   at
Unify.Framework.IO.StreamExtensions.CopyTo(Stream source, Stream destination)

   at Unify.Product.IdentityBroker.IdentityBrokerManagementAgentProxy.GenerateImportFile(String
fileName, String connectTo, String user, String password,
ConfigParameterCollection configParameters, Boolean fFullImport,
TypeDescriptionCollection types, String& customData) 

 

   at Unify.Product.IdentityBroker.IdentityBrokerManagementAgentProxy.GenerateImportFile(String
fileName, String connectTo, String user, String password,
ConfigParameterCollection configParameters, Boolean fFullImport,
TypeDescriptionCollection types, String& customData)

Forefront Identity Manager 4.1.3613.0"

Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

  <System>

    <Provider
Name="FIMSynchronizationService" />

    <EventID
Qualifiers="49152">6801</EventID>

    <Level>2</Level>

    <Task>3</Task>

   
<Keywords>0x80000000000000</Keywords>

    <TimeCreated
SystemTime="2015-07-04T18:42:46.000000000Z" />

   
<EventRecordID>794791</EventRecordID>

    <Channel>Application</Channel>

   
<Computer>NIOSHSFIM01V.news.newslimited.local</Computer>

    <Security />

  </System>

  <EventData>

    <Data>System.Exception: Error
encountered attempting import: System.IO.IOException: An exception has been
thrown when reading the stream. ---&gt;
System.ServiceModel.CommunicationException: The maximum message size quota for
incoming messages (204003200) has been exceeded. To increase the quota, use the
MaxReceivedMessageSize property on the appropriate binding element. ---&gt;
System.ServiceModel.QuotaExceededException: The maximum message size quota for
incoming messages (204003200) has been exceeded. To increase the quota, use the
MaxReceivedMessageSize property on the appropriate binding element.

   --- End of inner exception stack trace ---

   at
System.ServiceModel.Channels.MaxMessageSizeStream.PrepareRead(Int32
bytesToRead)

   at
System.ServiceModel.Channels.MaxMessageSizeStream.Read(Byte[] buffer, Int32
offset, Int32 count)

   at
System.ServiceModel.Channels.DelegatingStream.Read(Byte[] buffer, Int32 offset,
Int32 count)

   at
System.ServiceModel.Channels.DetectEofStream.Read(Byte[] buffer, Int32 offset,
Int32 count)

   at System.IO.BufferedStream.Read(Byte[] array,
Int32 offset, Int32 count)

   at System.Xml.EncodingStreamWrapper.Read(Byte[]
buffer, Int32 offset, Int32 count)

   at
System.Xml.XmlBufferReader.TryEnsureBytes(Int32 count)

   at System.Xml.XmlBufferReader.GetBuffer(Int32
count, Int32&amp; offset, Int32&amp; offsetMax)

   at System.Xml.XmlUTF8TextReader.ReadText()

   at System.Xml.XmlUTF8TextReader.Read()

   at System.Xml.XmlBaseReader.MoveToContent()

   at
System.ServiceModel.Dispatcher.StreamFormatter.MessageBodyStream.Read(Byte[]
buffer, Int32 offset, Int32 count)

   --- End of inner exception stack trace ---

   at System.ServiceModel.Dispatcher.StreamFormatter.MessageBodyStream.Read(Byte[]
buffer, Int32 offset, Int32 count)

   at
Unify.Framework.IO.StreamExtensions.CopyTo(Stream source, Stream destination)

   at
Unify.Product.IdentityBroker.IdentityBrokerManagementAgentProxy.GenerateImportFile(String
fileName, String connectTo, String user, String password,
ConfigParameterCollection configParameters, Boolean fFullImport,
TypeDescriptionCollection types, String&amp; customData) 

 

   at Unify.Product.IdentityBroker.IdentityBrokerManagementAgentProxy.GenerateImportFile(String
fileName, String connectTo, String user, String password,
ConfigParameterCollection configParameters, Boolean fFullImport,
TypeDescriptionCollection types, String&amp; customData)

Forefront Identity Manager 4.1.3613.0</Data>

  </EventData>

</Event>

 
Nirmal Patel

Senior Systems Engineer Wintel