Extensible Connectivity 2.0 Management Agent Release Notes

Release Notes for Forefront Identity Manager 2010 Extensible Connectivity 2.0 Management Agent

Welcome to the release notes for Microsoft® Forefront® Identity Manager (FIM) 2010 Extensible Connectivity 2.0 Management Agent (ECMA 2.0). Before you install this application and attempt to develop your own ECMA 2.0 management agent, we recommend that you read this entire document. You can use these notes to guide you as you troubleshoot issues that may arise when you use FIM 2010 ECMA 2.0.

Release Notes for Forefront Identity Manager 2010 Extensible Connectivity 2.0 Management Agent

This release is Microsoft Confidential, and is provided under the terms of a Microsoft Non-Disclosure Agreement. Microsoft® Forefront® Identity Manager (FIM) 2010 Extensible Connectivity 2.0 Management Agent (ECMA 2.0) allows a limited group of users to provide early feedback on some of the new and revised features planned for FIM 2010 ECMA 2.0.

The Management Agent for Extensible Connectivity 2.0 (ECMA 2.0) is a new management agent for FIM 2010 that contains many features unavailable in existing management agents. Similar to the Management Agent for Extensible Connectivity that is included in FIM 2010, the ECMA 2.0 can be customized for any data source, and can be packaged and distributed to other FIM environments. In addition, the ECMA 2.0

1. Can implement a call-based import and export, as well as a file-based import and export

2. Provides more flexibility to define custom parameters

3. Runs in design mode and packaged mode for ease of configuration in Synchronization Service Manager

4. Expands schema support to include LDAP and databases

5. Provides support for batch export and import

6. Supports multiple partitions

7. Provides a new streamlined template for creating extension projects in Microsoft Visual Studio

How to Provide Feedback

We welcome your feedback on this release to help us improve the experience delivered in the final FIM 2010 ECMA 2.0 release. This is a preview release and is not exhaustively tested. It is expected that you may discover issues with this release. Please file bugs through the FIM Connect site for any issues or usability feedback.

General Information

The following is a list of general information about using the ECMA 2.0.

1. Refresh partitions after importing a server configuration.

   If you are using an ECMA 2.0 and import a server configuration into the Forefront Identity Manager Synchronization Service, you will need to refresh the partitions. This is required to update partition mappings. Partitions should get a new set of DNs in a production environment, different from the pre-production environment.

2. Attribute names can only contain the a-z, A-Z, 0-9, and ‘-’ Attribute names currently can only be composed of the following a-z, A-Z, 0-9, and ‘-‘.

3. When doing a Full Export you may see Add or Replace. When doing a full export the objectModificationType can be either Add or Replace. There is not functional difference between the two.

4. LDAP style DN's on File based MA's, will not utilize the GetHeirarchy() interface.

Known Issues

The following is a list of known issues.

• Can create an Import run profile for an Export Only MA and run without error.

  If you create an Export-only Management Agent, but create an Import run profile for it, you will not get an error or a cancelation of the run when you use it. Instead the MA will show a run status of ‘in-progress’ until the admin cancels it manually.

• Delete Export on call-based attribute-update exports on anchors will result in superfluous information being returned

  If the developer is doing a Delete during export on a call-based, attribute-update type export, they could potentially see superfluous Attribute and Value Modification Types for the anchor attribute. These extra pieces of information should just be ignored by the Management Agent, as they are not needed for the attribute delete.

• Unable to get past Global Parameters page if Connectivity Parameters is not defined.

  If you implement an ECMA 2.0 that does not have any Connectivity Parameters defined but does have Global Parameters defined, you may not be able to get past the Global Parameters page if you refresh the dll. The reason this is happening is because it is up to the connectivity page to update the global parameters. With no connectivity page, we asked for a refresh of the global parameters but don't have the means to refresh global parameters at all.

• If you provision an object to a call based ECMA 2 that is using Generic DN style and that object has a DN that is modeled after LDAP DNs (ex. CN=User,OU=Test,DC=microsoft,DC=com) you will get a MissingParentObjectException. The reason this occurs is that even though you set up Generic DN Style, the DN capability you set still will take into account hierarchy in this mode. Specifically it looks for commas. To workaround this, do not put commas in your DN name when using Generic style DN.

• ObjectModificationType.Update and AttributeModificationType.Add combination not supported. If you are using ObjectModificationType.Update then using AttributeModificationType.Add on the objects attributes, it is not supported. The reason is that when using AttributeModificationType.Add, it is assumed that the attribute does not already exist and this will cause issues if the attribute does exist. It is sufficient to use Replace, Update, or Delete on these attributes.

• Attribute with AttributeOperation.ImportOnly attribute passed to Interfaces as AttributeOperation.ImportExport. If you create an attribute during a GetSchema() operation that has AttributeOperation.ImportOnly and then this attribute is passed to a different interface, this attribute will be passed with an AttributeOperation.ImportExport. Microsoft has confirmed that this is a known issue.

• ECMA2: File-Based Multi-Partition Connectors are not a supported scenario. File-Based multi-partition connectors are not a supported scenario for ECMA 2.0 based MA's. Currently, there is nothing preventing a developer from trying to write this kind of connector. However, it is not a supported scenario and it creation is expected to be explicitly prevented in a future release.