PROBLEM STATEMENT

Receiving an unexpected-error when running a Delta Synchronization on the Active Directory Management Agent.

Receiving an unexpected-error when running a Delta Synchronization on the Active Directory Management Agent.

unexpected-error01.png

Upon further investigation, the only modification was to the lastLogonTimestamp attribute. Since this is a datetime attribute, the import flow is handled by ADExtension.dll (Contributing datetime values FIM Knowledge Bit).

RESOLUTION

Nothing about the modified value looked suspicious, so it was not possible to determine why the error was being thrown without breaking into the extension itself. Since only a single user is seeing this error thrown we resolved the issue by the following:

Nothing about the modified value looked suspicious, so it was not possible to determine why the error was being thrown without breaking into the extension itself. Since only a single user is seeing this error thrown we resolved the issue by the following:
  1. Ensure object deletion rules for "person" will not delete the MV object if the Active Directory Connector Space (CS) object is disconnected
    1. Understanding Deprovisioning
    2. [REFERENCE] How to check the object deletion rule
  2. Manually disconnect the Active Directory Connector Space (CS) Object
  3. Temporarily modify the Active Directory Management Agent to define a Join Rule
  4. Preview a Full Synchronization on the object in question to ensure join
  5. Commit preview
  6. Revert configuration changes to object deletion rule and Active Directory Management Agent Join and Projection Rules

It is not clear what happened to this object to result in the exception on synchronization, but simply disconnecting and re-joining the object naturally resolved the issue.