PROBLEM STATEMENT
Receiving an unexpected-error when running a Delta Synchronization on the Active Directory Management Agent.
Upon further investigation, the only modification was to the lastLogonTimestamp attribute. Since this is a datetime attribute, the import flow is handled by ADExtension.dll (Contributing
datetime values FIM Knowledge Bit).
RESOLUTION
Nothing about the modified value looked suspicious, so it was not possible to determine why the error was being thrown without breaking into the extension itself. Since only a single user is seeing
this error thrown we resolved the issue by the following:
- Ensure object deletion rules for "person" will not delete the MV object if the Active Directory Connector Space (CS) object is disconnected
- Understanding Deprovisioning
- [REFERENCE] How to check the object deletion rule
- Manually disconnect the Active Directory Connector Space (CS) Object
- Temporarily modify the Active Directory Management Agent to define a Join Rule
- Preview a Full Synchronization on the object in question to ensure join
- Commit preview
- Revert configuration changes to object deletion rule and Active Directory Management Agent Join and Projection Rules
It is not clear what happened to this object to result in the exception on synchronization, but simply disconnecting and re-joining the object naturally resolved the issue.
