Enhance logging for the Microsoft AD connector
Rick Jongbloed
If something goes wrong in the Active Directory connector, only basic information is shown in the support information details.
When we need more information, we need to look at the Provisionin Agent logfile.
Can we enhance the audit log information to fully include the system exception message?
For example:
Create an account that already exists. The following log entry is displayed in the log file (This is a fake test user):
HelloID.Provisioning.Agent.Exceptions.EntitlementActionException: Failed to create account with username francois.jonsson and display name François Jönsson in container Users ---> Agent.Shared.Exceptions.InternalAdException: Error creating account ---> System.Exception: The object already exists.
In the HelloID audit log, the following information is shown:
12:09:56.33 [Error] Failed to create account for 'François Jönsson (FrancoisJ_22122022)', details: Failed to create account with username francois.jonsson and display name François Jönsson in container Users
12:09:56.33 [Error] Error setting fields: A constraint violation occurred
I would expect the message to include the system exception:
12:09:56.33 [Error] Failed to create account for 'François Jönsson (FrancoisJ_22122022)', details: Failed to create account with username francois.jonsson and display name François Jönsson in container Users
12:09:56.33 [Error] Error setting fields: A constraint violation occurred (System.Exception: The object already exists.)
Rick Jongbloed
On a side note, it seems that the exception is not always omitted. In this case, the message is shown in the HelloID audit log:
13:23:03.94 [Error] Failed to create account for 'François Jönsson (2022-06-29-FrancoisJ)', details: Failed to create account with username francois.jonsson_1 and display name François Jönsson in container Users
13:23:03.94 [Error] Error creating account: The object already exists.
However, the local provisioning agent log line is different:
2022-12-29 12:23:03,947 [45] [1] ERROR HelloID.Provisioning.Agent.Helpers.EntitlementScope - Failed to create account for 'François Jönsson (2022-06-29-FrancoisJ)'
HellFrancoisoID.Provisioning.Agent.Exceptions.EntitlementActionException: Failed to create account with username francois.jonsson_1 and display name François Jönsson in container Users ---> Agent.Shared.Exceptions.InternalAdException: Error creating account ---> System.Exception: The object already exists.
---> System.Exception: The object already exists.
Could it be that this happens when multiple things are wrong (ie an object already exists and a constraint violation has occurred?