Problem:
Allocation of Office365 licenses does not work (anymore). Profiles were created and assigned to the groups accordingly.
Investigation
The connection of Office365 has been set up successfully and assigned users are synchronized to Azure
print_subscriptions shows the current available subscriptions.
/usr/share/univention-office365/scripts/print_subscriptions
Subscriptions
=====================
Subscription | Applies to | Status | Consumed | Remaining | Prepaid (*)
------------------------------------------------------------------------------------
O365_BUSINESS_ESSENTIALS | User | Enabled | 4 | 1 | 5/0/0
TEAMS_COMMERCIAL_TRIAL | User | Enabled | 1 | 499999 | 500000/0/0
------------------------------------------------------------------------------------
(*) enabled/suspended/warning
O365_BUSINESS_ESSENTIALS
================================
Service plan | Applies to | Status | in UCRV (*)
------------------------------------------------------------------------
MICROSOFT_SEARCH | Company | Success |
WHITEBOARD_PLAN1 | User | Success |
MYANALYTICS_P2 | User | Success |
KAIZALA_O365_P2 | User | Success |
STREAM_O365_SMB | User | Success |
OFFICEMOBILE_SUBSCRIPTION | User | Success |
BPOS_S_TODO_1 | User | Success |
FORMS_PLAN_E1 | User | Success |
FLOW_O365_P1 | User | Success |
POWERAPPS_O365_P1 | User | Success |
TEAMS1 | User | Success |
PROJECTWORKMANAGEMENT | User | Success |
SWAY | User | Success |
INTUNE_O365 | Company | PendingActivation |
SHAREPOINTWAC_EDU | User | Success | x
YAMMER_ENTERPRISE | User | Success |
EXCHANGE_S_STANDARD | User | Success |
MCOSTANDARD | User | Success |
SHAREPOINTSTANDARD | User | Success |
------------------------------------------------------------------------
(*) office365/subscriptions/service_plan_names
The UCR for serviceplans is configured as follows:
ucr get office365/subscriptions/service_plan_names
SHAREPOINTWAC, SHAREPOINTWAC_DEVELOPER, OFFICESUBSCRIPTION
Especially the wrong service plan name catches the eye. In the UCR it is defined as SHAREPOINTWAC, but the command print_subscriptions shows that it is named SHAREPOINTWAC_EDU.
Last but not least: With office365 debug enabled you may find this essental lines in the logfile (/var/log/univention/listener.log)
14.01.20 18:08:52.875 LISTENER ( ERROR ) : o365(I): azure_handler.__init__:177 service_plan_names=['SHAREPOINTWAC', 'SHAREPOINTWAC_DEVELOPER', 'OFFICESUBSCRIPTION']
[...]
14.01.20 18:08:53.371 LISTENER ( ERROR ) : o365(E): office365-user.new_or_reactivate_user:252 schein (User cscheini/2df23afb-aac4-4b0c-b020-417cde043d76 created in Azure AD (schein), but no allocatable subscriptions found.)
Addition: The standardsubscription is not the same as the serviceplan!
Solution:
Option 1:
Make sure the user is in all necessary groups bevore you activate the user for office 365.
License will only be synchronized and activated during Activate User, but not when ( afterwards ) assigning a user to groups, if the user has already been activated.
Option 2:
Check, if the serviceplan names are defined correctly in the UCR-Variable office365/subscriptions/service_plan_names.
In this case SHAREPOINTWAC is defined via the previously named UCR but the correct value is SHAREPOINTWAC_EDU. For the automatic assignment of an office subscription, however, a match is mandatory.
You can fix this by updating the UCR-Variable:
ucr set office365/subscriptions/service_plan_names='SHAREPOINTWAC_EDU, SHAREPOINTWAC_DEVELOPER, OFFICESUBSCRIPTION'
service univention-directory-listener restart
Hint:
You also have to deactivate and activate the user again.
Why to we have this variable?
In an Azure AD domain, there are always subscriptions that do not make sense for users, e.g. FLOW_FREE. These contain virtually no usable services. We created the variable to configure which ones should be applied for subscriptions. As assignment value please use the name of the respective service plan.