Problem: Office 365 activated users, do not have access to office-365

office-365

#1

Problem:

Office 365 activated users, do not have access to office 365. The univention-ldapsearch shows that the UniventionOffice365userPrincipalName is not set at the useraccount:

Solution:

This indicates, that the user is not created completely in Azure.
When a user is activated in the UMC for O365, the corresponding entries are set. If one of these entries already exists, no further changes are made.

Step1:

Check the ldapsearch for deactivated users or missing office-356 attributes:

UniventionOffice365Data: eJyLjgUAARUAuQ==
UniventionOffice365Enabled: 1
UniventionOffice365ObjectID: None
UniventionOffice365userPrincipalName: None

Check for deaktivated Accounds:

userexpiry: 2019-04-03
ucsschoolPurgeTimestamp: 2019-05-29
sambaPwdLastSet: 0

Step2:

Activate office365 Logging

ucr set office365/debug/werror=yes
systemctl restart univention-directory-listener

and check the /var/log/univention/listener.log after setting office365 debug level

Step3:

You can delete all office365 attributes from the user and enable him again:
vim remove.ldif

dn: uid=test29,cn=users,dc=multi,dc=ucs
changetype: modify
delete: univentionOffice365Data

dn: uid=test29,cn=users,dc=multi,dc=ucs
changetype: modify
delete: UniventionOffice365ObjectID

dn: uid=test29,cn=users,dc=multi,dc=ucs
changetype: modify
delete: UniventionOffice365userPrincipalName
cat remove.ldif | ldapmodify  -D "uid=Administrator,cn=users,dc=multi,dc=ucs" -W

closed #2