UCS replica +O365 user data, objectID, PrincipalName

Hey,

I’ve recently experienced some issues when creating a User on the local samba active directory with scripts.
Our setup uses the UCS ldap replica to sync users/user data to the Azure ActiveDirectory.
After creating the user on sambaAD we flip the O365 (UniventionOffice365Enabled) attribute from 0 to 1 and it activates the user data to be synced to Azure, most of the time it works perfectly but with some users we experienced the problem that when we “flip the switch” it doesnt really do anything.
forexample:
UniventionOffice365Data: eJzdWdtWG8kV/PMMkrdMQd2rW08mYE9IEGZG8njZiR/qKtXQt1VdMhZe/vecbkkGxODBsaRDyfQq
UniventionOffice365Enabled: 1
UniventionOffice365ObjectID: 465a6e14-c801-4555-bq47-2nnc15bfas4
UniventionOffice365userPrincipalName: john.doe@example.com
Normally when the UniventionOffice365Enabled is flipped the User gets an ObjectID and his/her data gets synced to Azure.
But sometimes this happens:
UniventionOffice365Data: None
UniventionOffice365Enabled: 1
UniventionOffice365ObjectID: None
UniventionOffice365userPrincipalName: None
The solution is that we flip the switch back and turn it on again and it simply works as it should for the first time.
I’ve checked the listener logs and it shows the same, for the first time it does what it has to but doesn’t take the data and i wont get back any ObjectID when i ask for it.
Here’s the oneliner to change the attribute:

udm users/user modify --dn “uid=$NewUser,cn=users,dc=ad,dc=example,dc=lan” --set UniventionOffice365Enabled=“1”

There is the logfile for a failed and then retried attempt.

./listener.log:4973812:08.09.21 07:55:30.912 LISTENER ( ERROR ) : o365(D): office365-user.handler:284 office365-user.handler() command: ‘m’ dn: ‘uid=john.doe,cn=users,dc=ad,dc=example,dc=lan’
./listener.log:4973824:08.09.21 07:55:30.924 LISTENER ( ERROR ) : o365(I): office365-user.handler:318 new_enabled and not old_enabled -> NEW or REACTIVATED (uid=john.doe,cn=users,dc=ad,dc=example,dc=lan)
./listener.log:4973862:08.09.21 07:55:35.485 LISTENER ( ERROR ) : o365(D): office365-user.handler:284 office365-user.handler() command: ‘m’ dn: ‘uid=john.doe,cn=users,dc=ad,dc=example,dc=lan’
./listener.log:4973883:08.09.21 07:55:35.498 LISTENER ( ERROR ) : o365(I): office365-user.handler:342 old_enabled and new_enabled -> MODIFY (uid=john.doe,cn=users,dc=ad,dc=example,dc=lan)
./listener.log:4974127:08.09.21 09:21:28.090 LISTENER ( ERROR ) : o365(D): office365-user.handler:284 office365-user.handler() command: ‘m’ dn: ‘uid=john.doe,cn=users,dc=ad,dc=example,dc=lan’
./listener.log:4974139:08.09.21 09:21:28.103 LISTENER ( ERROR ) : o365(I): office365-user.handler:334 new and not new_enabled -> DEACTIVATE (uid=john.doe,cn=users,dc=ad,dc=example,dc=lan)
./listener.log:4974200:08.09.21 09:21:28.769 LISTENER ( ERROR ) : o365(I): office365-user.deactivate_user:270 Deactivated user ‘john.doe’.
./listener.log:4974203:08.09.21 09:21:33.789 LISTENER ( ERROR ) : o365(D): office365-user.handler:284 office365-user.handler() command: ‘m’ dn: ‘uid=john.doe,cn=users,dc=ad,dc=example,dc=lan’
./listener.log:4974215:08.09.21 09:21:33.799 LISTENER ( ERROR ) : o365(I): office365-user.handler:318 new_enabled and not old_enabled -> NEW or REACTIVATED (uid=john.doe,cn=users,dc=ad,dc=example,dc=lan)
./listener.log:4982186:08.09.21 09:21:35.504 LISTENER ( ERROR ) : o365(I): office365-user.new_or_reactivate_user:252 User creation success. userPrincipalName: u’doe.john@example.hu’ objectId: u’4e4e0bcd-a0bc-4dae-b621-12f4z1p67446’ dn: uid=john.doe,cn=users,dc=ad,dc=example,dc=lan

And here is one for success for first time:
/listener.log.1.gz:31.08.21 10:25:29.169 LISTENER ( ERROR ) : o365(D): office365-user.handler:284 office365-user.handler() command: ‘m’ dn: ‘uid=jane.doe,cn=users,dc=ad,dc=example,dc=lan’
./listener.log.1.gz:31.08.21 10:25:29.176 LISTENER ( ERROR ) : o365(I): office365-user.handler:318 new_enabled and not old_enabled -> NEW or REACTIVATED (uid=jane.doe,cn=users,dc=ad,dc=example,dc=lan)
./listener.log.1.gz:31.08.21 10:25:30.456 LISTENER ( ERROR ) : o365(I): office365-user.new_or_reactivate_user:252 User creation success. userPrincipalName: u’doe.jane@example.hu’ objectId: u’df4f953c-d094-45f3-9ae8-09d9449d94d9’ dn: uid=jane.doe,cn=users,dc=ad,dc=example,dc=lan

Has anyone met this problem already? I’m kinda getting fed up with it as it doesnt happen all the time and not even the users with specific names/uids etc.
Thanks in advance for your help!

Peter

Mastodon