-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Critical
-
Affects Version/s: 2.5.29
-
Component/s: provisioning
-
None
-
Environment:Official docker container
When creating Microsoft Unified groups, an error is returned as the result of the response from Microsoft which results in the attribute, o365Id, to not be assigned the Group's object ID value. As a result, no operations (membership, deletion, etc) can be performed on the group.
The error as written to the logs/grouper_daemon.log:
Did not get all the way through the batch! 1848027 != 1848101java.lang.RuntimeException: Error in loader job: null, check logs: Error: o365 threw an exception processing change log entry sequence number 1848027., sequenceNumber: 1848027, com.squareup.moshi.JsonDataException: Expected one of [Public, Private, Hiddenmembership] but was HiddenMembership at path $.visibility
at com.squareup.moshi.StandardJsonAdapters$EnumJsonAdapter.fromJson(StandardJsonAdapters.java:258)
at com.squareup.moshi.StandardJsonAdapters$EnumJsonAdapter.fromJson(StandardJsonAdapters.java:227)
at com.squareup.moshi.JsonAdapter$2.fromJson(JsonAdapter.java:137)
at com.squareup.moshi.ClassJsonAdapter$FieldBinding.read(ClassJsonAdapter.java:194)
at com.squareup.moshi.ClassJsonAdapter.fromJson(ClassJsonAdapter.java:156)
at com.squareup.moshi.JsonAdapter$2.fromJson(JsonAdapter.java:137)
at retrofit2.converter.moshi.MoshiResponseBodyConverter.convert(MoshiResponseBodyConverter.java:45)
at retrofit2.converter.moshi.MoshiResponseBodyConverter.convert(MoshiResponseBodyConverter.java:27)
at retrofit2.OkHttpCall.parseResponse(OkHttpCall.java:225)
at retrofit2.OkHttpCall.execute(OkHttpCall.java:188)
at edu.internet2.middleware.grouper.changeLog.consumer.o365.GraphApiClient.invoke(GraphApiClient.java:164)
at edu.internet2.middleware.grouper.changeLog.consumer.o365.GraphApiClient.addGroup(GraphApiClient.java:201)
at edu.internet2.middleware.grouper.changeLog.consumer.Office365ChangeLogConsumer.addGroup(Office, threadId: 104, elapsed: 1285 ms
-------------------------------------------------------------------------------------------------------------------------
Our grouper-loader.properties file was as follows:
changeLog.consumer.o365.class = edu.internet2.middleware.grouper.changeLog.consumer.Office365ChangeLogConsumer
- fire every 5 seconds
changeLog.consumer.o365.quartzCron = 0,5,10,15,20,25,30,35,40,45,50,55 * * * * ?
changeLog.consumer.o365.syncAttributeName = etc:attribute:office365:o365Sync
changeLog.consumer.o365.retryOnError = true
changeLog.consumer.o365.tenantId = xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
changeLog.consumer.o365.clientId = xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
changeLog.consumer.o365.clientSecret =
changeLog.consumer.o365.domain = domain.edu
changeLog.consumer.o365.idAttribute = uid
#changeLog.consumer.o365.upnAttribute =
changeLog.consumer.o365.groupJexl = group.name.replaceAll("^app:office365:groups:courses:service:policy:","GROUPER-courses-")
#changeLog.consumer.o365.mailNicknameJexl =
#changeLog.consumer.o365.descriptionJexl =
#changeLog.consumer.o365.subjectJexl =
#changeLog.consumer.o365.groupType = [Security* | Unified]
changeLog.consumer.o365.groupType = Unified
#changeLog.consumer.o365.visibility = [Public* | Private | Hiddenmembership] * Only works with Unified groups
changeLog.consumer.o365.visibility = Hiddenmembership
#changeLog.consumer.o365.proxyType = [http | socks]
#changeLog.consumer.o365.proxyHost =
#changeLog.consumer.o365.proxyPort =