Univention Bugzilla – Bug 55984
[MS365] Azure attribute mobilePhone is filtered by connector, although it can be set via API
Last modified: 2023-05-31 15:56:45 CEST
When a mapping for the ldap attribute 'mobile' to the Azure attribute 'mobilePhone' is configured with UCR office365/attributes/mapping/mobile=mobilePhone the number is not synced to Azure. The reason is, that the connector filters the attribute. If the attribute is not filtered, the Azure object is updated correctly and the phone number appears correctly: diff --git modules/univention/office365/microsoft/objects/azureobjects.py modules/univention/office365/microsoft/objects/azureobjects.py index 268704a..14e5ccc 100644 --- modules/univention/office365/microsoft/objects/azureobjects.py +++ modules/univention/office365/microsoft/objects/azureobjects.py @@ -402,7 +402,7 @@ class UserAzure(AzureObject): # type: ('AzureObject') -> Dict[str, Any] """""" data = (self - other).get_not_none_values_as_dict() - can_only_be_created_not_modified = ["mobilePhone", "passwordProfile", "id", "assignedLicenses"] + can_only_be_created_not_modified = ["passwordProfile", "id", "assignedLicenses"] for attrib in can_only_be_created_not_modified: if attrib in data: # read text at beginning delete_user() To help in support cases, we should log when an attribute is filtered by the connector. There is also a test which claims to test to sync all attributes, it should be adapted. 07_udm_user_max_prop_sync_multi_adconnection.py [1] https://learn.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-1.0
fix: mobilePhone should not be removed from modlist We remove some attributes from the modlist, which can not be modified after initial user creation but mobilePhone is not one of them. `mobilePhone` can be modified at leasure with the MSGraphApi and now we also allow that.
Has been released