grouper-users - [grouper-users] New Office 365 Consumer Log and Unified Groups
Subject: Grouper Users - Open Discussion List
List archive
- From: Beth Halsema <>
- To:
- Subject: [grouper-users] New Office 365 Consumer Log and Unified Groups
- Date: Fri, 24 Jul 2020 15:47:05 -0400 (EDT)
Our team is attempting to use the new Office 365 consumer log to maintain
course groups in Office 365.
We had successfully done so using the security groups; however, we wanted
to use the "Hiddenmembership" Unified groups in order to comply with
FERPA regulations and support the collaboration team's need to create
Microsoft Teams from these groups.
We modified the values in the grouper-loader.properties file:
changeLog.consumer.o365.class =
edu.internet2.middleware.grouper.changeLog.consumer.Office365ChangeLogConsumer
# fire every 5 seconds
changeLog.consumer.o365.quartzCron = 0,5,10,15,20,25,30,35,40,45,50,55 * * *
* ?
changeLog.consumer.o365.syncAttributeName = etc:attribute:office365:o365Sync
changeLog.consumer.o365.retryOnError = true
changeLog.consumer.o365.tenantId = xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
changeLog.consumer.o365.clientId = xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
changeLog.consumer.o365.clientSecret = :)
changeLog.consumer.o365.domain = domain.purdue.edu
changeLog.consumer.o365.idAttribute = uid
#changeLog.consumer.o365.upnAttribute =
changeLog.consumer.o365.groupJexl =
group.name.replaceAll("^app:office365:groups:courses:service:policy:","GROUPER-courses-")
#changeLog.consumer.o365.mailNicknameJexl =
#changeLog.consumer.o365.descriptionJexl =
#changeLog.consumer.o365.subjectJexl =
#changeLog.consumer.o365.groupType = [Security* | Unified]
changeLog.consumer.o365.groupType = Unified
#changeLog.consumer.o365.visibility = [Public* | Private | Hiddenmembership]
* Only works with Unified groups
changeLog.consumer.o365.visibility = Hiddenmembership
#changeLog.consumer.o365.proxyType = [http | socks]
#changeLog.consumer.o365.proxyHost =
#changeLog.consumer.o365.proxyPort =
I modified the file
/opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties
in our Docker containers in order to increase the logging.
log4j.logger.edu.internet2.middleware.grouper.changeLog.consumer.Office365ChangeLogConsumer
= DEBUG
The outcome was:
1. The groups are created in Office 365. According to the Office 365
admin portal, we created Microsoft 365 HiddenMembership groups.
No owners and no members.
In the logs/grouper_daemon.log file, the following error is logged:
Did not get all the way through the batch! 1848027 !=
1848101java.lang.RuntimeException: Error in loader job: null, check logs:
Error: o365 threw an exception processing change log entry sequence number
1848027., sequenceNumber: 1848027, com.squareup.moshi.JsonDataException:
Expected one of [Public, Private, Hiddenmembership] but was HiddenMembership
at path $.visibility
at
com.squareup.moshi.StandardJsonAdapters$EnumJsonAdapter.fromJson(StandardJsonAdapters.java:258)
at
com.squareup.moshi.StandardJsonAdapters$EnumJsonAdapter.fromJson(StandardJsonAdapters.java:227)
at com.squareup.moshi.JsonAdapter$2.fromJson(JsonAdapter.java:137)
at
com.squareup.moshi.ClassJsonAdapter$FieldBinding.read(ClassJsonAdapter.java:194)
at
com.squareup.moshi.ClassJsonAdapter.fromJson(ClassJsonAdapter.java:156)
at com.squareup.moshi.JsonAdapter$2.fromJson(JsonAdapter.java:137)
at
retrofit2.converter.moshi.MoshiResponseBodyConverter.convert(MoshiResponseBodyConverter.java:45)
at
retrofit2.converter.moshi.MoshiResponseBodyConverter.convert(MoshiResponseBodyConverter.java:27)
at retrofit2.OkHttpCall.parseResponse(OkHttpCall.java:225)
at retrofit2.OkHttpCall.execute(OkHttpCall.java:188)
at
edu.internet2.middleware.grouper.changeLog.consumer.o365.GraphApiClient.invoke(GraphApiClient.java:164)
at
edu.internet2.middleware.grouper.changeLog.consumer.o365.GraphApiClient.addGroup(GraphApiClient.java:201)
at
edu.internet2.middleware.grouper.changeLog.consumer.Office365ChangeLogConsumer.addGroup(Office,
threadId: 104, elapsed: 1285 ms
2. No members were ever added to the groups via changeLog.consumer.o365.
3. We were unable to delete the groups from Office 365 through their deletion
in Grouper.
The groups are created but no subsequent operations on them seem to be
performed.
Is there something that we have overlooked? Or is the development of support
for unified groups still a work-in-progress?
Thank you!
Beth
-------------------------------------------------------------------------
Beth A. Halsema - M.S. in Computer Science, GSEC
Sr. Sofware Engineer, Identity & Access Management
OVPIT - IT Security and Policy
www.itap.purdue.edu
- [grouper-users] New Office 365 Consumer Log and Unified Groups, Beth Halsema, 07/24/2020
- Re: [grouper-users] New Office 365 Consumer Log and Unified Groups, Beth Halsema, 07/24/2020
- RE: [grouper-users] New Office 365 Consumer Log and Unified Groups, Black, Carey M., 07/24/2020
- Re: [grouper-users] New Office 365 Consumer Log and Unified Groups, Beth Halsema, 07/24/2020
- RE: [grouper-users] New Office 365 Consumer Log and Unified Groups, Black, Carey M., 07/24/2020
- Re: [grouper-users] New Office 365 Consumer Log and Unified Groups, Beth Halsema, 07/24/2020
- Re: [grouper-users] New Office 365 Consumer Log and Unified Groups, Beth Halsema, 07/24/2020
- Re: [grouper-users] New Office 365 Consumer Log and Unified Groups, Beth Halsema, 07/24/2020
- RE: [grouper-users] New Office 365 Consumer Log and Unified Groups, Black, Carey M., 07/24/2020
- Re: [grouper-users] New Office 365 Consumer Log and Unified Groups, Beth Halsema, 07/24/2020
Archive powered by MHonArc 2.6.19.