The documentation for the Microsoft Office Enterprise agent refers to the Azure Graph API.  Given that API is deprecated and will be turned off in 2022, are there plans to upgrade it to use the MS Graph API?

Over the last couple of weeks troubleshooting a separate issue, the customer has been reporting that some users hadn't been assigned licenses. In some cases this was due to accounts in error, but in others it has turned out to be that the delta imports from the corresponding IdentityBroker adapter (run on change detection by Event Broker) have not included changes that they should have. Such changes are only surfaced to MIM after a MIM MA full import (delta sync) is subsequently run.

To mitigate this problem, a twice-daily full import/delta sync operation across both IdB adapters is being performed. Over the last 4 days since this has been in place, a number of changes continue to be surfaced in the full import some 10 minutes after the last delta import. The latest of these FI runs which returned 5 changes was run at 7:07 am on Saturday 3rd December - at a time when there should be no business activity happening in any geographic region for QBE.

Investigations into SQL queries such as the following identified identities where a MODIFY change entry was present without a corresponding INSERT:

SELECT *  FROM [Unify.IdentityBroker50].[dbo].[ChangeLog]
WHERE TargetDistinguishedName = 'CN=bob,OU=container,DC=IdentityBroker' 

Filing this against the O365 connector because it happened to be for the related adapter - but it is likely this is a generic problem unrelated to a specific connector (i.e. am seeing FI steps return records consistently for both AD and AAD-based adapters)

Re-opened issue QBE-51 previously raised for this issue.

QBE reported this week that they are continuing to have long periods (several hours) where licenses are not being assigned, and are having to manually restart the IdB service multiple times during the day (the service is already being restarted each night at 4 am). The timeout error continues to be reported in the logs

See JIRA ticket QBE-59 for more details.

Getting the following error on a polling import on a Azure Graph API, the DLL exists however the version is 5.7.0.62414 rather than the 5.6.4.0 expected by IDB. Tried a binding redirect however that didn't correct the issue. This is occurring in IDB 5.1 with version 5.1 of the connector installed.

Change detection engine import changes failed.
Change detection engine import changes for connector Azure Graph API Users Connector failed with reason One or more errors occurred.. Duration: 00:04:47.8347097
Error details:
System.AggregateException: One or more errors occurred. ---> System.AggregateException: One or more errors occurred. ---> System.IO.FileLoadException: Could not load file or assembly 'Microsoft.Data.Services.Client, Version=5.7.0.62414, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040) ---> System.IO.FileLoadException: Could not load file or assembly 'Microsoft.Data.Services.Client, Version=5.6.4.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)
--- End of inner exception stack trace ---
at Microsoft.Azure.ActiveDirectory.GraphClient.ActiveDirectoryClient..ctor(Uri serviceRoot, Func`1 accessTokenGetter, IEnumerable`1 customTypeMappings)
at Unify.Product.IdentityBroker.AzureADGraphAgent.GetDirectoryDataService()
at Unify.Product.IdentityBroker.AzureADGraphAgent.<UsersGet>d__16.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Unify.Product.IdentityBroker.AzureADUserConnector.<GetEntitiesAsync>d__19.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Unify.Product.IdentityBroker.ConnectorToIdPollingAsyncConnectorBridge.<GetEntitiesAsync>d__10.MoveNext()
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass5_0`1.<CreateAndSendLogEntryAsync>b__0(Task`1 t)
at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke()
at System.Threading.Tasks.Task.Execute()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Unify.Product.IdentityBroker.EventNotifierSelectiveReadingAsyncConnectorDecoratorBase`1.<GetEntitiesAsync>d__2.MoveNext()
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
at Unify.Product.IdentityBroker.ChangeDetectionIdPollAsyncJob.RunBase()
at Unify.Framework.DefinedScopeJobAuditTrailJobDecorator.Run()
at Unify.Product.IdentityBroker.ConnectorJobExecutor.<>c__DisplayClass30_0.<Run>b__0()
at Unify.Framework.AsynchronousJobExecutor.PerformJobCallback(Object state)
---> (Inner Exception #0) System.AggregateException: One or more errors occurred. ---> System.IO.FileLoadException: Could not load file or assembly 'Microsoft.Data.Services.Client, Version=5.7.0.62414, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040) ---> System.IO.FileLoadException: Could not load file or assembly 'Microsoft.Data.Services.Client, Version=5.6.4.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)
--- End of inner exception stack trace ---
at Microsoft.Azure.ActiveDirectory.GraphClient.ActiveDirectoryClient..ctor(Uri serviceRoot, Func`1 accessTokenGetter, IEnumerable`1 customTypeMappings)
at Unify.Product.IdentityBroker.AzureADGraphAgent.GetDirectoryDataService()
at Unify.Product.IdentityBroker.AzureADGraphAgent.<UsersGet>d__16.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Unify.Product.IdentityBroker.AzureADUserConnector.<GetEntitiesAsync>d__19.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Unify.Product.IdentityBroker.ConnectorToIdPollingAsyncConnectorBridge.<GetEntitiesAsync>d__10.MoveNext()
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
at Unify.Framework.Auditing.AuditingExtensions.<>c__DisplayClass5_0`1.<CreateAndSendLogEntryAsync>b__0(Task`1 t)
at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke()
at System.Threading.Tasks.Task.Execute()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Unify.Product.IdentityBroker.EventNotifierSelectiveReadingAsyncConnectorDecoratorBase`1.<GetEntitiesAsync>d__2.MoveNext()
---> (Inner Exception #0) System.IO.FileLoadException: Could not load file or assembly 'Microsoft.Data.Services.Client, Version=5.7.0.62414, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)
File name: 'Microsoft.Data.Services.Client, Version=5.7.0.62414, Culture=neutral, PublicKeyToken=31bf3856ad364e35' ---> System.IO.FileLoadException: Could not load file or assembly 'Microsoft.Data.Services.Client, Version=5.6.4.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)
File name: 'Microsoft.Data.Services.Client, Version=5.6.4.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'

WRN: Assembly binding logging is turned OFF.
To enable assembly bind failure logging, set the registry value [HKLM\Software\Microsoft\Fusion!EnableLog] (DWORD) to 1.
Note: There is some performance penalty associated with assembly bind failure logging.
To turn this feature off, remove the registry value [HKLM\Software\Microsoft\Fusion!EnableLog].

at Microsoft.Azure.ActiveDirectory.GraphClient.ActiveDirectoryClient..ctor(Uri serviceRoot, Func`1 accessTokenGetter, IEnumerable`1 customTypeMappings)
at Unify.Product.IdentityBroker.AzureADGraphAgent.GetDirectoryDataService()
at Unify.Product.IdentityBroker.AzureADGraphAgent.<UsersGet>d__16.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Unify.Product.IdentityBroker.AzureADUserConnector.<GetEntitiesAsync>d__19.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Unify.Product.IdentityBroker.ConnectorToIdPollingAsyncConnectorBridge.<GetEntitiesAsync>d__10.MoveNext()

<---
<---

The v5.0 release supports provision/sync of only users and groups. I am not clear about the use case(s) as to where Broker would be used in lieu of AADConnect (or DirSync before it) or the WAAD connector in FIM - but without support for contacts such an interchange could not be considered for most enterprises.