Identity Broker for Microsoft Office365 to support CONTACT objects too
The v5.0 release supports provision/sync of only users and groups. I am not clear about the use case(s) as to where Broker would be used in lieu of AADConnect (or DirSync before it) or the WAAD connector in FIM - but without support for contacts such an interchange could not be considered for most enterprises.
Answer
Thanks for that Bob. Would it be an issue that the API does not support the creation of contacts?
Yes Adam it would - and I am very surprised to hear that. The WAAD connector supports this, so I don't know what API this is calling - perhaps the same one as the Exchange (and that is probably the clue) Online PowerShell API here?
https://technet.microsoft.com/en-us/library/bb124519(v=exchg.160).aspx
I should have double-clicked. I'll eat my humble pie. Given a Contact object is an Exchange only object, it can only be created using PowerShell. Do we have an Exchange Online connector?
It's part of the suite. At the moment, however, we just have Exchange user setting as part of the base user connector. The PowerShell connector can fill in any gaps until a proper solution is offered by Microsoft.
You're going to kill me https://graph.microsoft.io/en-us/docs/api-reference/v1.0/api/user_post_contacts
Thanks Adam. Appears to be the user contact (not domain) that has been migrated to the new RESTful endpoint. Hopefully they eventually migrate the domain contact.
I was under the impression that the RESTful API supported deltas - but I can't find this anywhere. The WAAD MA supports delta imports (as you would expect) so it's just a matter of whether the API supports it too ... and while we all knew the PowerShell API did not, this one is supposed to. Can you guys confirm? I see delta support as vital here.
Ah cool - it's just that the doco on our https://unifysolutions.jira.com/wiki/display/IDBMOE50/Azure+AD+user+connector page says POLLING = NO. I was wondering why, and suspected it was because the API doesn't support it ...
Sorry, I misread your last response. When the connector was originally written there was no way to do this in Azure Graph. However, from reading here it appears it has now been added. Unfortunately at the moment it's not yet in the API, so it should just be a matter of time before it is.
I just noticed that the .NET API appears to be capable of CRUD on the contact object even though the documentation says that it's not possible. Wonder which is correct?
OK thanks for the clarification Adam. So assuming get-by-id is implemented and used, then current behaviour should be that immediately after invoking the API to set the licenses the connector would do a confirming read (by ID) to be able to flow the confirming import back to FIM (delta import)? In other words we don't need the polling connector implemented for this part to work?
Correct, polling import on the adapter side is separate from delta on the connector side, as has always been the case. We make the assumption that a successful export should let a polling import to retrieve the same information. It's only poorly designed API's where this assumption doesn't hold, and that's where regular full imports would fix up these issues (as is our best practice with all solutions).
Currently not possible due to the current version not supporting adds:
{"odata.error":{"code":"Request_BadRequest","message":{"lang":"en","value":"Data contract version does not allow 'Create' operations against instances of resource 'Contact'."},"values":null}}
The code is now available to do this new connector (as long as the functionality is added to Graph), so as soon as it's possible it won't take long to release.
Customer support service by UserEcho
Currently not possible due to the current version not supporting adds:
The code is now available to do this new connector (as long as the functionality is added to Graph), so as soon as it's possible it won't take long to release.