Microsoft Graph
Benutzerdaten im Azure Active Directory können über die MicrosoftGraphSyncSource gelesen werden. Folgende Eigenschaften werden von Microsoft Graph bereitgestellt:
idfaxNumberemployeeIduserPrincipalNameaboutMecitycompanyNamecountrydepartmentdisplayNamegivenNamejobTitlemailmailNicknamemobilePhonemySiteofficeLocationpostalCodepreferredLanguagepreferredNamestatestreetAddresssurnameuserTypeaccountEnabledbirthday: Wenn vorhanden, wird das Datum als ISO 8601 Datum zurückgegeben.businessPhone: Im Microsoft Graph können mehrere Telefonnummern unter der EigenschaftbusinessPhonesabgelegt werden. Um ein einfaches Mapping zu ermöglichen, wird die erste Telefonnummer alsbusinessPhonebereitgestellt.onPremisesExtensionAttribute1-onPremisesExtensionAttribute15: Um ein einfacheres Mapping zu ermöglichen, werden die 15onPremisesExtensionAttributes als direkte Eigenschaften (onPremisesExtensionAttribute1etc.) bereitgestellt.photo: Das Benutzerbild wird alsphotobereitgestellt.
Eine Beschreibung der Microsoft Graph Eigenschaften finden Sie in der Microsoft-Dokumentation.
Konfiguration
<?xml version="1.0" encoding="utf-8" ?>
<UserSyncConfig>
<MicrosoftGraphSyncSource name="AzureAD" queryKey="OneOffixxIdentifier">
<Claims>
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" ignoreClaimIfEmpty="true" property="preferredName" />
<Claim type="http://schema.oneoffixx.com/ws/2011/01/identity/claims/displayName" ignoreClaimIfEmpty="true" property="displayName" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" ignoreClaimIfEmpty="true" property="givenName" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" ignoreClaimIfEmpty="true" property="surname" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" ignoreClaimIfEmpty="true" property="mail" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/webpage" ignoreClaimIfEmpty="true" property="mySite" />
<Claim type="http://schema.oneoffixx.com/ws/2011/01/identity/claims/phone" ignoreClaimIfEmpty="true" property="businessPhone" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddress" ignoreClaimIfEmpty="true" property="streetAddress" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode" ignoreClaimIfEmpty="true" property="postalCode" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country" ignoreClaimIfEmpty="true" property="country" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality" ignoreClaimIfEmpty="true" property="city" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone" ignoreClaimIfEmpty="true" property="mobilePhone" />
<Claim type="http://schema.oneoffixx.com/ws/2011/01/identity/claims/department" ignoreClaimIfEmpty="true" property="department" />
<Claim type="http://schema.oneoffixx.com/ws/2011/01/identity/claims/company" ignoreClaimIfEmpty="true" property="companyName" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" ignoreClaimIfEmpty="true" property="userPrincipalName" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince" ignoreClaimIfEmpty="true" property="state" />
<Claim type="http://schema.oneoffixx.com/ws/2011/01/identity/claims/photo" property="photo" />
</Claims>
</MicrosoftGraphSyncSource>
</UserSyncConfig>
ResultMapping
Die MicrosoftGraphSyncSource unterstützt das Mapping Format:
<?xml version="1.0" encoding="utf-8" ?>
<UserSyncConfig>
<MicrosoftGraphSyncSource name="AzureAD" queryKey="OneOffixxIdentifier">
<ResultMapping>
<Mapping>
<Map Source="displayName" Target="PropertyX" />
</Mapping>
</ResultMapping>
<Claims>
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" ignoreClaimIfEmpty="true" property="preferredName" />
<Claim type="http://schema.oneoffixx.com/ws/2011/01/identity/claims/displayName" ignoreClaimIfEmpty="true" property="displayName" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" ignoreClaimIfEmpty="true" property="givenName" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" ignoreClaimIfEmpty="true" property="surname" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" ignoreClaimIfEmpty="true" property="mail" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/webpage" ignoreClaimIfEmpty="true" property="mySite" />
<Claim type="http://schema.oneoffixx.com/ws/2011/01/identity/claims/phone" ignoreClaimIfEmpty="true" property="businessPhone" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddress" ignoreClaimIfEmpty="true" property="streetAddress" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode" ignoreClaimIfEmpty="true" property="postalCode" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country" ignoreClaimIfEmpty="true" property="country" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality" ignoreClaimIfEmpty="true" property="city" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone" ignoreClaimIfEmpty="true" property="mobilePhone" />
<Claim type="http://schema.oneoffixx.com/ws/2011/01/identity/claims/department" ignoreClaimIfEmpty="true" property="department" />
<Claim type="http://schema.oneoffixx.com/ws/2011/01/identity/claims/company" ignoreClaimIfEmpty="true" property="companyName" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" ignoreClaimIfEmpty="true" property="userPrincipalName" />
<Claim type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince" ignoreClaimIfEmpty="true" property="state" />
<Claim type="http://schema.oneoffixx.com/ws/2011/01/identity/claims/photo" property="photo" />
</Claims>
</MicrosoftGraphSyncSource>
</UserSyncConfig>
Als Target wird ein Wert angegeben, der mit dem Property-Parameter eines Claims korrelieren muss. Details und Konfigurationsbeispiele können hier gefunden werden: Mapping.