You are not logged in.

Announcement

 Téléchargez la dernière version stable de GLPI      -     Et vous, que pouvez vous faire pour le projet GLPI ? :  Contribuer
 Download last stable version of GLPI                      -     What can you do for GLPI ? :  Contribute

#1 2024-08-02 10:54:30

Tech2
Member
Registered: 2024-08-02
Posts: 1

SCIM Provisioning with Azure Entra

I have a problem with the user creation via SCIM and Azure Entra ID.
The setup and function works as expected at our main location, but all foreign locations run into an error.

Unfortunately, Azure only gives me these errors:

Failure
Action
Create
UPN XXX@XXXX.COM
Type User
Details
Error code SystemForCrossDomainIdentityManagementServiceIncompatible
Error message
We are not able to deserialize the resource received from your SCIM endpoint because your SCIM endpoint is not fully compatible with the Azure Active Directory SCIM client. Here is the resource we received from your SCIM endpoint: Please refer to the Azure Active Directory SCIM provisioning documentation and adapt the SCIM endpoint to be able to process provisioning requests from Azure Active Directory. This operation was retried 3 times. It will be retried again after this date: 2024-08-03T08:25:48.3102531Z UTC

I can't look in GLPI itself because the query log is no longer loading, probably due to too many entries.

The strange thing is, however, that if I create one of these accounts in GLPI manually with a username, SCIM provisioning can successfully update it with all the data.
Can anyone give me a tip for further troubleshooting or tell me how to get the query log working again?

Offline

#2 2024-08-07 14:50:25

makeijan
Member
From: Pontevedra, Galicia
Registered: 2008-01-29
Posts: 774
Website

Re: SCIM Provisioning with Azure Entra

You have a GLPI Network. You should report it to your GLPI Partner or Teclib'.

Other than that, cleanup the log, and repeat to get additional information, but I will blame AAD rather than SCIM.

Regards,

Offline

#3 2024-08-28 15:15:26

smarchand
Member
Registered: 2021-06-14
Posts: 28

Re: SCIM Provisioning with Azure Entra

Hello,

I'm using GLPI network too avec SCIM synchronization, accounts are created in locad AD => Ad connect to AAD => SCIm to Glpi. I had many trouble about manager and Locations fields. The manager file was empty, corrected in version 10.0.16 (not working in 10.0.14). For Location, by the past i have organozed from GLPI location by country (Paris under France) and when I have activated sync location from plugin all locations have beean removed. All locations have been set unter main entity and it works perfectly. I wrota that to explain that SCIm sync works perfectly (except user deletion lol, it soedn't works but seems to be an scim problem not glpi)

Offline

Board footer

Powered by FluxBB