Name: office365-and-azure-ad-grouper-provisioner
Owner: Unicon, Inc.
Description: This project is an Internet2 Grouper connector (full sync and changelog consumer) that synchronizes Grouper groups and users to Microsoft Azure Active Directory/Office 365.
Created: 2016-01-15 23:02:47.0
Updated: 2017-12-22 15:43:02.0
Pushed: 2017-09-06 14:58:07.0
Homepage: null
Size: 6802
Language: Java
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
This project is an Internet2 Grouper connector (full sync and changelog consumer) that synchronizes Grouper groups and users to Microsoft Azure Active Directory/Office 365.
Note that this currently only supports security groups. Support for other group types is planned.
build
adlew clean distZip
copy contents of file to grouper home
p build/distributions/office-365-azure-ad-grouper-provisioner-1.0.0.zip -d /tmp
tmp/office-365-azure-ad-grouper-provisioner-1.0.0/*.jar /opt/grouper.apiBinary-2.3.0/lib/custom
Set up stem for provisioning and ID attribute
perSession grouperSession = GrouperSession.startRootSession();
ibuteDef provisioningMarkerAttributeDef = new AttributeDefSave(grouperSession).assignCreateParentStemsIfNotExist(true).assignName("etc:attribute:office365:o365SyncDef").assignToStem(true).assignToGroup(true).save();
ibuteDefName provisioningMarkerAttributeName = new AttributeDefNameSave(grouperSession, provisioningMarkerAttributeDef).assignName("etc:attribute:office365:o365Sync").save();
Stem = addStem("", "test", "test");
Stem.getAttributeDelegate().assignAttribute(provisioningMarkerAttributeName);
ibuteDef o365Id = new AttributeDefSave(grouperSession).assignCreateParentStemsIfNotExist(true).assignName("etc:attribute:office365:o365IdDef").assignToGroup(true).assignValueType(AttributeDefValueType.string).save();
ibuteDefName o365IdName = new AttributeDefNameSave(grouperSession, o365Id).assignName("etc:attribute:office365:o365Id").save();
Configure loader job in grouper-loader.properties
. Note that you will need to set up an application with access to your domain.
See documentation at [http://graph.microsoft.io/en-us/docs].
geLog.consumer.o365.class = edu.internet2.middleware.grouper.changeLog.consumer.Office365ChangeLogConsumer
re every 5 seconds
geLog.consumer.o365.quartzCron = 0,5,10,15,20,25,30,35,40,45,50,55 * * * * ?
geLog.consumer.o365.syncAttributeName = etc:attribute:office365:o365Sync
geLog.consumer.o365.retryOnError = true
geLog.consumer.o365.clientId = @o365.clientId@
geLog.consumer.o365.clientSecret = @o365.clientSecret@
Replace @o365.clientId@
and @o365.clientSecret@
with appropriate values from the application configuration.
Login to the app management console:
https://apps.dev.microsoft.com/
For first time use, create Office 365 account first:
Once in the App Mgmt Console, create an app:
To get a token for making Graph API calls, do the following:
Use the following request parameters: