Azure AD Autoprovisioning stopped working
I have a group in Azure AD called ZenDesk from which agents are set to be auto-provisioned. Yesterday, I made a change in the ZenDesk application scoping filters in Azure AD to set it to provision only assigned users and groups. For some reason, when I did that, things stopped working. Multiple agents were deleted from ZenDesk and their tickets were unassigned. I tried switching it back to "Sync all users and groups", but when I try to re-provision those users who were deleted, I get an error in Azure:
MappingEvaluationFailed
An error occurred while evaluating this function: 'custom_roles = AppRoleAssignmentsComplex(source: appRoleAssignments).'
-
Update: I also hade one user who was assigned to the ZenDesk app directly (i.e. not through the ZenDesk group) who has now suddenly been deleted. He is assigned the "admin" role, which is why he's not provisioned through the group.
-
Did you create a customer support ticket with Zendesk for this?
-
Hello,
I have the same problem. The support told me that they can't help as Microsoft developped the app.
Is there any fix ? It worked in June when I ran some tests
-
I did open a customer support ticket, yes, but my results were much the same as Lotfi's.
This happens every once in a while still, and is very annoying. All ZenDesk agents and admins except the billing admin are removed, and I have to go in and run provisioning for each ZenDesk agent individually in Azure AD to get them back. Then I have to go in and reassign all tickets manually. It's a mess.
It seems to happen specifically when update job title/manager for users in Active Directory. I have a PowerShell script I use to update managers/job titles based on a CSV HR sends us, and I have to make sure none of the ZenDesk agents is on the CSV file that the script runs through, or that agent will be deleted from ZenDesk. It also happened when I added the "Job Title" attribute to user provisioning in the Azure AD enterprise app.
Please sign in to leave a comment.
4 Comments