Deleting the Last Name attribute value of users is not synchronized to the Identity Manager
Adding a user with a long Display Name attribute fails on the Publisher channel
Adding a user with a long First Name attribute fails on the Publisher channel
Initials Synchronization not Supported on the Subscriber channel
Synchronization of an attribute depends on the selected MsolUser or MsolGroup type
Setting the set-executionPolicy to RemoteSigned in the Powershell
Changing the driver settings for allowing certain operations
TypeInitializationException Errors during the Driver Startup
Publisher Event Removes Exchange Security/DL Group Exchange Attributes
Driver Deletes Description Attribute while Updating the eMailAddress attribute
Deleting All Groups from the Office 365 Portal is not Synchronized with the Identity Manager
Random Issue Observed While Connecting to the Exchange Portal
Deleting a User From Associated Office365 Group Displays Error Message in Driver Logs
The LastName attribute of Office 365 is mapped to the Surname attribute of the Identity Vault. If the value of LastName is removed from Office 365, the Identity Vault does now allow empty field to be synchronized.
The Display Name attribute of Office 365 is mapped to the Full Name attribute of the Identity Vault. The Identity Vault does not allow a Full Name value with more than 64 characters. The Identity Vault sends a SYNTAX_VIOLATION exception.
The First Name attribute of Office 365 is mapped to the Given Name attribute of the Identity Vault. The Identity Vault does not allow a Given Name value with more than 32 characters. The Identity Vault sends a SYNTAX_VIOLATION exception.
The Office 365 driver does not support the synchronization of user initials on the Subscriber channel. To workaround this issue, send the powershell cmdlet Set-User -Initials <initals> - username as part of the subscriber event.
It occurs for the attribute that are either irrelevant to the type of group and user that is being synced or unsupported by the cmdlets.
For some operations, traces might appear with this message:
Disallowed attribute Sync : <attr>.
For more information on MsolUser and MsolGroup type attribute synchronization, see Table B-2 and Table B-5.
The Office 365 driver displays invalid EmailAddresses attribute synchronization message when you add a user to the Office 365 portal. To workaround this issue, perform any one of the following actions:
Configure a new single-valued eDirectory attribute of the type syntax string and map it with the MsolUserType in the schema mapping. You must set the MsolUserType attribute to UserMailbox/MailUser to synchronize the exchange attributes during the Add operation.
Customize the Subscriber command transformation policy to include a rule that adds the MSolUserType attribute to the Add XDS event if MsolUsertype is not defined.
To start the Office 365 driver, change the set-executionPolicy to RemoteSigned in the Powershell. By default, it is set to Restricted. If you don’t change the setting, the driver fails to start and displays the following error message:
Error Connecting to Office 365. File <file>.psm1 cannot be loaded because the execution of scripts is disabled on this system.
The Office 365 driver does not allow some of the Distribution or Security Group settings for specific groups. For example, it doesn’t allow you to set Member Depart Restriction to Open for a Security Group. It doesn’t allow you to set Member Join Restriction to Approval Required for some Distribution Groups.
The TypeInitializationException exception can occur in the following cases:
PowerShell help is not up-to-date.
The Office 365 driver is not compatible with the Microsoft Online Services module.
The Microsoft Online Services are not present in the driver installation folder.
To start the driver successfully, perform one of the following actions:
Run the get-help new-msoluser PowerShell command or run the Update-Help command to download and install the most recent help files for the Windows PowerShell modules. You can run the PSVersion command to verify the powershell version.
A prompt displays asking you to confirm the update. Click Yes to proceed with the update.
Upgrade the Office 365 driver to the latest patch and the Microsoft Online Services to the latest version. For more information, see Prerequisites.
Ensure that all the dll files from the default Windows PowerShell path are copied to the driver installation folder. For more information, see Section 2.0, Installing the Driver Files.
Unblock the downloaded dlls. To unblock them, right-click the following binary files and select Properties > Unblock.
DXMLMSOnlineDriver.dll
SQLite.Interop.dll
System.Data.SQLite.dll
The driver generates error messages if you try to re-grant an RBPM role that includes multiple entitlements to a user.
It is safe to ignore the error because it does not affect the re-granting role operation.
The description attribute does not synchronize for the Exchange groups on both Subscriber and Publisher channels.
There is no workaround at this time.
The driver does not support exchange group attributes poll on the Publisher channel. NetIQ recommends that you set exchange attributes to Ignore on the driver filter.
When the Publisher channel updates the eMailAddress attribute for an exchange group, the driver sends a delete event and removes the group Description attribute from the Identity Vault.
The Office 365 driver does not synchronize the delete event with the Identity Manager if all the groups are deleted from the Office 365 portal.
Identity Manager creates duplicate primary email addresses (SMTP) for the Office 365 users when the users are renamed.
To workaround this issue, set the Optimize modifications to Identity Vault option to No for the Internet EMail Address attribute in the driver filter.
The O365 throttling issue encountered error randomly occurs when a user or group operation fails on the Exchange portal.
This is a Microsoft issue. Contact Microsoft support to troubleshoot the issue.
The Office 365 driver displays exception errors when you restart the driver after an abnormal exit. This is due to unavailability of runspaces required for establishing new remote PowerShell connections with the Office 365 portal. Before attempting a driver restart, wait for the Office 365 portal to automatically close the active runspaces because Microsoft allows only limited remote runspaces for each exchange online users.
When a user is deleted from the Identity Vault which is a member of an associated group, it displays the following error message in the driver logs:
The member you are trying to delete is not in this group.
It is safe to ignore this error message.
When you add a user with MSolUserType attribute set to UserMailbox, the account tracing attributes are not created for the user.
There is no workaround at this time.