Solved

Azure AD synced objects will not restore.

  • 17 March 2021
  • 3 replies
  • 207 views

Userlevel 2
Badge +5

hi,

 

it seems everytime a customer of ours is trying to restore a Synced Object to his azure AD. it will not work. it seems to only happen with synced objects and as i cannot find this stated in the documentation that it is not supported, i thought i would ask here.

 

the error we recieve when restoring the object captured in the cvaadrestore,log is:

 ApplicationData::AADUtil::GetEntry() - GET  [{"error":{"code":"Request_ResourceNotFound","innerError":{"client-request-id":"0483b272-9b6c-486c-b4b3-eebeebc9d3d2","date":"2021-03-16T14:34:08","request-id":"0483b272-9b6c-486c-b4b3-eebeebc9d3d2"},"message":"Resource '532aebfa-c31f-46b5-bfa6-3a9af9f3be6e' does not exist or one of its queried reference-property objects are not present."}}] failed!

 

and then it skips the item:

RestoreStats() - [Total:1  Restored:0  Skipped:1  Failed:0  Received-Bytes:11109]

 

does anyone know the current support status on synced object restores in azure ad?

the customer is on Version 20.40.

 

kind Regards,

 

Thos Gieskes.

icon

Best answer by Stuart Painter 17 March 2021, 11:19

View original

3 replies

Userlevel 7
Badge +15

Hi @Thos Gieskes 

Thank you for the question, there are some updates that may help here, particularly if MFA is used.

In SP20, we use both the service account and the app to backup and restore Azure AD. The service account should have the right to fully access Azure AD, which means it should have the global administrator role.

In SP21, we only use the App to backup and restore Azure AD. The will have all the API permissions required to fully access Azure AD.

-----

However, these changes have now been backported to SP20 and will be released in the next hotfix pack as these hotfixes:
3378    SP20 Azure AD agent will not user service account
3377    Azure Active Directory agent MFA support
3376    SP20 Azure AD agent will not user service account

What are your timeframe requirements to support these Azure AD restores?

Thanks,

Stuart

Userlevel 7
Badge +23

Hey @Thos Gieskes , hope all is well!  Following up to see if @Stuart Painter was able to assist on this issue.

Thanks!

Userlevel 2
Badge +5

HI @Mike Struening and @Stuart Painter .

i am sorry for the late reply.

but the customer is okay to wait on the Hotifxes.

thank you both!

kind Regards,

 

Thos Gieskes.

Reply