I'm trying to create Mail Enabled Security groups using the Office 365
driver. So I set the group type to MailEnabledSecurity and I can see in
the trace that it uses New-DistributionGroup cmdlet to create the group
with a Type of "Security". This appears to create the group, but then
the driver appears to try and set the group owner right away and when it
does that, it fails to find the group:

DirXML: [03/06/15 10:11:33.908]: TRACE: SUB: get-pssession
DirXML: [03/06/15 10:11:33.908]: TRACE: SUB: get-msolgroup -ObjectID
af48df86-baec-4cf2-9a75-3ed62a6cf0de
DirXML: [03/06/15 10:11:34.112]: TRACE: SUB: This group does not
exist. Check the name and try again.
DirXML: [03/06/15 10:11:34.112]: TRACE: SUB: get-pssession
DirXML: [03/06/15 10:11:34.112]: TRACE: SUB: get-distributiongroup
-Identity af48df86-baec-4cf2-9a75-3ed62a6cf0de
DirXML: [03/06/15 10:11:34.799]: TRACE: SUB: get-pssession
DirXML: [03/06/15 10:11:34.799]: TRACE: SUB: get-msolgroup
-SearchString TestGroup7
DirXML: [03/06/15 10:11:34.987]: TRACE: Remote Loader:
SubscriptionShim.execute() returned:
DirXML: [03/06/15 10:11:34.987]: TRACE: ^M
<nds dtdversion="3.5">^M
<source>^M
<product instance="\TREE\MSO\Global\IdM\WMED-DriverSet\WMED-O365"
version="4.0.0.3" build="201410011420">Identity Manager Driver for
Microsoft Office365</product>^M
<contact>NetIQ, Corporation.</contact>^M
</source>^M
<output>^M
<status level="error"
event-id="idm-engine1#20150306151028#8#2:d87c3389-2dbd-4563-24b6-89337cd8bd2d">^M
<message>Sequence contains no elements</message>^M
<exception-type>InvalidOperationException</exception-type>^M
<stack-trace> at
System.Linq.Enumerable.First[TSource](IEnumerable`1 source)^M
at DXMLMSOnlineDriver.SPSubscriberShim.QueryOnline(Se archCriteria
srchCrit, String userNameOrObjectID, String key, String classname)^M
at DXMLMSOnlineDriver.SPSubscriberShim.modifyHandler( XdsOperation
xdsModify, XdsOutput xdsOutput)^M
at DXMLMSOnlineDriver.SPSubscriberShim.execute(XmlDoc ument doc,
IXmlQueryProcessor query)</stack-trace>^M
</status>^M
</output>^M
</nds>



I see the group get created in Exchange side, but not always in the MSOL
side. Sometimes it is there, and sometimes it is not.

The other problem I have is that I cannot figure out how to configure
the emailaddress/domain for the group either. If I add the EmailAddress
to the event, the entire event fails:

<nds dtdversion="4.0" ndsversion="8.x">
<source>
<product edition="Standard" version="4.5.0.2">DirXML</product>
<contact>NetIQ Corporation</contact>
</source>
<input>
<add cached-time="20150306145920.574Z" class-name="MSolGroup"
event-id="idm-engine1#20150306145920#8#2:8984846c-9def-4307-0aa6-6c848489ef9d"
qualified-src-dn="O=MSO\OU=Global\OU=O365-Groups\CN=TestGroup5"
src-dn="\TREE\MSO\Global\O365-Groups\TestGroup5" src-entry-id="39886"
timestamp="1425653960#36">
<add-attr attr-name="DisplayName">
<value naming="true" timestamp="1425653960#11"
type="string">TestGroup5</value>
</add-attr>
<add-attr attr-name="ManagedBy">
<value association-ref="b68a97de-7662-4829-841c-d5f75433dba4"
timestamp="1425653960#36" type="dn">contractor@mydomain.edu</value>
</add-attr>
<add-attr attr-name="GroupType">
<value type="string">MailEnabledSecurity</value>
</add-attr>
<add-attr attr-name="EmailAddress">
<value type="string">TestGroup5@mydomain.edu</value>
</add-attr>
</add>
</input>
</nds>
DirXML: [03/06/15 09:59:48.204]: TRACE: Remote Loader:
SubscriptionShim.execute() returned:
DirXML: [03/06/15 09:59:48.204]: TRACE:
<nds dtdversion="3.5">
<source>
<product instance="\TREE\MSO\Global\IdM\WMED-DriverSet\WMED-O365"
version="4.0.0.3" build="201410011420">Identity Manager Driver for
Microsoft Office365</product>
<contact>NetIQ, Corporation.</contact>
</source>
<output>
<status level="error"
event-id="idm-engine1#20150306145920#8#2:8984846c-9def-4307-0aa6-6c848489ef9d">
<message>Specified argument was out of the range of valid values.
Parameter name: index</message>
<exception-type>ArgumentOutOfRangeException</exception-type>
<stack-trace> at
System.Linq.Enumerable.ElementAt[TSource](IEnumerable`1 source, Int32
index)
at DXMLMSOnlineDriver.SPSubscriberShim.addHandler(Xds Operation
xdsAdd, XdsOutput xdsOutput)
at DXMLMSOnlineDriver.SPSubscriberShim.execute(XmlDoc ument doc,
IXmlQueryProcessor query)</stack-trace>
</status>
</output>
</nds>


I'm really struggling with these groups here. What am I missing? I want
to create mail enabled security groups via the driver and I want to be
able to set the email address of the group as well because there are
multiple domains.

Thanks!

Matt


--
matt
------------------------------------------------------------------------
matt's Profile: https://forums.netiq.com/member.php?userid=183
View this thread: https://forums.netiq.com/showthread.php?t=53011