Published on 15th July 2022

Kelverion have released a new version of our Integration Pack for Microsoft Azure Active Directory.  This new release is a complete rewrite of our Integration Pack as Microsoft have depreciated the underlying API Kelverion had been using.   This means this release is a breaking update, any Runbooks built against an earlier version of the Integration Pack may cease to operate when you upgrade to this new version.

With the deprecation of the Microsoft Azure Active Directory Module for Windows PowerShell (MSOnline), the Integration Pack for Microsoft Azure Active Directory will now be using the Microsoft Graph REST API to integrate with Azure Active Directory. While the same activities are supported in version 2.0 of the integration pack, significant changes were necessary to integration pack configuration options, as well as activity properties, published data and filters.

This means that your configuration for the Integration Pack will change with version 2.0 and you will need to evaluate the configuration of each of the Azure Active Directory Activities in your Runbooks to ensure these will still operate as required and retest your Runbooks and make any changes required.

Full details on the changes are listed below;

No PowerShell Session

Since the integration pack is now using a REST API to communicate with Azure AD, the benefits, and limitations of using a PowerShell module no longer apply. Runbooks will no longer be running in the context of a local PowerShell session, which was maintaining state and synchronizing with the remote cloud environment. Instead, integration pack activities now communicate in a stateless manner with Azure AD, with Azure operations potentially taking longer to complete, in some cases after the integration pack activity has finished execution. For example, when creating a new AD user with the Add User activity, there may be a delay until user creation is complete and the user is available to be retrieved with the Get User activity.

Configuration Options Changes

The integration pack Configuration Options have been revised. Configuration properties pertaining to PowerShell integration have been removed. After upgrading to version 2.0, make sure to open your existing Configuration Options and specify the new configuration properties. Runbook activities will continue to operate with existing configuration options after they have been modified, provided that the configuration options name remains the same.

Note that Tennant ID is now part of integration pack Configuration Options and it is no longer available in as an input property in individual integration pack activities.

For details, please refer to the Configuring the Integration Pack Section in the integration pack User Guide.

Server-Side and Client-Side Filtering

Some of the integration pack activity filtering operations are now performed server-side, through the capabilities provided by the Microsoft Graph REST API. The integration pack can also perform client-side filtering, for operations that are not supported by the API for server-side filtering. In the case of client-side filtering, larger data sets are first retrieved from Azure AD, and then filtered down by the integration pack before publishing onto the Orchestrator data bus.

It is recommended that you use server-side filtering whenever possible, to reduce the amount of data that the integration pack retrieves from Azure AD. Be sure to refer to activity inputs and filters, to determine which operations are supported for server-side filtering. If a filter operator is not specified in the list of server-side filters, then that filtering operation is performed client-side.

Activity Changes

Add Group Member
  • The Group Member Type property has been removed.
Add User
  • The Alternate Mobile Phones property has been removed.
  • The License Agreement property has been removed.
  • The Mail Alias property has been added.
  • The Tennant ID property has been removed.
Add User License
  • The Tennant ID property has been removed.
Get Groups
  • The Descending property has been added.
  • The Has Errors property has been removed.
  • The Has License Errors property has been removed.
  • The Group Types output has been added.
  • The Group Types filter has been added.
  • The Is System Group output has been removed.
  • The Is System Group filter has been removed.
  • The Mail Enabled output has been added.
  • The Mail Enabled filter has been added.
  • The Order By property has been added.
  • The Security Enabled output has been added.
  • The Security Enabled filter has been added.
  • The Validation Status output has been removed.
  • The Validation Status filter has been removed.
Get Group Members
  • The Validation Status output has been removed.
  • The Validation Status filter has been removed.
Get User
  • The Account Enabled output has been added.
  • The Alternate Mobile Phones output has been removed.
  • The Assigned Licenses output has been added.
  • The Cloud Exchange Recipient Display output has been removed.
  • The Email Address output has been added.
  • The From Recycle Bin property has been removed.
  • The Is Blackbery User output has been removed.
  • The Last Dir Sync Time output has been removed.
  • The License Reconciliation Needed output has been removed.
  • The Microsoft Exchange Recipient Type output has been removed.
  • The Overall Provisioning Status output has been removed.
  • The Sign In Name output has been removed.
  • The Soft Deletion Timestamp output has been removed.
  • The STS Refresh Token Valid From output has been removed.
  • The Tenant ID property has been removed.
  • The Validation Status output has been removed.
Get User License
  • The Account Name output has been removed.
  • The Account Name filter has been removed.
  • The Service Plans Provisioning Status output has been removed.
  • The Tenant ID property has been removed.

Get Users

  • The Account Enabled output has been added.
  • The Account Enabled filter has been added.
  • The Alternate Mobile Phones output has been removed.
  • The Assigned Licenses output has been added.
  • The Cloud Exchange Recipient Display output has been removed.
  • The Cloud Exchange Recipient Display filter has been removed.
  • The Domain Name property has been removed.
  • The Email Address output has been added.
  • The Email Address filter has been added.
  • The From Recycle Bin property has been removed.
  • The Has Errors property has been removed.
  • The Is Blackbery User output has been removed.
  • The Is Blackbery User filter has been removed.
  • The Last Dir Sync Time output has been removed.
  • The Last Dir Sync Time filter has been removed.
  • The Last DirSync Time filter has been removed.
  • The License Reconciliation Needed property has been removed.
  • The License Reconciliation Needed filter has been removed.
  • The License Reconciliation Needed output has been removed.
  • The Microsoft Exchange Recipient Type output has been removed.
  • The Microsoft Exchange Recipient Type filter has been removed.
  • The Overall Provisioning Status output has been removed.
  • The Overall Provisioning Status filter has been removed.
  • The Sign In Name output has been removed.
  • The Sign In Name filter has been removed.
  • The Soft Deletion Timestamp output has been removed.
  • The Soft Deletion Timestamp filter has been removed.
  • The Strong Authentication Proofup Time filter has been removed.
  • The STS Refresh Token Valid From output has been removed.
  • The STS Refresh Token Valid From filter has been removed.
  • The Synchronized property has been removed.
  • The Tenant ID property has been removed.
  • The Validation Status output has been removed.
  • The Validation Status filter has been removed.
Remove Group Member
  • The Group Member Type property has been removed.
Remove User
  • The Remove Options property has been removed.
  • The Tenant ID property has been removed.
Remove User License
  • The Tenant ID property has been removed.
Update User
  • The Alternate Mobile Phones property has been removed.
  • The Tenant ID property has been removed.
Update User Password
  • The New Generated Password output has been removed.
  • The Tenant ID property has been removed.
Update User UPN
  • The Tenant ID property has been removed.

About Kelverion

Kelverion specialises in Service Request Automation and offers organisations an automation platform, pre-built solutions and training. Kelverion’s solutions enable organisations to harness the power of automation in the service management space and deliver a 400% return on investment over 12 months. For more information, visit: www.kelverion.com.

Media Contact

Rachel Billington

Rachel.Billington@kelverion.com

+44 (0) 203 875 8035