Hi there,
I´m creating an Azure AD driver to connect to an Azure AD B2C Tenant. When the driver starts it throws this error, Change enumeration is not supported for requested tenant, and the driver terminates. Below is an extraction of the driver log with the query and the error returned. I configured the driver to connect to an Azure AD B2C Tenant. As this error is a fatal error, the driver is terminated. I found a document on the Internet that mentions that Azure AD B2C does not support delta queries, but I did not find anywhere on the driver to configure it not to create a delta query.
Anyone of you had hit this issue? If so, what it is the fix for it?
Thanks.
Gustavo
[09/24/24 16:08:59.671]:AZURE_AD PT:AZURE_AD: Sending command document to subscriber
[09/24/24 16:08:59.674]:AZURE_AD PT:
<nds dtdversion="4.x" ndsversion="8.x">
<source>
<product version="5.1.1.0">NetIQ Identity Manager Driver for Azure AD and Office365</product>
<contact>NetIQ Corporation</contact>
</source>
<input>
<driver-operation-data class-name="users" command="delta-token-only">
<request method="GET" url="">graph.windows.net/.../directoryObjects
<url-token/>
<header ocp-aad-dq-include-only-delta-token="true"/>
<value/>
</request>
</driver-operation-data>
</input>
</nds>
[09/24/24 16:08:59.701]:AZURE_AD PT:AZURE_AD_Azure: RESTSubscriptionShim.execute() :
[09/24/24 16:08:59.704]:AZURE_AD PT:AZURE_AD_Azure: Calling document modifier class com.novell.nds.dirxml.driver.azure.apiext.GraphAPIExtension.modifySubscriberRequest()
[09/24/24 16:08:59.709]:AZURE_AD PT:AZURE_AD_Azure: customHandler
[09/24/24 16:08:59.711]:AZURE_AD PT:AZURE_AD_Azure: customHandler: class-name == 'users'
[09/24/24 16:08:59.714]:AZURE_AD PT:AZURE_AD_Azure: Custom: preparing GET to graph.windows.net/.../directoryObjects
[09/24/24 16:08:59.723]:AZURE_AD PT:AZURE_AD_Azure: Resetting headers
[09/24/24 16:08:59.726]:AZURE_AD PT:AZURE_AD_Azure: Setting the following HTTP request properties:
Authorization: <content suppressed>
[09/24/24 16:08:59.731]:AZURE_AD PT:AZURE_AD_Azure: ocp-aad-dq-include-only-delta-token:true
[09/24/24 16:08:59.734]:AZURE_AD PT:AZURE_AD_Azure: Trying to use existing token
[09/24/24 16:08:59.737]:AZURE_AD PT:AZURE_AD_Azure: Did a HTTP GET with 0 bytes of data to graph.windows.net/.../directoryObjects
[09/24/24 16:09:00.374]:AZURE_AD PT:AZURE_AD_Azure: Response code and message: 400 Bad Request
[09/24/24 16:09:00.374]:AZURE_AD PT:AZURE_AD_Azure: Calling document modifier class com.novell.nds.dirxml.driver.azure.apiext.GraphAPIExtension.modifySubscriberResponse()
[09/24/24 16:09:00.377]:AZURE_AD PT:AZURE_AD: Received response document from subscriber
[09/24/24 16:09:00.381]:AZURE_AD PT:
<nds dtdversion="3.0">
<source>
<product build="20220829_0332" version="1.1.2.0400">Identity Manager REST Driver</product>
<contact>NetIQ Corporation.</contact>
</source>
<output>
<status level="error" type="driver-general">
<driver-operation-data class-name="users" command="delta-token-only" dest-dn="">
<response method="GET" url="">graph.windows.net/.../directoryObjects
<url-token/>
<header ocp-aad-dq-include-only-delta-token="true"/>
<response-header Cache-Control="no-cache" Content-Length="143" Content-Type="application/json; odata=minimalmetadata; streaming=true; charset=utf-8" DataServiceVersion="3.0;" Date="Tue, 24 Sep 2024 19:08:59 GMT" X-AspNet-Version="4.0.30319" X-Content-Type-Options="nosniff" X-Powered-By="ASP.NET" client-request-id="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxxxa" ocp-aad-diagnostics-server-name="AOuehRRKW/Qe/5LgxoeE6xaLr10cfPmR2pQ6KUoiI6M=" ocp-aad-session-key="E_9TZXH9NDcA8vzJ9tkNCaX3IdAgVRILLYNepP08uVnkdkTyRsCVnLsicVgVyyUdwderDLZTMwRNYYG-jBe6sUCvQhvrjLM6Ls7N3vGe9tSptd7SH7s0rKADo98zsQeIS2Y6M-yj0Zwxdld8YKE6lUOyrQVOPqIE1AeP02O4GDcBVAqcI-v9JFBIRZaUK-239gX3yd5WbNDtxj-JPsMAXbF_hwWmzWtxPq43TfXJE1_m7kN9RWlu54PI835YZFmn_prOGqB7FkPEPJY55n3X86x6GGbGPkBRrR3jOc1G1cuMcXtwQ8oeRfsdTb3I5di0UjVmbZBC8RF0puqmheDprpc2wVyEHUJQW4Imm524fdJlQGS3ZBJD3OcvhIyS_kNNHzWip2hlHU0fQ-O6IhpWumdoi4QxjxHtkZOzm-bd46ju1Tk8qlifmCgfPQsJ9J8kA9oovBCApAarIPFmHUXAWfCngtg6OYO0Ymmq1VSGvnFMX1m9eRcDdiSKcKsWFLdqBwfhEEM8BlHuy4C5Ytr6TNqx2b_oIxIi58hVFufHXAMDafRsh5FMOv2R7iIkBfUIfKLzM98zlFcOgIbtLne6nDvvHJ4mX8J8IXhn7nDg3kESxI6kcRbIqLpgI9OjV1-HprSRLgq7__NI-brwyyFrtlR791feS209SVao6c3VzRgK5A8RGe5K76FIKNgHZwV70bL9hQ_B_0UHBK47c_CkVHIFCh4JYQmTswbnT248cDtm7yOX7d4a5QCbnoE7E9S1dHsE9wrSZ6MU5FUqUzClcIHp_0vEKhrLRRA4ljMZTC7ioyhJDk_e4bQ-k6hcn35laZJLj0bH5p55m8nVmutg9VoY-3jeNXc0D7iKI9TTQSYJ3tS8WeOWRoxYvRpcSoNsf5bvkjnlvDJ6NsmQrmhB8Tu17hMwl0mfEKlkK1iO3CsU4NQhOxntr9eglGJ6WZEPcbePvgxthQAum8qNoCmyj_UW5QfhFTGeMDXnjO1S256ezzunduBYTI7eEFuHsQzuHr84FeELEd-V9t_RTy7Cjmlpcia4dGrETHrlZ_yg54PdP-6XPbMfF78TEpDlBwEfho5bGuwjAeM9C6y5s78jACAxCPHjySf8NFQ6gow0zs42Bc4wujTX3zVGCc0z7Led4ivOc4WMSyPr2L3wFeqBcsjRSRbq7Zhbj_4jZnqrCXQ.vYVzq3BUudE-azXip-RlsVtV8fMTkuGVAT2A0tdU-XE" request-id="5353c61c-4fda-49fc-8234-5cc8a0b91f0e" x-ms-dirapi-data-contract-version="1.6"/>
<value message="Bad Request" status="400">{"odata.error":{"code":"Request_UnsupportedQuery","message":{"lang":"en","value":"Change enumeration is not supported for requested tenant."}}}</value>
</response>
</driver-operation-data>
</status>
</output>
</nds>
[09/24/24 16:09:00.464]:AZURE_AD PT:AZURE_AD: Caught exception during REST Channels initialization.
[09/24/24 16:09:00.468]:AZURE_AD PT:PublicationShim.init() returned:
[09/24/24 16:09:00.469]:AZURE_AD PT:
<nds dtdversion="4.x" ndsversion="8.x">
<source>
<product build="20190328_1251" instance="AZURE_AD" version="5.1.1.0">Identity Manager Driver for Azure AD and Office 365</product>
<contact>NetIQ Corporation</contact>
</source>
<output>
<status level="fatal" type="com.novell.nds.dirxml.driver.azure.StatusException">Graph: org.codehaus.jettison.json.JSONException: JSONObject["aad.deltaLink"] not found.</status>
</output>
</nds>