Bulk user profile properties update flow question (PnP APIs)

Copper Contributor

We are working on implementing synchronization of custom user details from LOB to AAD and SPO and were thinking of using the new APIs. I'd like to know, what is the connection between the Custom Synchronization tool and AAD in the diagram below? Is there synchronization of properties from the tool to AAD? Or the tool only copies data to the SPO Directory Store?

capture20170209110548918.png

6 Replies
Not 100% sure, but I'd say the tool copies data from the LOB system, to SharePoint Online User Profile. That arrow, just means the OOB Sync between AD and Azure AD. I can be wrong though.

Thanks for replying. The main reason I'm asking is that I need to determine, in cases where there's no AD onprem, whether we need to update properties in AAD ourselves or the sync tool does it already. It would make sense for the sync tool to do it in case of the system attributes that are synced OOB from AAD to SPO. Maybe @Vesa Juvonen knows the answer.

I think that arrow represents synchronization of properties that are in Azure AD but not synchronized to SharePoint via the default route (Bullet #2: AAD -> User Profile).

 

Not all properties (in fact only a few of them) in AAD are synched to SharePoint User Profile. The Custom Synchronization Tool in this case reads from both Azure AD and custom LOB system(s) to combine user information and synchronize it to SharePoint User Profiles.

Agreed. Only to note that if we take a look to the source code here: https://github.com/SharePoint/PnP/tree/master/Samples/UserProfile.BatchUpdate.API
The tool is not getting info from Azure AD, only from a text file. So, regarding Elena's question: "whether we need to update properties in AAD ourselves or the sync tool does it already", I think the answer is that they need to take care theirselves.

I actually tested the tool and found the same - the properties in AAD are not updated, updates are done only in SPO. So the connection on the flowchart is a bit misterious.

 

I guess it just means that you could write your own code in that tool, to read data from Azure AD, add that info to the sync file, and then, the API will update SPO with info from your LOB and Azure AD.