lastLoginTime discrepancy

[johnkberry]

Should Get-GSUser and Get-GSUserList return conflicting LastLoginTime information for the same user?

PS > (Get-GSUserList -Query "user@domain.com").LastLoginTime

Monday, June 29, 2020 1:56:26 PM

PS > (Get-GSUser "user@domain.com").LastLoginTime

Monday, June 29, 2020 4:58:53 PM

This is PSGSuite 2.36.4 on 5.1.14409.1005

[scrthq]

hey @johnkberry - Interesting! PSGSuite isn't manipulating the response at all for those. Are you getting the same value for PrimaryEmail as well between the 2?

Get-GSUserList -Query "user@domain.com" | Select-Object PrimaryEmail, LastLoginTime
Get-GSUser -User "user@domain.com" | Select-Object PrimaryEmail, LastLoginTime

[scrthq]

also worth noting that Get-GSUserList is just an alias for Get-GSUser:

>> Get-Command Get-GSUserList | Format-List

DisplayName       : Get-GSUserList
CommandType       : Alias
Definition        : Get-GSUser
ReferencedCommand : Get-GSUser
ResolvedCommand   : Get-GSUser

[johnkberry]

Hi @scrthq, interesting indeed. I changed my code to use Get-GSUser instead of Get-GSUserList to avoid the issue as Get-GSUser appears to provide more recent information that matches Google Admin, but the issue definitely exists:

PS > Get-GSUserList -Query "user@domain.com" | Select-Object PrimaryEmail, LastLoginTime

PrimaryEmail    LastLoginTime        
------------    -------------        
user@domain.com 6/27/2020 11:44:22 PM

PS > Get-GSUser -User "user@domain.com" | Select-Object PrimaryEmail, LastLoginTime

PrimaryEmail     LastLoginTime       
------------     -------------       
user@domain.com  6/29/2020 4:27:32 PM

[johnkberry]

The issue appears to be between the -Query and -User parameters:

PS > Get-GSUser -Query "user@domain.com" | Select-Object PrimaryEmail, LastLoginTime

PrimaryEmail    LastLoginTime        
------------    -------------        
user@domain.com 6/27/2020 11:44:22 PM

PS > Get-GSUser -User "user@domain.com" | Select-Object PrimaryEmail, LastLoginTime

PrimaryEmail    LastLoginTime       
------------    -------------       
user@domain.com 6/29/2020 4:27:32 PM

[johnkberry]

Hi @scrthq, I have confirmed this behavior through the Google API Explorer so this is clearly a Google issue:

GET https://www.googleapis.com/admin/directory/v1/users/user@domain.com

{
  ...
  "lastLoginTime": "2020-06-29T20:27:32.000Z",
  ...
}

GET https://www.googleapis.com/admin/directory/v1/users?query=user@domain.com&...

{
  ...
  "users": [
    {
      ...
      "lastLoginTime": "2020-06-28T03:44:22.000Z",
      ...
    }
  ]
}

[scrthq]

Thanks for the follow-up and additional digging, @johnkberry ! Using the query parameter like that (e.g. with only a value, not a comparison) for Users.List() is a bit of an odd approach in general anyway; if you know the email of the user, I would expect to use Users.Get($email) directly instead. Do you get any different behavior if you correctly format the query? E.g...

Get-GSUser -Query "email='user@domain.com'" | Select-Object PrimaryEmail, LastLoginTime

[johnkberry]

Hi @scrthq, I get the outdated lastLoginTime data with any request other than the explicit userKey endpoint, including:

query=user@domain.com
query=email=user@domain.com
domain=domain.com

I just ran a script to pull all users with domain=domain.com then iterate each with individual endpoint requests to compare the data to see how pervasive this issue is across our tenant:

Import-Module PSGSuite

$same = $diff = 0

$users = Get-GSUser -Domain domain.com

foreach ($user in $users) {

    if ((Get-GSUser $user.User).LastLoginTime -eq $user.LastLoginTime) { $same++ } else { $diff++ }

}

"Same: $same"
"Diff: $diff"

...

Same: 8488
Diff: 266

[scrthq]

Wow! That's quite the difference across either endpoint! Thanks for digging in and getting metrics (and providing the quick sample!!), now you have me wondering the same about my organization 😄

[johnkberry]

@scrthq Since there isn't anything that can be done about the issue from a PSGSuite perspective, do you have any tips on how to bring this to Google's attention?

[johnkberry]

@scrthq Looks like we're not the first to notice the issue:

https://issuetracker.google.com/issues/157227987

[scrthq]

@johnkberry I would recommend to report the issue through Google Support, I'm not aware of a better option to report bugs. Maybe an issue on the .NET client repo @ https://github.com/googleapis/google-api-dotnet-client, but it's not limited to the .NET SDK, so might not be the best place?

Seeing a similar discrepancy within my org:

Same: 13690
Diff: 1686