Open johnkberry opened 4 years ago
hey @johnkberry - Interesting! PSGSuite isn't manipulating the response at all for those. Are you getting the same value for PrimaryEmail
as well between the 2?
Get-GSUserList -Query "user@domain.com" | Select-Object PrimaryEmail, LastLoginTime
Get-GSUser -User "user@domain.com" | Select-Object PrimaryEmail, LastLoginTime
also worth noting that Get-GSUserList
is just an alias for Get-GSUser
:
>> Get-Command Get-GSUserList | Format-List
DisplayName : Get-GSUserList
CommandType : Alias
Definition : Get-GSUser
ReferencedCommand : Get-GSUser
ResolvedCommand : Get-GSUser
Hi @scrthq, interesting indeed. I changed my code to use Get-GSUser
instead of Get-GSUserList
to avoid the issue as Get-GSUser
appears to provide more recent information that matches Google Admin, but the issue definitely exists:
PS > Get-GSUserList -Query "user@domain.com" | Select-Object PrimaryEmail, LastLoginTime
PrimaryEmail LastLoginTime
------------ -------------
user@domain.com 6/27/2020 11:44:22 PM
PS > Get-GSUser -User "user@domain.com" | Select-Object PrimaryEmail, LastLoginTime
PrimaryEmail LastLoginTime
------------ -------------
user@domain.com 6/29/2020 4:27:32 PM
The issue appears to be between the -Query
and -User
parameters:
PS > Get-GSUser -Query "user@domain.com" | Select-Object PrimaryEmail, LastLoginTime
PrimaryEmail LastLoginTime
------------ -------------
user@domain.com 6/27/2020 11:44:22 PM
PS > Get-GSUser -User "user@domain.com" | Select-Object PrimaryEmail, LastLoginTime
PrimaryEmail LastLoginTime
------------ -------------
user@domain.com 6/29/2020 4:27:32 PM
Hi @scrthq, I have confirmed this behavior through the Google API Explorer so this is clearly a Google issue:
GET https://www.googleapis.com/admin/directory/v1/users/user@domain.com
{
...
"lastLoginTime": "2020-06-29T20:27:32.000Z",
...
}
GET https://www.googleapis.com/admin/directory/v1/users?query=user@domain.com&...
{
...
"users": [
{
...
"lastLoginTime": "2020-06-28T03:44:22.000Z",
...
}
]
}
Thanks for the follow-up and additional digging, @johnkberry ! Using the query parameter like that (e.g. with only a value, not a comparison) for Users.List()
is a bit of an odd approach in general anyway; if you know the email of the user, I would expect to use Users.Get($email)
directly instead. Do you get any different behavior if you correctly format the query? E.g...
Get-GSUser -Query "email='user@domain.com'" | Select-Object PrimaryEmail, LastLoginTime
Hi @scrthq, I get the outdated lastLoginTime data with any request other than the explicit userKey endpoint, including:
query=user@domain.com
query=email=user@domain.com
domain=domain.com
I just ran a script to pull all users with domain=domain.com then iterate each with individual endpoint requests to compare the data to see how pervasive this issue is across our tenant:
Import-Module PSGSuite
$same = $diff = 0
$users = Get-GSUser -Domain domain.com
foreach ($user in $users) {
if ((Get-GSUser $user.User).LastLoginTime -eq $user.LastLoginTime) { $same++ } else { $diff++ }
}
"Same: $same"
"Diff: $diff"
...
Same: 8488
Diff: 266
Wow! That's quite the difference across either endpoint! Thanks for digging in and getting metrics (and providing the quick sample!!), now you have me wondering the same about my organization 😄
@scrthq Since there isn't anything that can be done about the issue from a PSGSuite perspective, do you have any tips on how to bring this to Google's attention?
@scrthq Looks like we're not the first to notice the issue:
@johnkberry I would recommend to report the issue through Google Support, I'm not aware of a better option to report bugs. Maybe an issue on the .NET client repo @ https://github.com/googleapis/google-api-dotnet-client, but it's not limited to the .NET SDK, so might not be the best place?
Seeing a similar discrepancy within my org:
Same: 13690
Diff: 1686
Should Get-GSUser and Get-GSUserList return conflicting LastLoginTime information for the same user?
This is PSGSuite 2.36.4 on 5.1.14409.1005