Open kkiiskin opened 2 years ago
Hi @kkiiskin,
Sorry for not getting back to you sooner. It's the month before new academic year starts for a lot of our customers, so crazy busy times.
This is an interesting case that I didn't have to do it for any of the sites that we maintain so far. Since all resources (users, groups, calendars etc) will have different GUID in the new tenant, the principle would be any records in Moodle database that contain GUID or unique values linked to the resources in the old tenant would need to be cleared down. This includes:
auth_oidc_state
auth_oidc_token
(tokens are generated for resources in the old tenant)local_o365_appassign
(assigne
status and photoid
will be different)local_o365_calidmap
(outlookeventid
will be different)local_o365_calsettings
(o365calid
will be different)local_o365_calsub
(o365calid
will be different)local_o365_objects
(objectid
of all records - users and groups - will be different)local_o365_teams_cache
(objectid
will be different)local_o365_token
(tokens are generated for resources in the old tenant)Also after configuring the new app, you will need to reconfigure the integration (provide admin consent, verify setup etc) to ensure that a new application token is created.
Please post back how it goes in this process.
Regards, Lai
Hi @weilai-irl
the change went well for us with emptying auth_oidc_token and local_o365_objects tables. Only authentication was used in this instance so that was enough.
Hi @weilai-irl
this issue can be closed. Thank you!
Hi
if all useraccounts are moved to a new Azure AD tenant, but UPN:s and emailaddresses are kept the same, should we empty all data from auth_oidc_token and local_o365_objects tables? Or do we need to do even that?
The app registration is of course created to the new tenant and configured to Moodle before users log in.