Profile Photos are not syncing after second+ logins

[anormore]

Plugin is working great otherwise... However the user profile photos are not syncing!

I just end up with a generic user profile.

Even if I upload something, when cron/login runs it fails, and gives me back the generic login profile... Where do I start?

[anormore]

I switched over to the legacy API rather than the default graph API and it's working. For my own user account only. Other accounts don't seem to be working...

[jamesmcq]

Hi @anormore - First step is to enable debug logging from the local plugin settings page, then click the link in the setting description to view the logs. Run a profile photo sync (Run the cron or login), and see if any logs appear. This would provide more information on what might be happening.

[cb526]

Just to confirm the issue still exists in latest version.

[jamesmcq]

@cb526 are you able to provide any logs by following the process I outlined above?

[anormore]

Hey all, we're still plagued by this issue. We're running the latest version now and re-focussed on this issue. Will keep everyone updated, but we're getting API errors.

...... Error in delta usersync: Error in API call: Invalid property: telephoneNumber

Would this lead to the exit of the sync script? Cheers.

[jamesmcq]

@anormore Thanks for the logs - that should help investigation. Will update you when I have more information.

[anormore]

Hi friend, I've been digging in to this... adding a bunch of logging diagnostics to the get_photo stuff.

It's lead me down the rabbit hole to discover that the API simply does not detect any profile photo. More interestingly I think this next bit is important:

Azure AD Application Registration Verifies the correct parameters are set up in Azure AD. Could not check reply url. Microsoft Graph API The Microsoft Graph API allows communication between Moodle and Office 365. Error in API call: Resource 'a4c0d54f-242f-4f18-86b6-d666cb2c9f88' does not exist or one of its queried reference-property objects are not present. This tool checks with Azure AD to make sure everything is set up correctly. Note: Changes in Azure AD can take a moment to appear here. If you have made a change in Azure AD and do not see it reflected here, wait a moment and try again.

So, the Graph API is not connecting. In previous versions of your plugin we had an option to disable the graph api, and we had photos working. We have just updated to the most recent version and this is the error we receive.

I have thousands of users logging in with O365 with no problem.

How do we fix this? :)

PS: I think discovering this issue will help solve other open tickets from what I see. They feel related.

EDIT: I have found some information and a solution from another project: https://stackoverflow.com/questions/45376130/resource-random-guid-does-not-exist-or-one-of-its-queried-reference-property-o

[anormore]

Additionally, when I run the Sync Users with Azure AD in scheduled tasks this is the output:

Execute scheduled task: Sync users with Azure AD. (local_o365\task\usersync) ... started 12:35:23. Current memory use 15.5MB. ...... Starting sync ...... No skiptoken (delta) stored. ...... No deltatoken stored. ...... Using delta sync. ...... Contacting Azure AD... ...... Error in delta usersync: Error in API call: Invalid property: telephoneNumber ...... Resetting skip and delta tokens. ...... Got response from Azure AD ...... Clearing deltatoken (none received) ...... Clearing skiptoken (delta) (none received) ...... No users received to sync. ...... Sync process finished. ... used 4 dbqueries ... used 0.34740996360779 seconds Scheduled task complete: Sync users with Azure AD. (local_o365\task\usersync)

This may shed some light?

I have also enabled: $CFG->local_o365_forcelegacyapi = true;

This has made no impact.

[jamesmcq]

Thanks @anormore - I'm going to look at this further. Appreciate the details logs!

[cybercorey]

Hey dude, Similar issues... Fixed the sync issues by commenting out the following in: /local/o365/classes/rest/unified.php

    protected function get_default_user_fields() {
        return [
            'id',
            'userPrincipalName',
            'displayName',
            'givenName',
            'surname',
            'mail',
            'streetAddress',
            'city',
            'postalCode',
            'state',
            'country',
            'jobTitle',
            'department',
            'companyName',
            'preferredLanguage',
//            'telephoneNumber',
//            'facsimileTelephoneNumber',
//            'mobile',
        ];
    }

Still getting the following however:

Error in API call: Resource '-snip-' does not exist or one of its queried reference-property objects are not present.

[anormore]

Hey @jamesmcq just checking in with you, our team had a meeting today. This is affecting about 4000 users.

I see this is in progress, that's good!

Anything further I can do to assist you?

[anormore]

Hey there, just another 7 day check for a total of 14 days... :) Anything I can do to help further this?

[anormore]

@cybercorey I can confirm that commenting these lines out has fixed some issue with Sync! Still don't have photos though.

[anormore]

Hey guys just checking in, been a month... I guess I'll have to.. fix myself? Here we go...?

[jamesmcq]

Hi @anormore, don't worry I have not forgot you! I am actively working on a solution and hoping to get something for you in the next release.

[gunnar-restorff]

I cannot get the photosync to work either. I have been trying literally for days. Other fields (as firstname and lastname) get updated. But when I log in with any user, any saved profile photo in Moodle gets deleted, so there is just a standard phantom profile picture. If I comment out the lines

$fs = \get_file_storage();
$fs->delete_area_files($context->id, 'user', 'icon');
$DB->set_field('user', 'picture', 0, array('id' => $muser->id));

the current profile picture is not deleted. But no matter if there is a profile picture in o365 (portal.office.com) or in azure (portal.azure.com), it doesn't get synced to moodle. So apparently $size is empty, and the apicall doesn't get any meta data. I don't know how to check if a call like $image = $apiclient->get_photo($user); does give anything.

I would very much appreciate any help with this.

[anormore]

Hey @gunnar-restorff that's a GREAT find! I know how to debug this stuff, I will take over where you left off and see if I can't figure anything else out.

I do recall that if $size is empty the entire function will drop out. I'll try hacking some values in there to see if we can make anything stick.

Again, great find, maybe this is it!

@jamesmcq Thanks for your work on this, we at YorkvilleU.ca appreciate your massive undertaking.

[anormore]

Hi all, @gunnar-restorff your find was useful only in determining that indeed, the size is coming back because no resource is found.

"error": { "code": "ResourceNotFound", "message": "Resource could not be discovered.", "innerError": { "request-id": "aaaaaaaaa-bbbb-ccc-ddd-eeeeeee", "date": "2018-10-26T16:50:48" } }

No idea where to go next.

@jamesmcq How can I help?

[anormore]

Bandaid fix for photos and user syncing can be found here:

https://github.com/Microsoft/o365-moodle/issues/273

[jamesmcq]

Hi all - this should now be resolved in the latest release. Thanks for the report!