- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-08-2020 02:56 AM
Good morning,
I am currently on the journey to integrate inTune with ServiceNow. Part of this integration requires me to pull everyones UserID from AAD and import that into our sys_user table. The import matches onPremiseSamAccountName and then updates the users record with the AAD user ID.
The API GET message I am currently using is,
https://graph.microsoft.com/v1.0/users?$top=999&$select=id,onPremisesSamAccountName
When I first used the get message I would only pull back 100 records as this is apparently the default, so a $top=999 was also included to take that to 999 records as this appears to be the max.
We have more than 999 users so has anyone come across this issue before and how did they resolve the issue?
Solved! Go to Solution.
- Labels:
-
Integrations
-
Scripting and Coding
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-28-2020 12:32 AM
I have finally managed to get a script working that allows me to pull all records from AAD and bypass the 999 record limit.
Some things I found that really helped me get to the point below
The end points have to be dynamic as it will need to change through every cycle in the WHILE loop. So I decided to set it from within the script instead.
I added message logs so I could keep track on how many cycles through the WHILE loop it did.
Its important that you redefine the nextPage variable in the WHILE loop to nextLink URL or else you'll pull back the same page and forever be in a loop - Yes I did that
I don't know if the below script is the best way to achieve the desired results but it does work. It might give you something to build on because currently I cant find anything out there.
SIDE NOTE: When you import the records it seems to create an import set per record which I havent looked into yet. I don't like that it does that but thats another issue for another day.
try {
var r = new sn_ws.RESTMessageV2('Intune - AAD - Get users details', 'GET');
r.setEndpoint('https://graph.microsoft.com/v1.0/users?$top=999&$select=id,onPremisesSamAccountName');
var response = r.execute();
var jsonString = response.getBody();
var parser = new JSONParser();
var parsed = parser.parse(jsonString);
var nextPage = parsed['@odata.nextLink'];
var count = 0;
gs.log('BEFORE FOR LOOP', 'worflow');
for(i = 0; i < parsed.value.length; i++){
var user = new GlideRecord('u_azure_user_integration');
user.initialize();
user.u_id = parsed.value[i].id;
user.u_onpremisessamaccountname = parsed.value[i].onPremisesSamAccountName;
user.insert();
}
gs.log('BEFORE WHILE', 'worflow');
while(nextPage.indexOf("$skiptoken")){ //This continues the loop until no nextLink is sent with response
var q = new sn_ws.RESTMessageV2('Intune - AAD - Get users details', 'GET');
q.setEndpoint(nextPage);
var response1 = q.execute();
var jsonString1 = response1.getBody();
var parser1 = new JSONParser();
var parsed1 = parser1.parse(jsonString1);
nextPage = parsed1['@odata.nextLink'];
count++;
gs.log('CYCLE 1', 'worflow');
for(i = 0; i < parsed1.value.length; i++){
var user1 = new GlideRecord('u_aad_user_import');
user1.initialize();
user1.u_id = parsed1.value[i].id;
user1.u_onpremisessamaccountname = parsed1.value[i].onPremisesSamAccountName;
user1.insert();
}
}
}
catch(ex) {
var message = ex.message;
}
I hope this helps someone. I also have other information that has really helped me with Graph so if you need a hand let me know...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-27-2020 02:02 PM
Hi Darren,
Is it feasible to push data to intune by Graph
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-28-2020 12:21 AM
Good morning,
At present I am unaware of any options to push data to inTune via Graph as all of the work has revolved around me pulling information from inTune.
I have however just taken a look at up coming API calls that are in Beta and about to be released, and they do show the ability to change settings.
Example
POST /deviceAppManagement/vppTokens/{vppTokenId}/revokeLicenses
Here is a useful site on MS that allowed me to get the information I needed.
Something I nearly slipped up on is that many of the beta API calls currently work but should not be used in production environments. Might seem obvious to some but I nearly fell short on that.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-28-2020 12:32 AM
I have finally managed to get a script working that allows me to pull all records from AAD and bypass the 999 record limit.
Some things I found that really helped me get to the point below
The end points have to be dynamic as it will need to change through every cycle in the WHILE loop. So I decided to set it from within the script instead.
I added message logs so I could keep track on how many cycles through the WHILE loop it did.
Its important that you redefine the nextPage variable in the WHILE loop to nextLink URL or else you'll pull back the same page and forever be in a loop - Yes I did that
I don't know if the below script is the best way to achieve the desired results but it does work. It might give you something to build on because currently I cant find anything out there.
SIDE NOTE: When you import the records it seems to create an import set per record which I havent looked into yet. I don't like that it does that but thats another issue for another day.
try {
var r = new sn_ws.RESTMessageV2('Intune - AAD - Get users details', 'GET');
r.setEndpoint('https://graph.microsoft.com/v1.0/users?$top=999&$select=id,onPremisesSamAccountName');
var response = r.execute();
var jsonString = response.getBody();
var parser = new JSONParser();
var parsed = parser.parse(jsonString);
var nextPage = parsed['@odata.nextLink'];
var count = 0;
gs.log('BEFORE FOR LOOP', 'worflow');
for(i = 0; i < parsed.value.length; i++){
var user = new GlideRecord('u_azure_user_integration');
user.initialize();
user.u_id = parsed.value[i].id;
user.u_onpremisessamaccountname = parsed.value[i].onPremisesSamAccountName;
user.insert();
}
gs.log('BEFORE WHILE', 'worflow');
while(nextPage.indexOf("$skiptoken")){ //This continues the loop until no nextLink is sent with response
var q = new sn_ws.RESTMessageV2('Intune - AAD - Get users details', 'GET');
q.setEndpoint(nextPage);
var response1 = q.execute();
var jsonString1 = response1.getBody();
var parser1 = new JSONParser();
var parsed1 = parser1.parse(jsonString1);
nextPage = parsed1['@odata.nextLink'];
count++;
gs.log('CYCLE 1', 'worflow');
for(i = 0; i < parsed1.value.length; i++){
var user1 = new GlideRecord('u_aad_user_import');
user1.initialize();
user1.u_id = parsed1.value[i].id;
user1.u_onpremisessamaccountname = parsed1.value[i].onPremisesSamAccountName;
user1.insert();
}
}
}
catch(ex) {
var message = ex.message;
}
I hope this helps someone. I also have other information that has really helped me with Graph so if you need a hand let me know...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-04-2021 05:59 AM
Hi Darren,
In this for every record insert it will create import set record. so did you find any solution for this. I have done same like you but not working. can you share your final script?
