Azure AD 'User Name' mapping with onPremisesSamAccountName

Contributor III


I would like to know if any of you have configured Azure AD 'User Name' mapping (Cloud Identity Providers) with the onPremisesSamAccountName attribute (instead of userPrincipalName).

Because it was working fine and since we are in Jamf 10.33 it doesn't seem to work anymore.
When we try to search for a user, we get the following error in the logs: Error code: Request_UnsupportedQuery
Error message: Unsupported or invalid query filter clause specified for property 'onPremisesSamAccountName' of resource 'User'.


Thank you


New Contributor

Just ran into this today... sure looks like jamf needs to tweak the graph API query they're using here. Came across this post when researching the error:

Reproducing the jamf graph query in graph explorer results in the same error, adding the mentioned headers and count variable make the search completely successfully - it looks like searching on onpremisessamaccountname turns this into an advanced query, requiring the extra headers and $count=true that jamf doesn't currently appear to be sending to graph.

Contributor III

Hi @abremel 

Thanks for the explanation.
So far Jamf still hasn't solved the problem.

My last reply from support was that it's now an open product issue, but as is standard with those... no ETA.

From support: "This is a open Product Issue, PI103710. Currently the only workaround is to use different username mapping. "

Ok thank you for this information.
I had just created a Support ticket....

If it's a Product Issue that's already open, all we have to do is wait.

Thank you