I would like to know if any of you have configured Azure AD 'User Name' mapping (Cloud Identity Providers) with the onPremisesSamAccountName attribute (instead of userPrincipalName).
Because it was working fine and since we are in Jamf 10.33 it doesn't seem to work anymore.
When we try to search for a user, we get the following error in the logs:
com.microsoft.graph.http.GraphServiceException: Error code: Request_UnsupportedQuery
Error message: Unsupported or invalid query filter clause specified for property 'onPremisesSamAccountName' of resource 'User'.
Just ran into this today... sure looks like jamf needs to tweak the graph API query they're using here. Came across this post when researching the error: https://docs.microsoft.com/en-us/answers/questions/577870/filtering-on-onpremisessamaccountname-is-n...
Reproducing the jamf graph query in graph explorer results in the same error, adding the mentioned headers and count variable make the search completely successfully - it looks like searching on onpremisessamaccountname turns this into an advanced query, requiring the extra headers and $count=true that jamf doesn't currently appear to be sending to graph.