Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

az ad returns a Graph object without objectId property #22328

Closed
ausfestivus opened this issue May 10, 2022 · 5 comments
Closed

az ad returns a Graph object without objectId property #22328

ausfestivus opened this issue May 10, 2022 · 5 comments
Assignees
@jiasli
Labels
Auto-Assign Auto assign by bot common issue customer-reported Issues that are reported by GitHub users external to the Azure organization. Graph az ad
Milestone
Backlog

Comments

@ausfestivus
Copy link

Related command

az ad user list --filter "startswith(userPrincipalName, 'user1@dev.acme.com.au') or startswith(userPrincipalName, 'user2@dev.acme.com.au') or startswith(userPrincipalName, 'user3@dev.acme.com.au')" --query '[].objectId' -o tsv

Describe the bug
The output of the command changes depending on whether the GA CLI or Beta CLI is used.

To Reproduce

  1. Run the above command with the GA CLI and see results:
az version
{
  "azure-cli": "2.36.0",
  "azure-cli-core": "2.36.0",
  "azure-cli-telemetry": "1.0.6",
  "extensions": {}
}

az ad user list --filter "startswith(userPrincipalName, 'user1@dev.acme.com.au') or startswith(userPrincipalName, 'user2@dev.acme.com.au') or startswith(userPrincipalName, 'user3@dev.acme.com.au')" --query '[].objectId' -o tsv
The underlying Active Directory Graph API will be replaced by Microsoft Graph API in Azure CLI 2.37.0. Please carefully review all breaking changes introduced during this migration: https://docs.microsoft.com/cli/azure/microsoft-graph-migration
55f14c0d-7328-4495-aafa-608529099711
3ba298b6-3bc4-4ecb-ba91-5d937b27f1b5
0023964f-42ce-4b3e-b51f-0d583e99512a
  1. Run the above command with the Beta CLI and see results:
az version
{
  "azure-cli": "2.36.0.post20220505034434",
  "azure-cli-core": "2.36.0.post20220505034434",
  "azure-cli-telemetry": "1.0.6.post20220402024323",
  "extensions": {}
}

az ad user list --filter "startswith(userPrincipalName, 'user1@dev.acme.com.au') or startswith(userPrincipalName, 'user2@dev.acme.com.au') or startswith(userPrincipalName, 'user3@dev.acme.com.au')" --query '[].objectId' -o tsv
The underlying Active Directory Graph API will be replaced by Microsoft Graph API in Azure CLI 2.37.0. Please carefully review all breaking changes introduced during this migration: https://docs.microsoft.com/cli/azure/microsoft-graph-migration

Note that with the Beta CLI the command returns no results.

Expected behavior

The results returned should not change depending on which version of the CLI is used.

Environment summary

Additional context

If I remove the --query parameter from the beta cli I get:

az ad user list --filter "startswith(userPrincipalName, 'user1@dev.acme.com.au') or startswith(userPrincipalName, 'user2@dev.acme.com.au') or startswith(userPrincipalName, 'user3@dev.acme.com.au')" -o tsv

The underlying Active Directory Graph API will be replaced by Microsoft Graph API in Azure CLI 2.37.0. Please carefully review all breaking changes introduced during this migration: https://docs.microsoft.com/cli/azure/microsoft-graph-migration
1       Flintstone, Fred    Fred  55f14c0d-7328-4495-aafa-608529099711    Company Contractor      Fred.Flintstone@dev.acme.com.au        +61 000 000 000 None    None    Flintstone    user1@dev.acme.com.au
1       Flintstone, Dino    Dino    3ba298b6-3bc4-4ecb-ba91-5d937b27f1b5    IT Advisor      Dino.Flintstone@dev.acme.com.au        +61 000 000 000 None    None    Flintstone  user2@dev.acme.com.au
1       Flintstone, Pebbles     Pebbles 0023964f-42ce-4b3e-b51f-0d583e99512a    IT Manager      Pebbles.Flintstone@dev.acme.com.au      +61 000 000 000 None    None    Flintstone   user3@dev.acme.com.au
@ghost ghost added customer-reported Issues that are reported by GitHub users external to the Azure organization. Auto-Assign Auto assign by bot Graph az ad labels May 10, 2022
@ghost ghost assigned jiasli May 10, 2022
@ghost ghost added this to the Backlog milestone May 10, 2022
@yonzhan
Copy link
Collaborator

yonzhan commented May 10, 2022

@jiasli for awareness

@ausfestivus
Copy link
Author

ausfestivus commented May 10, 2022
edited
Loading

Okay, I think I know whats happening here.

az ad user list --filter "startswith(userPrincipalName, 'user1@dev.acme.com.au') or startswith(userPrincipalName, 'user2@dev.acme.com.au') or startswith(userPrincipalName, 'user3@dev.acme.com.au')" --query '[].id -o tsv

I see the expected result. Seems like this is a result of a different key name in the response. With AAD Graph the return is named 'objectId'. With MS Graph it's just 'id'.

Feels like this (and probably other instances elsewhere im sure) should be added to https://docs.microsoft.com/en-us/cli/azure/microsoft-graph-migration?view=azure-cli-latest&tabs=powershell#breaking-changes

@jiasli
Copy link
Member

jiasli commented May 10, 2022
edited
Loading

Exactly. objectId from AD Graph has been replaced by id in Microsoft Graph, as documented by https://docs.microsoft.com/en-us/graph/migrate-azure-ad-graph-property-differences#directoryobject-property-differences

Feels like this (and probably other instances elsewhere im sure) should be added to https://docs.microsoft.com/en-us/cli/azure/microsoft-graph-migration?view=azure-cli-latest&tabs=powershell#breaking-changes

Azure CLI prints the JSON returned by Microsoft Graph as-is, so https://docs.microsoft.com/en-us/graph/migrate-azure-ad-graph-property-differences#directoryobject-property-differences should be the single source of truth.

@jiasli jiasli changed the title beta cli returning zero results in command az ad user list when there is a --query parameter beta cli returning zero results in command az ad user list when there is a --query parameter with objectId May 30, 2022
@jiasli jiasli mentioned this issue May 30, 2022
Closed
@jiasli
Copy link
Member

jiasli commented May 30, 2022
edited
Loading

Feels like this (and probably other instances elsewhere im sure) should be added to https://docs.microsoft.com/en-us/cli/azure/microsoft-graph-migration?view=azure-cli-latest&tabs=powershell#breaking-changes

Added as requested: MicrosoftDocs/azure-docs-cli#3122

Now https://learn.microsoft.com/en-us/cli/azure/microsoft-graph-migration reads:

the most outstanding change is that id replaces the objectId property in the output JSON of a Graph object.

@jiasli jiasli changed the title beta cli returning zero results in command az ad user list when there is a --query parameter with objectId az ad returns a Graph object without objectId property May 30, 2022
This was referenced Oct 25, 2023
Closed
Closed
@jiasli
Copy link
Member

jiasli commented Oct 26, 2023

Actions we took to announce the Microsoft Graph migration:

  1. Show in-tool warning before and after the migration:
    1. [Role] Add warning to role and ad commands about Microsoft Graph migration #21302
    2. {Graph} Finalize the version with Microsoft Graph support to 2.37.0 #21732
    3. [Role] az ad/role: Azure AD Graph API to Microsoft Graph API migration #22432
    4. {Graph} Remove the warning for Microsoft Graph migration #22612
  2. Provide documentation and instruction for the migration: https://learn.microsoft.com/en-us/cli/azure/microsoft-graph-migration
  3. Announce the migration in the release history: https://learn.microsoft.com/en-us/cli/azure/release-notes-azure-cli#may-24-2022
  4. Create and pin Azure CLI is migrated to Microsoft Graph in 2.37.0 #22580 from May 24, 2022 to Oct 19, 2022.

However, if someone skips all versions through 2.34.0 and 2.37.0 and also doesn't check the documents or GitHub repo, they will not be able to see any warnings for the breaking change. I think that's why we are receiving issues again recently for breaking changes caused by Microsoft Graph migration.

@philomory philomory mentioned this issue Dec 19, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jiasli jiasli

Labels
Auto-Assign Auto assign by bot common issue customer-reported Issues that are reported by GitHub users external to the Azure organization. Graph az ad
Projects
None yet
Milestone
Backlog
Development

No branches or pull requests
3 participants
@jiasli @ausfestivus @yonzhan