- Add params verify, Useful when you have a firewall that performs SSL inspection, you can mention the firewall certificate in configuration file.
- Remove password and mail for login azure, switch to lib msal
- Replace DIY cache, by official cache in msal
- Add params : calculate_deletions_based_on_last_sync in config file. (allows you not to retrieve the list of users and groups from Azure, thereby limiting the number of requests to Azure)
- Add params : synchronization_interval_service in config file. (allows in service mode to define the synchronization interval)
- Add params : use_get_syncobjects in config file. (allows you not to use get_syncobjects (necessary to retrieve the immutableid of the groups)
- Add args for run : --service-mode (allows you to launch the script in service mode)
- Add params : basedn_user,basedn_group, filter_user and filter_group in config file.
- Add args for run : --conf, --force, --dryrun, --logfile
- Improve log (json format)
- Add use_novell_get_universal_password params in conf (not testing),
- toggle from uidnumber/guidnumber to sambaSID in the example. Added sourceanchorattr_user_is_sid and sourceanchorattr_group_is_sid parameters to conform to how Azure Ad Connect Windows works (base64 encoding of a binary attribute, sid is binary) old uidnumber/gidnumber mode is still available
- FIX "expireOn" delta calculation, this would generate an expired token error. "expireOn" is not in UTC...
- Multi-factor authentication support. Use the old token to regenerate a new token. The tenant id is now required in conf file For the first run an external authentication and a copy paste will be necessary
- New available option in conf file : tenant_id, save_to_cache, use_cache , credential_cache_file
- Add tls connection options for ldap connection
- First Commit