cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Errors occurring every day in the Azure Provisioning Logs

ittemp
Listener

‎2023-06-22 08:01 AM

I am seeing the following error, when using Azure Enterprise Application for Zoom, in the Azure Provisioning logs:

 

Failed to create User '***********' in Zoom; Error: StatusCode: Conflict

Message: Processing of the HTTP request resulted in an exception. Please see the HTTP response returned by the  "Response" property of this exception for details.

We Response:

{"schemas":[urn:ietf:params:scim:api:messages:2.0:Error:], "detail": "You can't add paid users.","status":409}. This operation was retried 5 times. It will be retried again after this date:

 

Any ideas would be very helpful?

 

Thank you!

Russ

Topics:
11 REPLIES 11

EB-CL
Listener

‎2023-07-13 02:03 PM

I have the exact same issue provisioning new users from AAD to Zoom

dougmercer
Listener

‎2023-09-01 02:27 PM

Having the same issue.. 

0 Likes

Ray_Harwood
Community Champion | Customer
Community Champion | Customer
In response to dougmercer

‎2023-09-01 06:16 PM

Welcome to the Zoom Community, @dougmercer.

 

Based on the context of this thread, these questions are more appropriate for the Developers Forum at https://developers.zoom.us/


Ray - Need cost-effective Zoom Events Help? Visit Z-SPAN.com.
Please click Accept As Solution if this helped you !
0 Likes

EB-CL
Listener
In response to dougmercer

‎2023-09-11 09:02 AM

The issue was resolved for my situation with Zoom Engineer support after I raised a ticket. Essentially the attribute mapping defined in the documentation was incorrect and it was Zoom internal information for AAD attribute mapping that fixed the issue. 

0 Likes

Dusty_Miles
Listener
In response to EB-CL

‎2024-02-08 10:36 AM

Any chance you have some screenshots from that ticket that I could see? I have opened a ticket but it's going on 20 days without them knowing what to do.

0 Likes

dougmercer
Listener
In response to Dusty_Miles

‎2024-02-08 11:11 AM

I am interested in a screenshot with those attributes. 

 

After rebuilding it a few different ways, I realized it was due to provisioning a licensed user. Zoom doesn't like that Azure is creating a new user with the assignment of a paid license. My workaround is changing the setting in Zoom to provision 'At Login' instead of 'Prior to Sign in'. After the user attempts to sign in it creates an account in Zoom with the paid license with no issue. After the account is created in Zoom then it doesn't mind provisioning the user if you need to update information around the user. Again, this seems to be based on the license assignment when trying to create a new account. Another workaround is updating the Role assigned under 'Users and groups' to 'Basic' then logging into Zoom and assigning the license.

0 Likes

EB-CL
Listener
In response to dougmercer

‎2024-02-08 11:25 AM

I have the ticket number but I'm unable to view the specific notes from the ticket. 
I also think because our org is on enterprise I was able to get a quick response from.

At the time this attribute was hidden in the "advanced options" section under attribute mapping for Zoom. Also there was no public documentation on this at the time, only internal Zoom. 

The Zoom support engineer created this attribute for me which allowed our users to provision over successfully licensed. My understanding though was that this was a "workaround" because we only use 1 license type. This would not necessarily work for orgs with multiple licenses. 

EBCL_0-1707420188308.png
That is the attribute that was created that resolved this. Other attribute mapping is just defaults.

EBCL_1-1707420332704.png

 

 

Dusty_Miles
Listener
In response to EB-CL

‎2024-02-08 12:09 PM

Okay so that is the same attribute they gave us. My problem was they told me to create a new user in Azure to test it but we create our users in an "on-prem" version of AD that then syncs to Azure so I asked what we put as a value for the extensionAttribute but the guy didn't give me an answer. Do you fill extension Attribute15 in with anything when you create new users?

0 Likes

EB-CL
Listener
In response to Dusty_Miles

‎2024-02-15 10:42 AM

No I did not use anything for extension Attribute 15. It has been left blank for users. 

0 Likes

Dusty_Miles
Listener
In response to EB-CL

‎2024-02-15 10:52 AM

Thanks. I appreciate the responses. You've been quicker help than my ticket!

PCADesign
Listener

‎2024-03-04 01:20 PM

Thank you all VERY much for leading me down the right road! I ran into exactly the same issues. With a Zoom engineer, we followed exactly these steps with one small addition (in bold below):

  • https://portal.azure.com/?Microsoft_AAD_Connect_Provisioning_forceSchemaEditorEnabled=true#home
    (important - start from this link in order to add a custom attribute)
  • Microsoft Entra ID > Enterprise Applications (sidebar) > Select your Zoom app > Provisioning (sidebar) > Edit Provisioning (at top) > Expand Mappings > Click "Provision Microsoft Entra ID Users" > Check "Show advanced options" > Click "Edit attribute list for Zoom"
  • Add a new attribute to the list
    • Name: urn:ietf:params:scim:schemas:extension:zoom:1.0:User:zoomOneBizPlus
    • Leave type as "String" and all boxes blank
    • Save
  • Return to "Attribute Mapping" page
  • Add New Mapping
    • Mapping Type: Direct
    • Source attribute: extensionAttribute15 (or any other user attribute that is not set)
    • Default value if null (optional): 16
    • Target attribute: urn:ietf:params:scim:schemas:extension:zoom:1.0:User:zoomOneBizPlus
    • Match objects using this attribute: No
    • Apply this mapping: Always
    • Click OK
  • Test provisioning again
0 Likes