Issue Summary

Performing directory synchronization on Entra ID integration in Crowd results in failures due to duplicate user entries returned across multiple pages from the Microsoft Graph API /users/delta endpoint. This occurs when user modifications happen during synchronization, causing the API to return the same user multiple times across different pages.

This is reproducible on Data Center: Yes

Steps to Reproduce

1. Configure Crowd to synchronize with an Entra ID directory using the Microsoft Graph API /users/delta endpoint.
2. Initiate directory synchronization while modifications are being made to user accounts in Entra ID.

Expected Results

Crowd should handle duplicate user entries safely by recognizing that modifications occurred during pagination and continuing synchronization without aborting the operation.

Actual Results

Crowd fails synchronization when duplicate users appear on different pages of the /users/delta API response. This prevents the synchronization from completing.

The below exception is thrown in the application logs:

ERROR [atlassian.crowd.directory.DbCachingRemoteDirectory] Exception occured when performing full synchronization
java.lang.IllegalStateException: Found users with duplicate name 'username@example.com', ids: '9a7b3c21-552d-4999-b8d2-1f3a9a87c2b5', '9a7b3c21-552d-4999-b8d2-1f3a9a87c2b5'

Workaround

Currently, there is no known workaround for this behavior other than ensuring no user modifications occur during synchronization.
A workaround will be added here when available.