diff --git a/src/Jobs/Handler/SynchroniseUserdb.hs b/src/Jobs/Handler/SynchroniseUserdb.hs
index 210977893..dab3233a0 100644
--- a/src/Jobs/Handler/SynchroniseUserdb.hs
+++ b/src/Jobs/Handler/SynchroniseUserdb.hs
@@ -11,8 +11,10 @@ import Import
 
 import qualified Data.CaseInsensitive as CI
 import qualified Data.Conduit.List as C
+import qualified Data.UUID as UUID
 
 import Auth.LDAP
+import Auth.OAuth2
 import Foundation.Yesod.Auth (CampusUserConversionException, upsertLdapUser, upsertAzureUser)
 
 import Jobs.Queue
@@ -44,23 +46,25 @@ dispatchJobSynchroniseUserdb numIterations epoch iteration
 
 dispatchJobSynchroniseUserdbUser :: UserId -> JobHandler UniWorX
 dispatchJobSynchroniseUserdbUser jUser = JobHandlerException $ do
-  UniWorX{..} <- getYesod
-  case appUserSourceConf of
-    UserSourceConfSingleSource (UserSourceLdap ldapConf) ->
+  userSourceConf <- getsYesod $ view _appUserSourceConf
+  case userSourceConf of
+    UserSourceConfSingleSource (UserSourceLdap _ldapConf) ->
       runDB . void . runMaybeT . handleExc $ do
+        ldapPool <- MaybeT . getsYesod $ view _appLdapPool
         user@User{userIdent,userLdapPrimaryKey} <- MaybeT $ get jUser
         let upsertIdent = maybe userIdent CI.mk userLdapPrimaryKey
         $logInfoS "SynchroniseUserdb" [st|Synchronising #{upsertIdent} with LDAP|]
         -- reTestAfter <- getsYesod $ view _appUserdbRetestFailover
         -- ldapAttrs <- MaybeT $ campusUserReTest' ldapConf ((>= reTestAfter) . realToFrac) FailoverUnlimited user
-        ldapAttrs <- MaybeT $ ldapUser ldapConf user
+        ldapAttrs <- MaybeT $ ldapUser' ldapPool user
         void . lift $ upsertLdapUser (UpsertUserSync upsertIdent) ldapAttrs
     UserSourceConfSingleSource (UserSourceAzureAdV2 azureConf) ->
       runDB . void . runMaybeT . handleExc $ do
         user@User{userIdent,userAzurePrimaryKey} <- MaybeT $ get jUser
-        let upsertIdent = maybe userIdent CI.mk userAzurePrimaryKey
+        let upsertIdent = maybe userIdent (CI.mk . UUID.toText) userAzurePrimaryKey -- TODO: use userPrincipalName
         $logInfoS "SynchroniseUserdb" [st|Synchronising #{upsertIdent} with Azure|]
-        void . lift $ upsertAzureUser (UpsertUserSync upsertIdent) azureConf
+        azureAttrs <- MaybeT $ azureUser' azureConf user
+        void . lift $ upsertAzureUser (UpsertUserSync upsertIdent) azureAttrs
   where
     handleExc :: MaybeT DB a -> MaybeT DB a
     handleExc