Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Creation of logical application in AzureAD connector

anjali_5
New Contributor
New Contributor

‎09/02/2024 04:24 AM

I want to create an endpoint for an AzureAD based logical application which will fetch users and roles in to Saviynt through AzureAD connection. The connection type is AzureAD. Can we create an endpoint for this logical application  through Endpoint filter parameter in Saviynt ? Also, can provisioning/deprovisioning of access be done for this endpoint ?

Labels:
0 Kudos
11 REPLIES 11

rushikeshvartak
All-Star
All-Star

‎09/02/2024 06:45 AM

  • Yes endpoint filter will create logical applications 
  • and provisioning will be done for logical and technical applications using same azuread connector

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

anjali_5
New Contributor
New Contributor
In response to rushikeshvartak

‎09/02/2024 11:04 PM

Thanks Rushikesh.

Do the groups under AzureAD logical application need to be present in AzureAD before we perform groups import process in Saviynt?

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to anjali_5

‎09/03/2024 06:54 AM

Not mandatory. whenever its created after recon it will be filtered


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

anjali_5
New Contributor
New Contributor
In response to rushikeshvartak

‎09/05/2024 12:20 AM

We have AzureAD connector for add/remove access. Now we are seeing the below error. Is this error throwing from Azure AD application? or is there any issue at our connector configuration?

{"auditDetails":{"AADGroup":[{"headers":null,"message":{"error":{"code":"Request_ResourceNotFound","message":"Resource '255a0d0d-4369-43ea-838c-960d5a6c5143' does not exist or one of its queried reference-property objects are not present.","innerError":{"date":"2024-09-05T07:10:03","request-id":"559f192f-670e-4e25-b58a-ff5ff369c8a7","client-request-id":"559f192f-670e-4e25-b58a-ff5ff369c8a7"}}},"statusCode":404,"description":null,"status":"Failed"}]},"AADGroup":{"headers":null,"message":{"error":{"code":"Request_ResourceNotFound","message":"Resource '255a0d0d-4369-43ea-838c-960d5a6c5143' does not exist or one of its queried reference-property objects are not present.","innerError":{"date":"2024-09-05T07:11:00","request-id":"74eef95a-c94c-42a2-97e4-32554fd8abd7","client-request-id":"74eef95a-c94c-42a2-97e4-32554fd8abd7"}}},"statusCode":404,"description":null,"status":"Failed"}}

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to anjali_5

‎09/05/2024 11:23 AM

  • Azure Security groups is deleted from azure ad 

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

anjali_5
New Contributor
New Contributor
In response to rushikeshvartak

‎09/05/2024 10:31 PM

Another issue : User is having an existing AzureAD account . Now I am requesting for an Azurebased logical application to be assigned to that same user. After request is approved, new account task and add access task are created for that logical endpoint . But running provisioning jo, the tasks are still in pending task  and new account task has an provisioning comment provided below

ERROR:

{"call1":{"headers":null,"message":{"error":{"code":"Request_BadRequest","message":"Another object with the same value for property userPrincipalName already exists.","details":[{"code":"ObjectConflict","message":"Another object with the same value for property userPrincipalName already exists.","target":"userPrincipalName"}],"innerError":{"date":"2024-09-06T05:23:48","request-id":"xxxxxxxxxxxxxxxx","client-request-id":"xxxxxxxxxxxxxxxxxxxxxxxxx"}}},"statusCode":400,"description":null,"status":"Failed"}}

 

What does this error mean and how to resolve it ?

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to anjali_5

‎09/05/2024 10:33 PM

Use entitlementsOnly under secuirty system


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

anjali_5
New Contributor
New Contributor

‎09/05/2024 10:36 PM

Can you please elaborate ?

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to anjali_5

‎09/05/2024 10:42 PM

rushikeshvartak_0-1725601321392.png

 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

anjali_5
New Contributor
New Contributor
In response to rushikeshvartak

‎09/05/2024 11:42 PM

Add access task has been created for one endpoint and got completed also. User got the access of AzureAD endpoint . But add access task for other endpoint under AzureAD is still in pending task without any provisioning comment .

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to anjali_5

‎09/06/2024 07:29 AM

Run WsRETRY for specific task and share logs


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos
Copyright © 2024 Khoros, LLC