Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Azure AD Group Creation issue

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on June 26 2020 at 15:28 UTC

I am trying to create an Azure AD Group using SSM to Azure AD. As per documentation, REST connection is used for provisioning. But, there is no CreateGroupJSON or equivalent parameter in a REST connection. And Azure AD connection has a parameter called CreateGroupJSON.

The issue is when I use the REST connection as the Provisioning Connection for the Azure AD connection type, a pending task is created of type "Create Entitlement". But when WSRETRY Job is run, the pending task does not get completed without any provisioning comments.

And when I use the Azure AD connection as provisioning connection in security system, and when the WSRETRY job runs, the following provisioning comment is shown in Pending Task:

image




This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
2 REPLIES 2

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on June 26 2020 at 15:43 UTC

A typo in the second paragraph, I meant, "when I use the REST connection as the Provisioning Connection for the Azure AD security system"

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on June 30 2020 at 08:00 UTC

Hi Anupam,


Kindly update JSON for CreateGroupJSON in the Azure AD connection and map Azure AD connection as provisioning connection for creating group in the target.

In 5.5, we need to map Azure AD as provisioning connection for group management usecases.

We have added capability to handle Group Management and REST based Provisioning at the same time from v6.0 where we dont need to map Azure AD as provisioning connection for group management to work.


Thanks,

Lokesh S

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.