Click HERE to see how Saviynt Intelligence is transforming the industry. |
10/30/2023 08:58 AM
Hi Team,
We have Azure AD connector to import Azure AD accounts and entitlements.
How can we make sure that the Microsoft Entra roles information is reconciled to Saviynt from Azure AD.
Regards,
Peter
10/31/2023 12:23 AM
Hi @PeterRaja
Could you please refer to the below list of supported import features by Azure AD connector. it shows App Role and Directory Roles however I don't see Entra roles in the supported list.
Supported Features (saviyntcloud.com)
Regards,
Dhruv Sharma
If this reply answered your question, please accept it as Solution to help others who may have a similar problem.
11/26/2023 10:01 PM
Hi Dhruv,
Looks like customer is using JIT access which may not be part of the members in that group. See below for more details.
Active means the role in M365 is permanently assigned where as eligible means they can use it through PIM JIT.
From a conversation with a sysadmin it seems that the eligible element is a configuration in PIM and not an entitlement in Azure AD so this may be what prevents Saviynt from seeing it.
Let me know if you have any idea or other way around to import those JIT access members.
Regards,
Peter
11/28/2023 08:26 AM
Hi @PeterRaja
Thanks for reaching out regarding the above issue.
For now, Azure PIM is not supported in EIC and is in Roadmap.
Could you please provide detailed information regarding the use case. We will check it further and let you know.
Regards,
Dhruv Sharma