Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

:Error Illegal character in path at index 55 in nAzure AD Access Import Job

Pravallika_t
New Contributor III
New Contributor III

Hello,

The Azure AD access import job is failing with below error:

Pravallika_t_0-1717539682145.png

in Logs I have found Illegal character error like : 

[error:Error Illegal character in path at index 55: https://graph.microsoft.com/v1.0/directoryRoles/billing administrator/members]

Pravallika_t_1-1717539746856.png

we are using Azure AD Type connection for bringing Accounts and entitlements and only want to bring certain entitlement types. Below are the jSONs we are using

{
"entitlementAttribute": {
"AADGroup": {
"colsToPropsMap": {
"entitlementID": "id~#~char",
"entitlement_value": "displayName~#~char",
"customproperty1": "deletionTimestamp~#~char",
"customproperty2": "description~#~char",
"customproperty5": "dirSyncEnabled~#~char",
"customproperty6": "lastDirSyncTime~#~char",
"customproperty7": "mail~#~char",
"customproperty8": "mailEnabled~#~char",
"customproperty9": "onPremisesSecurityIdentifier~#~char",
"customproperty10": "securityEnabled~#~char",
"customproperty11": "groupTypes~#~listAsString",
"customproperty12": "membershipRule~#~char",
"customproperty13": "membershipRuleProcessingState~#~char",
"customproperty16": "resourceProvisioningOptions~#~char"
}
},
"AADGroupOwners": {
"colsToPropsMap": {
"entitlementID": "id~#~char",
"entitlement_value": "displayName~#~char",
"customproperty14": "ownerIdList~#~char",
"customproperty15": "ownerTypeList~#~char"
}
},

"DirectoryRole": {
"colsToPropsMap": {
"entitlementID": "id~#~char",
"entitlement_value": "displayName~#~char",
"customproperty4": "description~#~char",
"customproperty6": "deletedDateTime~#~char",
"customproperty8": "roleTemplateId~#~char"
}
}

}
}

And In job we have configured custom access JSON as follows:

{
"importEntTypes": {
"DirectoryRole": {},
"DirectoryRoleMember": {},
"AADGroup": {}
},
"excludeEntTypes": {
"Application": {},
"AppRole": {},
"Oauth2Permission": {},
"ServicePlans": {},
"ApplicationInstance": {},
"Subscription": {},
"Team": {},
"MemberPermission": {},
"GuestPermission": {},
"Channel": {},
"SKU": {}
}
}

3 REPLIES 3

rushikeshvartak
All-Star
All-Star
  • Does directory role having member in azure ?

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Pravallika_t
New Contributor III
New Contributor III

@rushikeshvartak Yes there are members present in Directory Roles. We have figured out the issue, there are two entitlements with same Role template ID and one was created in Saviynt and not present in Azure AD. This was creating issue and we have rectified it. 

Thanks for the response.

This is known behavior if entitlementID is blank in saviynt and same group tries to create it will throw error.

👍Please click the 'Accept As Solution' button on the reply (or replies) that best answered your original question.


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.