Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Manage Azure AD Groups Screens not Loading Properly

vermilyacd1
Regular Contributor
Regular Contributor

‎05/09/2022 12:01 PM

When trying to Create an Azure AD Group, the screen does not match the documentation. What settings need to be in place to show the Azure AD specific Create Group screen?

I'm expecting this (from the documentation (https://saviynt.freshdesk.com/support/solutions/articles/43000582534-managing-azure-ad-groups#Managi...😞 

vermilyacd1_0-1652122768044.png

But instead, only see this (the generic role creation screen)

vermilyacd1_1-1652122823729.png

I have set an approval workflow on the AADGroup Entitlement Type screen.

This is in v2020.

Labels:
0 Kudos
22 REPLIES 22

Nikitaj
Saviynt Employee
Saviynt Employee

‎05/09/2022 10:42 PM

Hi,

Please navigate to ARS->Create AAD Group

You will be able to see the desired screen. 

Nikitaj_0-1652161301595.png

Thanks

Nikita


Thanks
Nikita
0 Kudos

vermilyacd1
Regular Contributor
Regular Contributor

‎05/10/2022 04:37 AM

Hi @Nikitaj, this is the root of the problem... When I click Create AAD Group, I don't get the Create AAD Group Screen, I get the generic Create Role screen (see screenshots in the original post). The system is not recognizing that I'm trying to create an AAD Group.

0 Kudos

Nikitaj
Saviynt Employee
Saviynt Employee
In response to vermilyacd1

‎05/10/2022 04:46 AM - edited ‎05/10/2022 04:48 AM

Hi,

Could you please add this to your SAV Role, it would be missing from there.

Please navigate to Admin->SAV Roles->choose the SAV Role-> Create Request Home Option->Select Group To Create and add AAD Group. 

Thanks

Nikita

Nikitaj_1-1652183300429.png

 


Thanks
Nikita
0 Kudos

Nikitaj
Saviynt Employee
Saviynt Employee

‎05/10/2022 04:47 AM - edited ‎05/10/2022 04:49 AM

 

 

 


Thanks
Nikita
0 Kudos

vermilyacd1
Regular Contributor
Regular Contributor

‎05/10/2022 04:49 AM

Yep, I saw this in another post and I already have that in place but still no luck.

vermilyacd1_0-1652183352769.png

 

0 Kudos

Nikitaj
Saviynt Employee
Saviynt Employee

‎05/10/2022 10:47 PM

Hi,

In that case please check the JSON where you have defined the Azure AD Group, something is missing there .

Thanks

Nikita


Thanks
Nikita
0 Kudos

vermilyacd1
Regular Contributor
Regular Contributor

‎05/13/2022 06:23 AM

Would the reconciliation settings affect how the Create AAD Group screen is showing? I don't see any errors in the JSON, please see below. Am I missing anything? This is from the documentation.

{
"entitlementAttribute": {
"AADGroup": {
"colsToPropsMap": {
"entitlementID": "id~#~char",
"entitlement_value": "displayName~#~char",
"customproperty1": "deletionTimestamp~#~char",
"customproperty2": "description~#~char",
"customproperty5": "dirSyncEnabled~#~char",
"customproperty7": "mail~#~char",
"customproperty8": "mailEnabled~#~char",
"customproperty9": "onPremisesSecurityIdentifier~#~char",
"customproperty10": "securityEnabled~#~char",
"customproperty11": "groupTypes~#~listAsString",
"customproperty12": "membershipRule~#~char",
"customproperty13": "membershipRuleProcessingState~#~char",
"customproperty16": "resourceProvisioningOptions~#~char"
}
}
}
}

0 Kudos

avinashchhetri
Saviynt Employee
Saviynt Employee

‎05/13/2022 06:56 AM

Something does not look right here. When the pre-requisites are not set for the Group  Management, on clicking the tile, it basically loads the same page again.Here you are getting a different page altogether. This might require looking into the logs and troubleshooting further. I'd think a support tiket would be apt for this issue.

 

Regards,

Avinash Chhetri

Regards,
Avinash Chhetri
0 Kudos

vermilyacd1
Regular Contributor
Regular Contributor

‎05/17/2022 12:46 PM

Still waiting on Saviynt operations to respond to the ticket but in the meantime, the reconciliation is also not working. It seems the AzureAD Connector completely ignores the entitlement mapping. The recon is failing because the data in custompropert14 is too long (it is being truncated). I'm not even mapping customproperty 14 (see my JSON above)!

Any ideas? This has turned into a major blocker.

0 Kudos

sahajranajee
Saviynt Employee
Saviynt Employee
In response to vermilyacd1

‎05/18/2022 05:56 AM

Hello,

AzureAD connector is an OOTB connector and if its OOTB mappings are facing truncation issue, please raise the severity of the freshdesk ticket and work with Support on getting a fix from engineering for the issue.


Regards,
Sahaj Ranajee
Sr. Product Specialist
0 Kudos

vermilyacd1
Regular Contributor
Regular Contributor

‎05/18/2022 06:55 AM

Any tips @sahajranajee  to prompt a response on the ticket? It's been open for a week and has not been touched. The CSM for this client is pushing as well but we never get any movement.

0 Kudos

jasonb
New Contributor III
New Contributor III

‎07/11/2022 01:25 PM

Was this issue ever resolved?  I am facing the same issue, except I can't seem to add Azure AAD Groups to my Manage Roles : Create Roles permissions:

jasonb_0-1657571146870.png

 

0 Kudos

avinashchhetri
Saviynt Employee
Saviynt Employee
In response to jasonb

‎07/11/2022 03:56 PM

@jasonb 

Have you added a workflow to the entitlementType you are trying to manage ?

If not, Please follow the steps below and give it a try.

Go to Security System > Endpoints > Entitlement Type

Click on the icon for Entitlement Type

avinashchhetri_0-1657579935222.png

On the details page, add a workflow as shown

avinashchhetri_1-1657579965819.png

This should populate the entitlement type you are trying to manage in the SAV Role

(Note: The screenshots shared above are for AD but you can follow the same for your AAD Groups as well)

@vermilyacd1 

Could you share the ticket number so that we can take a look ?

The Saviynt Support is a different Team altogether but would like to take a look at what's going on.

 

 

Regards,
Avinash Chhetri
0 Kudos

jasonb
New Contributor III
New Contributor III
In response to avinashchhetri

‎07/13/2022 07:40 AM - edited ‎07/13/2022 08:01 AM

[Edited: I did get the role to in the SAV Roles settings, but issue below remains]

@avinashchhetri

The documentation (link here) states:

  1. Log in to EIC.

  2. Go to ARS > Create New Role.

  3. Click the Ellipsis icon … to view the available options.

  4. Select Create Azure AD Group  and click Create.  

However, that description does not match the UI as it appears on my screen - There is no Ellipsis icon, and no Create Azure AD Group option under actions. For reference, we are on the latest cloud version.

0 Kudos

avinashchhetri
Saviynt Employee
Saviynt Employee
In response to jasonb

‎07/13/2022 08:34 AM - edited ‎07/13/2022 08:34 AM

@jasonb

If you are on the latest version, you should be able to see a separate tile for Creating and Managing AzureAD Groups as shown below.

avinashchhetri_0-1657726440519.png

 

 

 

Regards,
Avinash Chhetri
0 Kudos

jasonb
New Contributor III
New Contributor III
In response to avinashchhetri

‎07/13/2022 08:46 AM

I seem to be missing a number of options on the Home screen tiles:

jasonb_0-1657726954144.png

I am in the Role_Admin SAV role.

 

0 Kudos

avinashchhetri
Saviynt Employee
Saviynt Employee
In response to jasonb

‎07/13/2022 09:28 AM

Could you share the Saviynt version that you are on ?

Here's the url that will give you the version page if youre on the latest (v2021) release.

https://<applicaton-url>/ECMv6/versionpage

Also please share the screenshot of the "Create Request Home Option" for the Admin SAV Role

avinashchhetri_0-1657729651149.png

 

 

 

Regards,
Avinash Chhetri
0 Kudos

jasonb
New Contributor III
New Contributor III
In response to avinashchhetri

‎07/13/2022 09:37 AM

Version Info:

jasonb_0-1657730034696.png

Create Request Home Option:

jasonb_1-1657730226026.png

 

0 Kudos

avinashchhetri
Saviynt Employee
Saviynt Employee
In response to jasonb

‎07/13/2022 10:40 AM

I'm assuming you are using the OOB Admin Role and also have the access to Create and Modify Roles under Feature Access.

 

avinashchhetri_0-1657734009383.png

 

 

 

Regards,
Avinash Chhetri
0 Kudos

jasonb
New Contributor III
New Contributor III
In response to avinashchhetri

‎07/13/2022 10:45 AM

That is correct - the out-of-the-box Role_Admin SAV role, with permissions to create and modify roles:

jasonb_0-1657734330965.png

 

0 Kudos

vermilyacd1
Regular Contributor
Regular Contributor

‎07/11/2022 02:30 PM

Haha... yes and no. It's a bug in v2020 that does not have a timeline for a fix. Saviynt's response was upgrade to v2021. We did that, and it's broken there too. It's still being worked on, has been escalated several times. We're currently with the product team.

vermilyacd1
Regular Contributor
Regular Contributor

‎07/12/2022 05:41 AM

@avinashchhetri #1422119

0 Kudos
Copyright © 2024 Khoros, LLC