Saviynt Forums

Yes @stalluri JSON already updated on AAD connector connections.

@rushikeshvartak  our service app reg has global admin AAD role and along with exchange admin too. Problem that task it self not picking up by provisioning job. otherwise i would have provided logs.

Did you ran for specific task key ? Does normal azure ad group creation working ?

Yes, ran but didnt pick that as well. Looks like its not picking the normal security group creation task also in prod, but its working in dev environment.

Does jsons are same ?

Exactly same JSONs. 

Just curious to know that do i need to run any jobs once i place all JSONs to AAD Connector connection. Reason that i have moved AAD Group management from Dev to Prod this morning.

Try restarting application once

i will have to place CR for that to restart services of Prod env. Are you sure is that could be glitch?

Can be possible 

@SureshPatike 
Making sure you have the same query in the advance config at job level "and at.taskkey in (504572)"
Let us know if it is resolved after a restart.

Good news that pending tasks of create AAD groups picking up by job after i have reentered the connection object and saved it. But task is not completed and still showing as pending with provisioning metadata comment with the groupid. I see group created when i search with that groupid in AzureAD. but teams not enabled. Just curious to know is our service principle need any more AAD roles additionally added for teams enable on the O365 group apart from Globaladmin role, exchange admin role.

Note: Plain office365 and security type groups created and tasks completed with no issues.

Selected below fields to create Office365 group and enable teams, channel (name, desc)

Check DEV SPN vs Prod SPN access 

its same behaviour with Dev env also. 

Share teams json with logs in text format

Create Team JSON

{
"connection": "userAuth",
"url": "https://graph.microsoft.com/v1.0/groups/${groupId}/team/",
"httpMethod": "PUT",
"httpParams": "{\"memberSettings\":{\"allowCreateUpdateChannels\": false,\"allowDeleteChannels\": false,\"allowAddRemoveApps\": true,\"allowCreateUpdateRemoveTabs\": true,\"allowCreateUpdateRemoveConnectors\": true},\"guestSettings\":{\"allowCreateUpdateChannels\": false,\"allowDeleteChannels\": true},\"messagingSettings\":{\"allowUserEditMessages\": true,\"allowUserDeleteMessages\": true,\"allowOwnerDeleteMessages\": true,\"allowTeamMentions\": true,\"allowChannelMentions\": true},\"funSettings\":{\"allowGiphy\": true,\"giphyContentRating\":\"strict\",\"allowStickersAndMemes\":true,\"allowCustomMemes\":true}}",
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json"
}

Create Channel JSON

{
"connection": "userAuth",
"url": "https://graph.microsoft.com/v1.0/teams/${groupId}/channels",
"httpMethod": "POST",
"httpParams": "{\"description\": \"${rolesObj.customproperty27}\", \"displayName\": \"${rolesObj.customproperty26}\"}",
"httpHeaders": {
"Authorization": "${access_token}",
"Content-Type": "application/json"
},
"httpContentType": "application/json"
}

Logs:

2024-09-13T14:29:05.541+00:00 ecm services.RoleversionService http-nio-8080-exec-344-95t42 DEBUG role with data role_name: TestO365ProdTeams, status: 1, roletype: 6 and systemId = 3 does not exist
2024-09-13T14:29:05.547+00:00 ecm services.RoleversionService http-nio-8080-exec-344-95t42 DEBUG Saving Role TestO365ProdTeams
2024-09-13T14:29:05.554+00:00 ecm services.ArsTaskService http-nio-8080-exec-344-95t42 DEBUG roleparent: TestO365ProdTeams
2024-09-13T14:29:05.703+00:00 ecm services.RoleversionService http-nio-8080-exec-344-95t42 DEBUG creating Tasks for add/remove access(Ents) to Role-[TestO365ProdTeams]
2024-09-13T14:29:05.779+00:00 ecm services.RoleversionService http-nio-8080-exec-344-95t42 DEBUG creating task for added Entitlements to Role-[TestO365ProdTeams]
2024-09-13T14:29:05.780+00:00 ecm services.RoleversionService http-nio-8080-exec-344-95t42 DEBUG creating task for removed Entitlements to Role-[TestO365ProdTeams]
2024-09-13T14:28:30.097+00:00 ecm controllers.RolesController http-nio-8080-exec-376-95t42 DEBUG Params Map for Query: [search:%TestO365ProdTeams%, offset:0, max:15]
2024-09-13T14:28:18.707+00:00 ecm security.RestTokenGeneratorService http-nio-8080-exec-365-95t42 DEBUG isValidRedirectionRequestFromMS - msRedirectUrl: https%3A%2F%2Fabc.xyz.com%2FECM%2Froles%2Fselectowner%2F-1%3FautoApprove%3D1%26manage%3D1%26rolekey%3D-1%26SYNCHRONIZER_TOKEN%3Db0be5eed-542e-485a-b180-e44eb2fea8a1%26SYNCHRONIZER_URI%3D%252FECM%252Froles%252Fcreate%26roletype%3D6%26savmodule%3Dars%26status%3D1%26conntype%3DAzureAD%26type%3DAADGroup%26ent_type%3DAADGroup%26role_name%3DTestO365ProdTeams%26description%3DTestO365ProdTeams%26displayname%3DTestO365ProdTeams%26endpointkey%3D3%26customproperty21%3DOffice365%26customproperty24%3D1%26customproperty25%3D1%26customproperty26%3DTestO365ProdTeams%26customproperty27%3DTestO365ProdTeams%26soxcritical%3D0%26syscritical%3D0%26priviliged%3D0%26confidentiality%3D0%26requestable%3Dtrue%26customproperty1%3D%26customproperty2%3D%26customproperty3%3D%26customproperty4%3D%26customproperty5%3D%26customproperty6%3D%26customproperty7%3D%26customproperty8%3D%26customproperty9%3D%26customproperty10%3D%26customproperty11%3D%26customproperty12%3D%26customproperty13%3D%26customproperty14%3D%26customproperty15%3D%26customproperty16%3D%26customproperty17%3D%26customproperty18%3D%26customproperty19%3D%26customproperty20%3D%26customproperty29%3D%26customproperty30%3D%26customproperty31%3D%26customproperty32%3D%26customproperty33%3D%26customproperty34%3D%26customproperty35%3D%26customproperty36%3D%26customproperty37%3D%26customproperty38%3D%26customproperty39%3D%26customproperty40%3D%26customproperty41%3D%26customproperty42%3D%26customproperty43%3D%26customproperty44%3D%26customproperty45%3D%26customproperty46%3D%26customproperty47%3D%26customproperty48%3D%26customproperty49%3D%26customproperty50%3D%26customproperty51%3D%26customproperty52%3D%26customproperty53%3D%26customproperty54%3D%26customproperty55%3D%26customproperty56%3D%26customproperty57%3D%26customproperty58%3D%26customproperty59%3D%26customproperty60%3D%26updateuser%3D6%26systemid%3D3

Does it works from postman ?

Actually, i have not tried from postman yet. i will have to spend sometime to configure to execute it from postman. Not sure how to test this via postman i mean don thave idea what params need to be passed via body. i will try and let you know. 

i have tried to add team to the O365 group created already using this apihttps://graph.microsoft.com/v1.0/groups/<groupid>/team/

am reaceiving this 400 bad request: 

Finally am able to create Office365 group and add teams , channel to that group. Issue was that we need to add group owner if incase we need teams on the group. this is mandatory. Also make sure, select the check box when add the group owner while creating group request like below, otherwise it will not treat that you have added the group owner to group on submit.