Advanced group filters not applied

falin · June 19, 2025, 12:18pm

Hi,

We have recently looked into aggregating the PIM object types from Azure AD and found that a lot of our Azure applications had not followed our upgrades to 8.4p2 to be able to aggregate those type of object types. Therefore I created a new application in 8.4p2 and could successfully aggregate all new object types. We have also recently started to apply filters for our group aggregation such as image 1, (dirSyncEnabled ne true) and applied the advanced group filters to not read in all groups in Azure.

My issue is that I receive the error message seen in image 2 when I run account group aggregation with the filter applied for the application. All objects except the group type are aggregated. Has any one else experienced this or has a suggestion what I could do to solve it?

Which IIQ version are you inquiring about?

8.4p2

Please share any images or screenshots, if relevant.

Share all details about your problem, including any error messages you may have received.

Exception during aggregation of Object Type Group on Application Azure AD PIM Test. Reason: sailpoint.connector.ConnectorException: Exception occurred in Iterate Objects. Error message - sailpoint.connector.ConnectorException: Exception occurred in processReadRequest. Error - Response Code - 400 Error - 400 Filter operator ‘NotEqualsMatch’ is not supported.

pattabhi · June 19, 2025, 2:28pm

Hi @falin

Welcome to the SailPoint Developer Community!

Please check below topics solution, I believe this will resolve your error.

AAD cloud source groups - IdentityIQ (IIQ) / IIQ Discussion and Questions - SailPoint Developer Community

Another article, same answer already provided by @Arun-Kumar

Azure AD Source - skipping entitlements that are synced from on prem - Identity Security Cloud (ISC) / ISC Discussion and Questions - SailPoint Developer Community

Arun-Kumar · June 19, 2025, 2:34pm

Hi @falin ,

Ensure that the owners attribute is removed from the group schema to enable support for the ne query filter.

falin · June 23, 2025, 6:37am

Thank you @Arun-Kumar for the solution, missed that in the documenation. And thank you @pattabhi for the additional links!

eberteo · June 30, 2025, 12:38am

Hello @falin, welcome to the Community!

As @pattabhi has mentioned the response to your question has been solved in the following post:

Azure AD Source - skipping entitlements that are synced from on prem - Identity Security Cloud (ISC) / ISC Discussion and Questions - SailPoint Developer Community

system · August 29, 2025, 12:38am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Group Aggregation Filters ISC Discussion and Questions aggregation , identity-security-cloud	8	1324	June 29, 2023
Azure AD group Aggregation Error IIQ Discussion and Questions aggregation , identityiq	2	883	March 9, 2024
Query on Group Filters in Azure AD IIQ Discussion and Questions aggregation , identityiq	20	156	February 1, 2025
Azure Account Aggregation filter cloud group IIQ Discussion and Questions webservice-connector , rules , aggregation , identityiq , provisioning , access-requests , certifications , connectors , entitlements	7	161	April 14, 2025
Azure AD Source - skipping entitlements that are synced from on prem ISC Discussion and Questions aggregation , entitlements	5	1657	July 19, 2023

Advanced group filters not applied

Which IIQ version are you inquiring about?

Please share any images or screenshots, if relevant.

Share all details about your problem, including any error messages you may have received.

Related topics