Application Connector to Azure is timing out

jgruendike · November 20, 2023, 7:34pm

Which IIQ version are you inquiring about?

Version 8.3

Share all details related to your problem, including any error messages you may have received.

I’m trying to add Azure (Entra ID) as a new Application and I’ve followed all steps in order to support certificate authentication. I haven’t been able to get Test Connection working and am running out of ideas. After a few minutes of waiting it will always return this error:

Test Connection failed with exception. Error message - Exception : OAuth2Exception [toString()=connector.common.oauth2.OAuth2Exception: Unable to generate access token. Response returned: org.apache.http.conn.ConnectTimeoutException: Connect to login.microsoftonline.com:443 [login.microsoftonline.com/20.190.190.129, login.microsoftonline.com/20.190.190.131, login.microsoftonline.com/20.190.190.195, login.microsoftonline.com/40.126.62.130, login.microsoftonline.com/20.190.190.196, login.microsoftonline.com/20.190.190.194, login.microsoftonline.com/40.126.62.131, login.microsoftonline.com/20.190.190.130] failed: Read timed out]

It simply times out and doesn’t show any other information. I cannot find anyone else in the forums who had this error and it’s not mentioned in any of the documentation I’ve seen. I verified that a firewall is not blocking any of the addresses in the error and can also connect to graph.microsoft.com. Any suggestions would be great. Thank you

Remold · November 21, 2023, 8:31pm

Do you have a proxy configured?

How did you validate the firewall is not blocking?
My first test is using powershell on the IdentityIQ server:

Test-NetConnection graph.microsoft.com -port 443
Test-NetConnection 20.190.190.129 -port 443
Test-NetConnection 20.190.190.131 -port 443
Test-NetConnection 20.190.190.195 -port 443
Test-NetConnection 40.126.62.130 -port 443
Test-NetConnection 20.190.190.196 -port 443
Test-NetConnection 20.190.190.194 -port 443
Test-NetConnection 40.126.62.131 -port 443
Test-NetConnection 20.190.190.130 -port 443

This should work if there is a direct connection to the internet.

– Remold

jgruendike · November 22, 2023, 10:24pm

Those PowerShell commands all return True. I was hopeful it would be a setting somewhere but now I’m convinced our environment has another layer that’s blocking traffic somewhere. I’ve reached out internally to help troubleshoot. Thanks!

system · January 21, 2024, 10:25pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Default connection timeout on web service connector IIQ Discussion and Questions webservice-connector , identityiq	4	672	August 1, 2023
Web Service connector: HTTP 415 Error IdentityIQ (IIQ)	7	2851	January 27, 2022
Timeout error while doing test connection for web service connector ISC Discussion and Questions webservice-connector , identity-security-cloud	2	81	April 2, 2024
Timeout errors from Cloud Connector after it completes ISC Discussion and Questions saas-connector , aggregation , identity-security-cloud	8	1081	July 19, 2023
CyberArk Cloud Shared Timeout Error ISC Discussion and Questions webservice-connector , identity-security-cloud	23	648	February 19, 2024

Application Connector to Azure is timing out

Which IIQ version are you inquiring about?

Share all details related to your problem, including any error messages you may have received.

Related Topics