• We are getting the error below while performing account and group aggregation For Azure AD Connector. Note - Test Connection is successful.
• We have added all necessary permissions as well.
• I have removed all risky attributes from SailPoint Schema as well.
Exception during aggregation of Object Type Account on Application Ooredeo_Azure_AD. Reason: Unable to create iterator sailpoint.connector.ConnectorException: Exception occurred in Iterate Objects. Error message - sailpoint.connector.ConnectorException: Exception occurred in processReadRequest. Error - org.apache.http.conn.HttpHostConnectException: Connect to graph.microsoft.com:443[graph.microsoft.com/20.20.44.97, graph.microsoft.com/20.20.44.224, graph.microsoft.com/20.20.44.160] failed: Connection timed out: connect
if dont resolve, verify if you have some configuration can block you into the firewall between SP and Azure, and check the permission at resource level on Azure.
Timeout is usualy related to network issue, I would say most probably you don’t havr http proxy co figured on tomcat and you can’t leave your network from IIQ
If you are using classic Azure portal, as an global admin go to the IdentityIQ application -> Users tab and click the "Consent" button.
For new portal, it is renamed to "Grant permission".
This should help you if it is relevant to the permissions on Azure end.