Azure AD Connector Error

• We are getting the error below while performing account and group aggregation For Azure AD Connector. Note - Test Connection is successful.
• We have added all necessary permissions as well.
• I have removed all risky attributes from SailPoint Schema as well.

Exception during aggregation of Object Type Account on Application Ooredeo_Azure_AD. Reason: Unable to create iterator sailpoint.connector.ConnectorException: Exception occurred in Iterate Objects. Error message - sailpoint.connector.ConnectorException: Exception occurred in processReadRequest. Error - org.apache.http.conn.HttpHostConnectException: Connect to graph.microsoft.com:443[graph.microsoft.com/20.20.44.97, graph.microsoft.com/20.20.44.224, graph.microsoft.com/20.20.44.160] failed: Connection timed out: connect

Hi @manikandaprabhu_cg,

first of all try to increase the timeout time like this:

if dont resolve, verify if you have some configuration can block you into the firewall between SP and Azure, and check the permission at resource level on Azure.

1 Like

Timeout is usualy related to network issue, I would say most probably you don’t havr http proxy co figured on tomcat and you can’t leave your network from IIQ

Try solution from this post

2 Likes

@manikandaprabhu_cg pls check this thread, hope this will fix.

Azure Active Directory Account Aggregation Failing - Compass (sailpoint.com)

If you are using classic Azure portal, as an global admin go to the IdentityIQ application -> Users tab and click the "Consent" button.
For new portal, it is renamed to "Grant permission". 
This should help you if it is relevant to the permissions on Azure end.

2 Likes

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.