AzureAD: Entitlement aggregation throwing error

Hi team,

Lately, we’re seeing this below error during entitlement aggregation for AzureAD connector -

Exception during aggregation of 1c91f8af-2ea9-4bc6-8e4f-3343956c4694:19:[email protected]. Reason: javax.persistence.PersistenceException: org.hibernate.exception.GenericJDBCException: could not execute statement

It looks like AzureAD connector is trying to execute some JDBC call to IDN database but couldn’t execute due to some reason.

Not sure what this error actually means, is there anyway we can dig this further and resolve?


We recently faced same issue and after working with support found out that it was because of emojis in slack title. In our case it was not entitlement aggregation but it was happening on identity refresh.
The only way to get root cause of this problem is to work with support if you don’t see much information in ccg logs as your’s is entitlement aggregation.

1 Like

Hey Chirag, we’ve spotted the issue which is the same as you said. Thanks mate for sharing your observation :slight_smile:

1 Like

In IdentityIQ, we had to update the MySQL Collation for the spt_managed_attribute table to utf16le_general_ci which allows for emoji characters. Not sure if IdentityNow can be updated to support utf16.

1 Like

You are right. I believe SailPoint engineering might have already thought about this, it’s just that some performance or security considerations on the backend design could be the reason why it’s not there atm.
Well, I can see a lot of ideas have been raised around this on the Idea Portal, hope we see the fix soon!