Creating Distribution Lists in SailPoint using Azure AD Connector

Which IIQ version are you inquiring about?

Version 8.4

Please share any images or screenshots, if relevant.

MicrosoftTeams-image (3).png

Share all details related to your problem, including any error messages you may have received.

Hi All,

Could someone please assist me in creating a distribution list in SailPoint using the Azure AD connector? I’ve gone through the Azure documents, and while it mentions that creation is possible,but it doesn’t provide instructions on creating distribution lists. Additionally, I couldn’t find relevant information in SailPoint’s Compass. Can anyone please help me with this?

Thanks,
Ranjith M

It’s actualy quite simple
Got to Entitlements Catalogue

Click new entitlement

Select your azure AD application and type = Group

Go to Object Properties and in Group Types you can select DistributionList

2 Likes

Hi @kjakubiak

We are currently using a QuickLink to create the distribution lists through a PowerShell script. However, for SailPoint integration, I aim to automate the distribution list creation process using Azure AD rather than manual process. could you please help me on this

Thanks,
Ranjith M

Its not necessary to configure the Provisioning Police?

I just created new Azure AD application and without any further configuration form was already ready

1 Like

@Ranjith2000

You can create Plan to create a Distribution List. Something like below.

Below is the sample.

`
ProvisioningPlan plan = new ProvisioningPlan();
plan.setTargetIntegration(“Azure AppName”);
// Now set the Object Request
ProvisioningPlan.ObjectRequest oR = new ProvisioningPlan.ObjectRequest();
oR.setApplication(“Azure Appname”);
oR.setnativeIdentity(“GroupName”);
oR.setOp(ProvisioningPlan.ObjectOperation.Create);
oR.setType(“group”);

oR.add(new AttributeRequest(“displayName”, ProvisioningPlan.Operation.Set, “groupName”);
oR.add(new AttributeRequest(“mailNickname”, ProvisioningPlan.Operation.Set, “groupName”);
oR.add(new AttributeRequest(“discription”, ProvisioningPlan.Operation.Set, “test”);
oR.add(new AttributeRequest(“groupTypes”, ProvisioningPlan.Operation.Set, “DistributionList”);

plan.add(oR);
Provisioner pro = new Provisioner(context);
pro.setSource(“TargetAggregation”);
pro.setNoCreateTemplates(false);
Attributes args = new Attributes();
args.put(“optimisticProvisioning”, true);
ProvisioningProject newProject = pro.compile(plan, args);
pro.execute(newProject);

`
Syntax you can fix, i don’t have that azure lab env. but by concept it should work.

If you see any error then print plan in before provisioning rule and try the steps that provided by @kjakubiak . you will get plan printed in logs so you can do little adjustment in rule.

Hi @pravin_ranjan

In my workflow, after setting up the ObjectRequest in the plan, I’m attempting to use the IdentityRequest

IdentityRequest identityRequest = new IdentityRequest();
identityRequest.setRequesterDisplayName(“RequesterDisplayName”);
ProvisioningProject provisioningProject = new ProvisioningProject();
provisioningProject.add(plan);
identityRequest.setProvisioningProject(context,provisioningProject);

In my workflow, I’m trying to use the IdentityRequest to trigger a request on the access request page, using a provisioning plan to create a distribution list in Azure. Despite managing to create the distribution list successfully with the Provisioner API in a run rule, I’m struggling to integrate this process into workflows, and the distribution list isn’t being created as expected. could you please give any suggestion for this

Thanks
Ranjith M

@Ranjith2000 some correction needed as per API method.

`
identityRequest.setProvisioningProject(context,plan);

Here it should be provisioningProject not plan.

identityRequest.setProvisioningProject(context,provisioningProject);

`

Hi @pravin_ranjan

I apologize for the confusion, in my things, I used ‘provisioningProject’ instead of ‘plan,’ but when posting it here, I mistakenly included ‘plan

Thanks
Ranjith M