I have a requirement to manage Entra role assignments via Sailpoint ISC.
If you want to manage directly in Entra you will need the IQ Service. The IQ Service is what allows the Linux based VA’s run the required .net libraries in order to interact with Windows.
If you want to only pull in the Roles in Entra you can tell the Entitlement Aggregation to only pull in that object type.
The connector will handle if it is reaching out to on prem or entra. You can use the same IQ Service Server for this.
Hope this helps.
HI @imagavis - Are you intending to use the VA Connector or the Saas Connector? The link you provide is for the VA connector, but the SaaS connector is pretty fully functional according to the docs: Supported Features
@imagavis are you using the SAAS connector or the on prem one with VA?
Hey @imagavis. Like others are saying in this thread, there are actually two connector types for managing Entra ID. One is an on-premises connector that requires a Virtual Appliance, while the other is a SaaS connector, meaning it is VA-less.
This connector is the on-premises connector type for Azure AD/Microsoft Entra ID. This connector is capable of role management.
Documentation Link (goes directly to role management section): Azure Active Directory Role Management
This connector is the SaaS/VA-less connector type for Azure AD/Microsoft Entra ID. This connector is also capable of role management.
Documentation Link (goes directly to role management section): Microsoft Entra ID Role Management
Thanks much! I ended up using SAAS connector which solved my use-case to only manage entra roles
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
