We recently moved from the VA Based Entra connector the the SaaS connector. Everything has been working fine, until we attempted to add an entitlement to 200+ users. The first 5-10 requests were processed properly, then every additional request shows:
sailpoint.connector.ConnectorException: Command timed out
We have tried adjusting the provisioningTimeout, but haven’t been able to figure out a resolution.
Over the last few weeks I have tried every possible timeout setting, and we still are unable to provision a single entitlement to a large number of Entra Accounts using the SaaS based Entra connector. I have opened a ticket, but so far that hasn’t helped much.
We attempted to add a regular Entra security group to 600+ accounts via a role. The first 10 go through just fine. The next 10 will be provisioned in Entra, but ISC will say the provisioning was incomplete. The rest will not get provisioned in Entra. Then it gets repeated the next time the Role is pushed, with the same results. If there are any other groups being provisioned via Roles or Access Requests, those will also fail.
Support recommended reducing the number of accounts we were provisioning to at one time. We have to do it at 10-20 accounts per run to not run into issues. This is a terrible process for trying to get the entitlement to 600+ accounts.
As a test we tried using the Virtual Appliance based Entra connector, and we were able to provision to 180 accounts in less than 5 minutes with no errors. I am sure it wouldn’t have a problem with 600+ accounts.
There is something wrong with how the SaaS based connector is working, or there is something wrong with the back end SaaS infrastructure.