We have provided the required permissions to Aggregate user account from Azure Active Directory. we are getting an error during account aggregation.
The following is the error message:-
Exception occurred in Iterate Objects - populateRiskyUsersDetails. Error message - Exception occurred in processReadRequest. Error - Exception occurred while trying to receive data from Server. Number of retries exceeded.
You cannot perform the requested operation, required scopes are missing in the token.
reference of permissions.
In Source go to Accountschema and delete the attribute called risky user attributes in the schema and it will work
Please also see config guide for Azure https://community.sailpoint.com/t5/IdentityNow-Connectors/Azure-Active-Directory-Source-Configuration-Reference-Guide/ta-p/75323
With the security reports in the Azure Active Directory system, you can gauge the probability of the compromised user accounts in your environment. A user flagged for risk is an indicator that the account might have been compromised. The user risk represents the probability that a given identity or account is compromised. These risks are calculated offline using Microsoft’s internal and external threat intelligence sources including security researchers, law enforcement professionals, security teams at Microsoft, and other trusted sources.
The Azure Active Directory source supports the risky user alert feature. Requirement : An Azure AD Premium P2 license is required to avail this feature. The supported operations for the risky user alert feature are Full Account Aggregation and Get Object.
we have configured Office 365 service plans in Access Profile to provision Office 365 license to user and Access profile has added to role. On the basis of membership criteria role has provisioned to user and license has granted to user’s azure account.
On deprovisioning services get disabled and role has removed in IdentityNow, but license didn’t remove from azure account.
Is IdentityNow support removal of license from azure account , in case of membership criteria doesn’t match? As per our experience IDNow disable license , not removal.
We are receiving this same error. What if we would like to utilize this “risky user” feature and keep the attributes?
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.