Error in Provisioning Entra ID Group

dutta_pitam · April 24, 2026, 2:41am

We are trying to create a Entra ID group from SailPoint with members, the group is getting provisioned successfully but few attributes are not correctly set on the group. We are trying to create a Teams Enabled group with members in it. When SailPoint is trying to set the Teams Enabled Flag to True , Entra gives the below Error:

    <ProvisioningResult status="failed">
      <Errors>
        <Message key="Team activation for group failed : Team owner not found for group <Group ID>." type="Error"/>
      </Errors>
    </ProvisioningResult>
    <Value>
      <Boolean>true</Boolean>
    </Value>

While Setting the owners in the same provisioning plan gives the below Error:
AttributeRequest name=“owners” op=“Add” — Add/Remove owners failed for group id :<Group_D>Response Code - 404 Error - Resource '<Owner_ID>' does not exist or one of its queried reference-property objects are not present.

The Owners being passed are the UPN values of the Entra Account which exists on the Entra Side.

Any help on resolving this would be highly appreciated.

dutta_pitam · April 24, 2026, 4:27pm

Thanks @kannan_sb85 for your response.

I did try passing the object id of the account which i am setting as the owner of the group. However, there is an inconsistency behaviour which i am observing. The Group got provisioned on some cases with the owners assigned and teams enabled check box marked as true. But on large cases, same error was observed even when passing the object-id of the account.

If there any dependency of the id’s which i am missing.

Regards,

Pitam

pravin_ranjan · April 24, 2026, 5:17pm

@dutta_pitam please try with, this change should be in your application.

<entry key="createGroupTimelag" value = "60"/> // seconds in azure connector or may be use 120

looks like you have some lag time.

dutta_pitam · April 24, 2026, 5:58pm

Thanks @pravin_ranjan for your response.

I did add the key in the App xml and post that tried to provision the group as well. Still the same behaviour is being observed and the with the same error which is being depicted above.

Regards,

Pitam

neel193 · April 27, 2026, 4:59pm

@dutta_pitam Are you creating group and provisioning users in the same plan? or in objectRequest are you passing user details? If so, could you please split it. First create the group and then try to provision the users.

Please share your rule which you are using for review.

dutta_pitam · April 27, 2026, 5:29pm

@neel193 : Thanks for your response. That is exactly what i tried. I split out the operation in two halves.

First half : This is the Provisioning Plan to create the M365 Group in Azure without Setting the Owners and Teams Enabled Flag.

Result : The Group being created successfully.

Second Half: Apply Modify Operation on the Same group , this time with Owners being passed as an attribute request as well as Teams Enabled being set as true.

Result: Owners and Teams enabled are successfully applied on the group

Topic		Replies	Views
Microsoft Teams Owner Provisioning ISC Discussion and Questions identity-security-cloud , provisioning , connectors , entitlements	3	103	June 29, 2025
SailPoint Entra ID Provisioning Error - Exchange Attribute / Shared Mailbox / Distribution and Mail-Enabled Security Group Provisioning is only applicable during Update ISC Discussion and Questions identity-security-cloud , provisioning , connectors	2	85	February 27, 2026
Entra ID Provision is Getting Failure ISC Discussion and Questions identity-security-cloud	4	172	March 9, 2026
sailpoint.connector.ObjectNotFoundException in Azure Active Directory group creation IIQ Discussion and Questions identityiq , provisioning	9	155	March 3, 2026
IIQ - Azure Group creation - Error message - group Access Denied... but group reads back in during aggregation IIQ Discussion and Questions identityiq , provisioning , connectors , entitlements	2	86	April 9, 2025

Error in Provisioning Entra ID Group

Related topics