Group Aggregation Filters

crderosier · November 17, 2022, 3:24pm

Hey everyone,

I’ve been trying to apply a group aggregation filter to our Azure AD source in IdentityNow. The only thing I’ve been able to enter without running into a java language exception is

dirSyncEnabled ne true

I’m getting my group attributes from this documentation here

https://documentation.sailpoint.com/connectors/microsoft/azure_ad/help/integrating_azure_active_directory/group_attributes.html

But when I use other attributes/conditions like

groupTypes eq group

or

description eq test

I get a java language error. I’m stumped as to why dirSyncEnabled seems to work but none of the other attributes in this documentation work. I’ve also tried grabbing attribute names directly from imported entitlements instead of this documentation on group schemas but still have the same result.

colin_mckibben · November 17, 2022, 6:03pm

Hi Conner. Can you please share the error message?

crderosier · November 17, 2022, 6:55pm

@colin_mckibben Sure, here it is

Exception during aggregation of Object Type group on Application New Azure AD [source]. Reason: java.lang.RuntimeException: An error occurred while aggregating Application New Azure AD [source]

Do you know if there’s a way for me to obtain a more detailed error message with an API call or something?

colin_mckibben · November 17, 2022, 7:36pm

If you haven’t already, I recommend opening a support ticket. Our support team is better equipped to investigate your tenant and OOTB connectors like Azure AD to find the root cause.

colin_mckibben · November 17, 2022, 7:49pm

And if you do solve your problem, please update this topic with the solution to help others in the future.