Troubleshooting the Connector

7 Troubleshooting the Connector

This is a solution to a problem you might encounter while using the Azure Active Directory connector.

Table 7-1 Troubleshooting the Azure AD Connector

Problem Solution

Problem	Solution
OIG Users are not created after running the Azure Active Directory User Trusted Recon scheduled job. The following message is displayed In the reconciliation event generated for the user: `'Data Validation Failed' as the current status and 'Invalid ManagerLogin : <Manager ID>' as Note.` Note: When you remove a manager from the Azure AD target system, a corresponding event will not be created in Oracle Identity Self Service Console.	This issue is encountered due to the dependency of manager information of users. OIG User creation fails if the manager of the user is not already present in Oracle Identity Governance. To fix this issue, you must remove the manager field mapping, run the Azure Active Directory User Trusted Recon scheduled job, and then add back the manager field mapping as follows: In Identity Self Service, remove the Manager field mapping as follows: Log in to Identity Self Service. Search for and open the Authoritative application corresponding to your target system for editing. For example, search for the Azure Active Directory application. From the Schema page, uncheck the Manager Login reconciliation mapping. Apply the changes. Run the Azure Active Directory User Trusted Recon scheduled job. In Identity Self Service, add the manager field mapping as follows: Log in to Identity Self Service. Search for and open the Authoritative application corresponding to your target system for editing. For example, search for the Azure Active Directory application. From the Schema page, select the Manager Login reconciliation mapping checkbox. Apply the changes. Clear the value in the latest token parameter of the Azure Active Directory User Trusted Recon scheduled job and run it.

OIG Users are not created after running the Azure Active Directory User Trusted Recon scheduled job. The following message is displayed In the reconciliation event generated for the user:

'Data Validation Failed' as the current status and 'Invalid ManagerLogin : <Manager ID>' as Note.

Note: When you remove a manager from the Azure AD target system, a corresponding event will not be created in Oracle Identity Self Service Console.

This issue is encountered due to the dependency of manager information of users. OIG User creation fails if the manager of the user is not already present in Oracle Identity Governance. To fix this issue, you must remove the manager field mapping, run the Azure Active Directory User Trusted Recon scheduled job, and then add back the manager field mapping as follows:

In Identity Self Service, remove the Manager field mapping as follows:

Log in to Identity Self Service.
Search for and open the Authoritative application corresponding to your target system for editing. For example, search for the Azure Active Directory application.
From the Schema page, uncheck the Manager Login reconciliation mapping.
Apply the changes.

Run the Azure Active Directory User Trusted Recon scheduled job.

In Identity Self Service, add the manager field mapping as follows:

Log in to Identity Self Service.
Search for and open the Authoritative application corresponding to your target system for editing. For example, search for the Azure Active Directory application.
From the Schema page, select the Manager Login reconciliation mapping checkbox.
Apply the changes.

Clear the value in the latest token parameter of the Azure Active Directory User Trusted Recon scheduled job and run it.