Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials

Azure AD Provisioning Issue

We have Samanage setup to automatically create accounts in Azure AD Enterprise Application area, so that in theory when an account is created in Azure, it should get created there. Every time though the provisioning log comes up as skipped. The log is showing as:

The User '***@***.net' will be skipped due to the following reasons: 1) This object is not assigned to the application. If you did not expect the object to be skipped, assign the object to the application or change your scoping filter to allow all users and groups to be in scope for provisioning. 2) This object does not have required entitlement for provisioning. If you did not expect the object to be skipped, update provisioning scope to 'Sync all users and groups' or assign the object to the application with entitlement of provisioning category

SkipReason - NotEffectivelyEntitled

IsActive - True

Assigned to the application - False

IsInProvisioningScope - True

ScopeEvaluationResult - {}

Microsoft documents has Tutorial: Azure Active Directory integration with SolarWinds Service Desk (previously Samanage) | Microsoft Docs which shows that it was updated earlier this month, but step the whole configure SolarWinds SSO looks out of date.

In Azure AD Enterprise, should the sign-in URL be something like this, which it currently is? app.samanage.com/.../<Company Name>

The Microsoft document under Configure Azure AD SSO shows the Sign on URL as https://<Company Name>.samanage.com/saml_login/<Company Name>, which is what we have in Samanage SSO, but not in Azure. This all was setup long before I came along, so not sure if this was setup per Samanage instructions possibly, or if it was setup wrong.

I can manually add them but that is a bit of a hassle.

Find more posts tagged with

Accepted answers

All comments

y.aure

Hello,

We've set up our SSO back when it was still Samanage, but I will try to help you with the bit of knowledge I have.

In Azure AD Entreprise the Sign on URL is something like this https://[company].samanage.com/saml_login/[company]

This is the exact URL which is copied from Solarwinds Service Desk Setup>Account>Single Sign-On>Login Using Azure AD>Login URL

The fact that your users are not provisionned may be because they have not been assigned to the application.

To do that, in Azure AD you need to go to your Solarwinds Service Desk application, then Users and Groups and add them here.

If you have an Azure AD Premium, you can add a group, this way you won't have to manually add each user when you create them.

Another way to handle this is to go to you application Properties and check User Assignement : No.

Then any user in your organisation will be able to log into Solarwinds Service Desk without any action from you. And every account will be automatically provisionned too.

Good Luck!