Common Errors During Azure User Sync and Their Resolutions
Helpguide --> https://help.sdpondemand.com/azure-ad-user-sync
Helpguide --> https://help.sdpondemand.com/azure-ad-user-synca. IAMError:U123
This indicates that the user is part of a different organization. A user can be part of only one organization account. If the user belongs to another valid account, they must be removed from that account to be added to the current organization.
Please share the user's email address so we can verify whether they have a personal or paid subscription and advise on the next steps.
b. IAMError:Z112
This error indicates that the user is already present in a different data centre.
Please share the user's email address so we can verify whether they have a personal or paid subscription and advise on the next steps.
c. IAMError:AS101
This indicates that the user is marked as SPAM in IAM.
Kindly share the list of affected users so we can verify and unmark them as spam.
d. IAMError:OP103
By default, the user login count is limited to 1,000. If your organization requires a higher limit, kindly drop an email to SDP Cloud support with your requirement. The IAM team will help increase the count as needed.
e. Inactive Site / Please provide a valid input for field Site
This indicates that the site value provided is either inactive or invalid in SDP.
Check whether the site is marked as inactive in the application. If duplicate sites are present, remove them.
f. Please provide a valid input for field Department
This error means that the department value passed is either inactive or invalid in SDP.
Ensure the department is active and valid. If duplicates are found, remove them.
g. Unable to change Primary Email
Possible Reasons & Checks:
- Primary email changes might be restricted under ESM settings.
Navigate to: ESM Directory → Organization Details → Allow changing user's primary email - The new email ID may already exist as another user in SDP. Delete the duplicate user before retrying.
- For domain changes to work properly, the user must have synced at least once via Azure AD User Sync or Import from Azure.
h. Manager Not Updated
If the manager is not synced in SDP, the manager field will not be updated for other users.
Example: If User_A has Manager_A set in Azure, Manager_A must be synced first in SDP for User_A's manager field to be updated.
Manager data is received only once from Azure during the sync.
- Ensure the manager is included in the sync criteria and field mapping.
- If the manager field is missing due to earlier misconfigurations, restart the sync.
- If the data is still not fetched after restart, the manager must be updated manually in SDP.
New to ADSelfService Plus?
Related Articles
Azure AD User Sync integration is getting disabled / Error message shown in Azure AD User Sync card
Helpguide --> https://help.sdpondemand.com/azure-ad-user-sync When the integration is automatically disabled or the sync is not running, it might be due to one of the following reasons. These errors will be displayed in the Integration Card and will ...Azure AD User Sync – Overview
Helpguide --> https://help.sdpondemand.com/azure-ad-user-sync Azure AD User Sync, when enabled, gets users from Azure periodically and adds/updates/deletes them in SDP. The sync flow is mainly categorized into 2 parts: Initial Sync and Incremental ...Users not added/updated to SDP - Azure AD User Sync
Helpguide --> https://help.sdpondemand.com/azure-ad-user-sync a. Check whether Initial Sync is completed When Azure AD has a large set of users, it might take time to process and sync all of them. Once the Initial Sync is completed, all users would ...Users are not deleted/login revoked - Azure AD User Sync
Ensure the configurations are selected correctly by navigating to: Setup → Apps and Add-ons → Integrations → Azure AD User Sync. Also, verify that the user has been synced at least once previously through Azure AD User Sync or Import from Azure. This ...Microsoft Azure Integration and its benefits
Kindly refer to this link for more info about this integration, https://help.sdpondemand.com/azure_integration Why does this integration have to be enabled separately? This is an additional authentication step implemented to enhance the existing ...