-
Bug
-
Resolution: Timed out
-
Low
-
None
-
6
-
Severity 3 - Minor
-
Issue Summary
After configuring provisioning as per the instructions here: Atlassian Cloud provisioning tutorial, the initial sync. works, but after a period of time the sync fails with this message on the Azure AD portal:
Quarantined due to a high number of errors. Please view the audit logs below to assess the errors and remediate them. Sync interval reduced to once per 24 hours.
Environment
- Azure Ad
- Provisioning via SCIM
Steps to Reproduce
- Configure provisioning with Azure AD as per the instructions here: Atlassian Cloud provisioning tutorial
- Select/check the "Clear current state and restart synchronization"
- Save the configuration
- The sync. process will start/complete
- Wait a while - testing has shown that sometime between 20mins and 2hrs the sync. will fail the message mentioned in the Issue Summary
Expected Results
- Sync. will continue to run
Actual Results
- This message is shown in the Provisioning configuration page on Azure AD:
Quarantined due to a high number of errors. Please view the audit logs below to assess the errors and remediate them. Sync interval reduced to once per 24 hours.
- 401 responses from the Atlassian global proxy
- In most cases, clicking "Test Connection" in Azure AD will return an error:
Notes
- You may need to switch between the two "Scope" options on the Azure AD configuration page i.e. toggle between "Sync all users and groups" and "Sync only assigned users and groups"
- Checking "Clear current state and restart synchronization" may be necessary to reproduce the issue
Workaround
- Regenerate/rotate the API key(reference: User provisioning):
- Go to admin.atlassian.com and click your organization.
- Click Directory, then click User provisioning.
- Click the Directory tab, then click the Regenerate API key button.
- Click Regenerate key.
- Copy the organization ID and the API key to a safe place. Once you close the API key information screen, we won't show you this information again.
- Click Done.
- Enter the new key into the "Secret Token" field on the Azure AD provisioning configuration page
- Click "Test Connection" - the test should pass
- Save the configuration
- The sync. should restart
[ACCESS-745] Provisioning: Azure AD - Sync. process is quarantined after a period of time
| Resolution | New: Timed out [ 10 ] | |
| Status | Original: Gathering Impact [ 12072 ] | New: Closed [ 6 ] |
| Support reference count | Original: 5 | New: 6 |
| Remote Link | New: This issue links to "Page (Confluence)" [ 945260 ] |
| Status | Original: In Progress [ 3 ] | New: Gathering Impact [ 12072 ] |
| Support reference count | Original: 4 | New: 5 |
| Assignee | Original: vlad [ vsankin ] | New: Yang Li [ yli2@atlassian.com ] |
| Support reference count | Original: 3 | New: 4 |
Unfortunately, all the log says is:
'Successful'
I can send the image from the error reproduction if you give me an email address or allow me to upload attachments to this ticket.
Hi everyone,
Thank you for watching, following, and providing valuable feedback for our teams. Due to inactivity, we will be closing this bug as "Timed Out", but if this is still affecting your team, let us know on this ticket so we can potentially re-evaluate.