Wikis - Page

Knowledge Document: Azure AD Driver gets error 403 - Forbidden when trying to set password on Entra ID

0 Likes

The Azure AD Driver receives a fatal error that caused the driver to shut down. The trace shows that the error is reported when setting a password.

Environment

Identity Manager 4.8.x
Identity Manager 4.9
Azure AD Driver 5.1.7.0400
Azure AD Driver 5.2.0.200
 

Situation

When the driver attempts to set a password, the operation fails with the following error:
DirXML Log Event -------------------
     Driver:   \ACME\system\DriverSet\AzureAD
     Channel:  Subscriber
     Status:   Fatal
     Message:  Code(-9005) The driver returned a "fatal" status indicating that the driver should be shut down. Detail from driver: com.novell.nds.dirxml.driver.azure.exceptions.ChannelException: {"error":{"code":"Authorization_RequestDenied","message":"Insufficient privileges to complete the operation.","innerError":{"date":"2024-07-08T14:05:29","request-id":"ae0a4038-494d-468b-ac7b-926e89faeef7","client-request-id":"ae0a4038-494d-468b-ac7b-926e89faeef7"}}}

In the trace it's possible to see the following error, which indicates that the request sent to MS Graph failed:
[07/08/24 15:05:29.260]:AzureAD ST:AzureAD_Azure: ***********************LOGGING RESPONSE*****************
[07/08/24 15:05:29.261]:AzureAD ST:AzureAD_Azure: ********************************************************
[07/08/24 15:05:29.262]:AzureAD ST:AzureAD_Azure: Http response code : 403
[07/08/24 15:05:29.263]:AzureAD ST:AzureAD_Azure: Http response status : HTTP/1.1 403 Forbidden

See full knowledge document here

Labels:

Support Tips/Knowledge Docs
Comment List
Related
Recommended