question

Azurelearner-4902 avatar image
0 Votes"
Azurelearner-4902 asked WaqarJamil-9359 edited

Azure sentinel and Azure Active directory connector not working

I am facing issues with enabling Azure Active directory connector in Azure sentinel.

I have fulfilled all the per-requiste for enabling Azure Active directory connector.

Workspace: read and write permissions are required.

Diagnostic Settings: required read and write permissions to AAD diagnostic settings.

Tenant Permissions: required 'Global Administrator' or 'Security Administrator' on the workspace's tenant.

I have P2 license, Global Administrator permission and read and write permissions on Workspace. Yet none of the data types that is

Sign-in logs
Audit logs
Non-interactive user sign-in log (Preview)
Service principal sign-in logs (Preview)
Managed Identity Sign-in logs (Preview)
Provisioning logs (Preview)

are getting enabled or connecting. I am however able to enable other connectors. I have also Diagnostic settings in Azure Active directory and sending logs to the same workspace. I have tried it multiple times and different regions but with same result.

microsoft-sentinel
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

YashMudaliar-2108 avatar image
0 Votes"
YashMudaliar-2108 answered

It surely does not seem like issue with the data connector but with Azure AD's connectivity. Still, can you share the screen shot of the connector page?

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.