Federated IDS dont seem to be auto created anymore

Question

We have 2500 user licenses that I can add to users in our domain.  We have groups set up that will give the users access to all of our Adobe products via a google sign-in.  Lately it seems that when I search for a user to place them in a group, their federated ID doesn't show up so I have to add them manually.  Some show up because they probably synced over before the sync broke.  I notice new employees haven't shown up when I search for them lately.  I didn't set this up so I am a bit unfamiliar with how it works.  Does anyone know how I can fix this issue and have the federated IDs start showing up again?  Thanks

Ashish_Harrison · Accepted Answer

Hi @default8hlqs9gwya4r no Automatic account creation is altogether a different task.

Have a look- https://helpx.adobe.com/enterprise/using/zero-touch-administration.html#automatic-account-creation

For the sync could you please check the Adobe Web SAML app on Google and download the audit logs there you'll find the reason why users are not being synced to Adobe Admin Console.
Also, please make sure the Provisioning is ON for All.

Thanks!

default8hlqs9gwya4r · Answer

Under settings- Identity- I see the AdobeRoster directory with a federated ID type. When I click on AdobeRoster and navigate to Authentication it looks like Google SAML, Google OIDC, and Azure AD OIDC are listed. Google SAML is set as default. Auto account creation is disabled on all three. Could this be why the federated accounts aren't being auto-created? I am unsure if these were enabled before or if this is even the problem. Thanks for any help you can provide.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded