Share via

Why am I unable to provision users using on-prem SCIM app?

PlayPal7992 0 Reputation points
2025-03-20T23:43:27.09+00:00

I am trying to use the on-prem SCIM app and sync Entra ID users into vCenter. While the provisioning works as expected (provision logs on the app are successful), I do not see any of the users on the vcenter app as I would expect.

When I inspect the logs in C:\ProgramData\Azure AD Connect Provisioning Agent\Trace, I see the following and am unable to understand what is going on:

AADConnectProvisioningAgent.exe Error: 0 : Exception: System.IO.FileNotFoundException: Could not load file or assembly 'Microsoft.Azure.Cosmos.Client, Version=3.23.0.0, Culture=neutral, PublicKeyToken=<REDACTED>' or one of its dependencies. The system cannot find the file specified. File name: 'Microsoft.Azure.Cosmos.Client, Version=3.23.0.0, Culture=neutral, PublicKeyToken=<REDACTED>' at Microsoft.ApplicationProxy.Common.Utilities.Communication.RetryableOperationInvokerBase.ShouldRethrow(Exception exception, Int32 attempt, Int32 totalAttempts, String traceableCorrelationId) at Microsoft.ApplicationProxy.Common.Utilities.Communication.RetryableOperationInvokerBase.<InvokeOperation>d__

Any idea how to proceed here ?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
24,322 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Kancharla Saiteja 3,565 Reputation points Microsoft External Staff
    2025-03-27T10:16:26.85+00:00

    Hi @PlayPal7992,

    Based on your query, here is my understanding: You have a problem configuring provisioning agent to sync the users.

    Based on the error, we can see that the provisioning agent is not running which is the reason you are unable to perform any provisioning the users. You are facing this issue due to the connectivity issues. When you install a provisioning agent, you need to make sure you have met the prerequisites in terms of network requirements.

    The initial step is to enable TLS 1.2 on the server where the agent is installed. Here is the Microsoft document you can enable TLS 1.2: Enable TLS 1.2.

    If you have any firewall or proxy, you need to make sure the URL's and ports in the following documents are open and allowed: Allow access to URLs.

    Please make sure you have met all the following pre-requisites: Microsoft Entra on-premises application provisioning to SCIM-enabled apps

    Additional information on troubleshooting steps for on-premises SCIM provisioning: Troubleshoot on-premises application provisioning

    I hope this information is helpful. Please feel free to reach out if you have any further questions.

    If the answer is helpful, please click "Accept Answer" and kindly "upvote it". If you have extra questions about this answer, please click "Comment".

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.