How to delegate permissions to Service desk team for managing MFA in Azure Active Directory
How to delegate permissions to Service desk team for managing MFA in Azure Active Directory. just MFA reset (revoke and re-register) rights. please suggest
Which permissions or roles are needed to view the details in an application insights dashboard
I have create an application insights dashboard to display information on a AKS cluster and resources. I have also created a security group for the accounts that I would like to allow access to the dashboard. Right now the users within the security…
Custom roles are not returned when i query a users memberof endpoint in graph api
Hi, I have used graph api users memberOf endpoint to get the roles assigned for a user . The response from the endpoint returns all the groups and roles that is assigned for that user , but the custom defined role is not returned . Is there any other way…
azure.core.exceptions.ResourceNotFoundError: (MissingSubscription) The request did not have a subscription or a valid tenant level resource provider.
Azure Support Team, Requirement: To create a custom RBAC role using Python(3.12) Code is pasted below: On executing the code getting the following error azure.core.exceptions.ResourceNotFoundError: (MissingSubscription) The request did not have a…
ACCESSO AZURE
Non riesco ad effettuare l'accesso, ricevo la telefonata per l'autenticazione ma mi appare il messaggio che vedete nello screenshot allegato. Marco Marianelli
Link Audit logs to Groups or Role or Privilege
I am wondering how can I link the audit logs from Azure AD to Role, Group or Privilege? The logs just have the action and the category. Is there a way by which I can understand using what Role or Group privilege this action was taken?
Is it possible to receive notification emails when PIM (Privileged Identity Management) assignments are removed?
Hi all, As a global administrator I'm receiving email notifications when users are assigned any PIM Entra roles. However, when those user roles are removed by other administrators I'm not receiving any notifications. Is there any configuration I…
Removing Role Assignments when the Scope is locked - tracking down what to unlock
I've mistakenly added a role assignment (Storage Account Contributor) to a file share. Now that I'm trying to remove that role assignment, I'm receiving an error stating that the scope is locked. When access the locks, the only lock listed is the…
Received error while deploying Bicep. Error: "The role assignment request schedule is invalid. (InvalidRoleAssignmentRequestSchedule)"
Hi Team, I'm currently utilizing Bicep to enable Azure AD Privileged Identity Management (PIM) with a custom role. I've created an AD Group and assigned a Custom Role to it, which includes the following actions: "Microsoft.Authorization//read",…
Teams calls going to Voicemail after elevating and deactivating access in PIM
When users elevate or deactivates access their calls go straight to voicemail. The only way to fix the issue is to quit teams and reload.
Required help on correcting the Bicep template for assigning the role assignment at resource level scope
Hi, we are in the process of generating several public IPs using the provided Bicep template. Our goal is to allocate role assignments to all these IPs within the scope of the resource level. However, we are encountering numerous challenges in…
azure kubernetes ingress can't acces key vault's certificate
Okay I have azure kubernetes service with running dockerized app, with ingress(I used creating ingress (preview)) everything works fine except certificate, I created key vault, inside uploaded certificate to use for domain, I have "Azure…
I am already an Azure Global Admin for our company but still, I cannot assign AVD/VMs to our users.
I am already an Azure Global Admin for our company but still, I cannot assign AVD/VMs to our users. I have assigned myself different admin roles that I can get but still, I can't do such assigning Azure Virtual Desktops to our users. Please help. Thanks.
I need to assign a policy to the tenant root management group from a new user account.
what is the role needed for the user? How to do it?
Azure B2C Sign In & Sign Up custom field still showing asterix on non-mandatory field
Hi Were using Azure B2C and specifically the Sign In 7 Sign Up User flow with our own Sign up template. I have added a custom field - 'Mobile Number' and we had previsouly set it to be mandatory. This rightly shows an asterix next to the label to inform…
If a user want to assign a policy to the tenant root management group, what role can do this?
Global administrator role? Owner role of the subscription?
AuthorizationPermissionMismatch error when accessing blob file with indirect permission in RBAC
Hi, I'm using BlobContainerClient for accessing blobs from code (C#) private async Task<BlobClient> GetBlobClientAsync(string blobName, string container, CancellationToken cancellationToken) { var containerClient = await…
Discussion around different ways to implement PIM for Azure resources
I've found there are two ways to use PIM to grant access to Azure resources and I'd like to understand the differences, if any, between the two. The outcome is the same however the process/workflow to achieve it is different. Method 1 Create an Entra ID…
Elevated Access for Azure AD Users
Hey guys, I'm managing 100 Azure AD users who utilize corporate-owned laptops for signing in and performing tasks. All these users are configured as standard users. Therefore, when the IT team runs an application with elevated access or doing…