Hello,
I'm having a hard time accessing my managed domain through DNS Manager.
Despite using two user objects belonging to the AAD DC Administrators group, I'm getting Access Denied both while trying over VPN or the virtual network of the managed domain.
I'm out of ideas atm thus any help would be greatly appreciated!
Hello @KonstantinosXanthopoulos-9256,
Thanks for reaching out and apologies for the delayed response.
Members of the 'AAD DC Administrators' group should ideally be able to get access and administer the complete Azure AD managed domain services. However, if you're having an issue with a certain user account, could you kindly create a new user and add them to the 'AAD DC Administrators' group to observe their behavior? Additionally, it's good to reset non-working users' passwords to verify behavior since, for example, if Azure AD DS does not contain the user's password hashes due to some reason as explained here, then you may have issues with AAD DS.
Hope this helps.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Hi @sikumars-msft,
Thanks for your answer.
Indeed the issue has been the password for both user objects, members of the "AAD DC Administrators" group.
However, passwords for both users have been changed after the deployment of the AAD DS service to be aware of the hashes.
A second password reset for each object resolved the issue.
19 people are following this question.
