Azure B2C Sign In & Sign Up custom field still showing asterix on non-mandatory field
Hi Were using Azure B2C and specifically the Sign In 7 Sign Up User flow with our own Sign up template. I have added a custom field - 'Mobile Number' and we had previsouly set it to be mandatory. This rightly shows an asterix next to the label to inform…
I need to assign a policy to the tenant root management group from a new user account.
what is the role needed for the user? How to do it?
If a user want to assign a policy to the tenant root management group, what role can do this?
Global administrator role? Owner role of the subscription?
Is it possible to receive notification emails when PIM (Privileged Identity Management) assignments are removed?
Hi all, As a global administrator I'm receiving email notifications when users are assigned any PIM Entra roles. However, when those user roles are removed by other administrators I'm not receiving any notifications. Is there any configuration I…
AuthorizationPermissionMismatch error when accessing blob file with indirect permission in RBAC
Hi, I'm using BlobContainerClient for accessing blobs from code (C#) private async Task<BlobClient> GetBlobClientAsync(string blobName, string container, CancellationToken cancellationToken) { var containerClient = await…
Hello, I'm trying to access my azure account, but it keeps showing me the message "you don't have access to this", and "restricted tenant". It says we have some problems with your login token. I even can't submit a support ticket and can't do anything.
Hi Team, While I was trying to set some permissions to my user account during Azure Container Registry , I made some changes to my role and after that when I am trying to access my azure account, but it keeps showing me the message "you don't have…
Link Audit logs to Groups or Role or Privilege
I am wondering how can I link the audit logs from Azure AD to Role, Group or Privilege? The logs just have the action and the category. Is there a way by which I can understand using what Role or Group privilege this action was taken?
Discussion around different ways to implement PIM for Azure resources
I've found there are two ways to use PIM to grant access to Azure resources and I'd like to understand the differences, if any, between the two. The outcome is the same however the process/workflow to achieve it is different. Method 1 Create an Entra ID…
Elevated Access for Azure AD Users
Hey guys, I'm managing 100 Azure AD users who utilize corporate-owned laptops for signing in and performing tasks. All these users are configured as standard users. Therefore, when the IT team runs an application with elevated access or doing…
Azure Key Vault RBAC permissions required for APIM to retreive a cert?
Hi I have a Azure API manager setup and want to add a custom domain. We have deployed Azure Key Vault and uploaded a certificate. We have deployed Key Vault with the recommended "role-based access control" We have given the APIM managed…
Assign RBAC "Key Vault Administrator" role to Azure App via C# (.NET SDK)
I use below C# code create KeyVault with RBAC permission model. using KeyVaultModels = Microsoft.Azure.Management.KeyVault.Models; KeyVaultModels.VaultProperties vaultProperties = new KeyVaultModels.VaultProperties() { EnableRbacAuthorization = true, …
What role will I have when I migrate a subscription to a new Tenant/Directory?
Hi All, Starting in September 2024 Classic Admins will be removed. I am wondering what is going to happen when I do a migration (directory change) of a subscription from one tenant to another. Usually the user who does the "Change Directory"…
To add a backend pool and health probe to loadbalancer, which role is needed?
Network contributor on loadbalancer level? Network contributor on the resource group level?
How to fix - MsalClaimsChallengeException: AADSTS53003: Access has been blocked by Conditional Access policies. The access policy does not allow token issuance.
Working on azure web app and it was working fine , suddenly i am getting below error MsalClaimsChallengeException: AADSTS53003: Access has been blocked by Conditional Access policies. The access policy does not allow token issuance. The same app is…
I can't see Resource Group.
I got a role but I can't see AI_SERVICE resource group. I tried to login again and clear cache and login again & tried with other browsers. But nothing worked. How can I solve this issue?
How to assign Azure Policy to a role or restrict user access to resource groups they did not create?
In our Azure subscription, each member has "Contributor" role at the subscription level. However, some people are creating high-cost resources, which we want to restrict. I found Azure Policy and denied the creation of those resources, but…
need to remove RBAC role when try to delete resource group before
In azure, i want to delete resource group. It is need to remove RBAC role that has been assignment to this resource group first? And then i can delete resource group. And it will release that RBAC role what has assignment on this resource group?
How to delete all Azure Active Directory or Microsoft Entra ID
Hello I`m newbie in microsoft administration so I got one test account related with my workplace and other accounts directly related with me. I dont need that account so to avoid a dead end I want to delete it. Could you delete my Azure Active Directory…
Can I assign Azure built in roles (RBAC) to security groups when setting up GDAP?
When setting up granular delegated admin privileges, as the partner, can I assign Azure built-in roles (RBAC) to our security groups, such as contributor roles, to enable my added users to work/manage with an Azure resource? or are we limited to only…