New-AzureADServicePrincipal : Error occurred while executing NewServicePrincipal

Wayne Bartkowski 656 Reputation points
2023-01-25T00:17:13.7433333+00:00

I am following the steps to Install Export to Azure Data Lake add-in at [https://learn.microsoft.com/en-us/dynamics365/fin-ops-core/dev-itpro/data-entities/configure-export-data-lake as POC.

I have an azure environment where I am the Global Administrator.

When I get to the step to add the app id - New-AzureADServicePrincipal –AppId '0cdb527f-a8d1-4bf8-9436-b352c68682b2' - I get this error

New-AzureADServicePrincipal : Error occurred while executing NewServicePrincipal 
Code: Authentication_Unauthorized
Message: User was not found.
RequestId: 10640b56-b6b5-45ce-b8c9-6629cceef73f
DateTimeStamp: Wed, 25 Jan 2023 00:04:20 GMT
HttpStatusCode: Forbidden
HttpStatusDescription: Forbidden
HttpResponseStatus: Completed
At line:1 char:1
+ New-AzureADServicePrincipal –AppId '0cdb527f-a8d1-4bf8-9436-b352c6868 ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [New-AzureADServicePrincipal], ApiException
    + FullyQualifiedErrorId : Microsoft.Open.AzureAD16.Client.ApiException,Microsoft.Open.AzureAD16.PowerShell.NewServicePrincipal

Not sure why this would occur as I am global administrator.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,665 questions
0 comments
Accepted answer
  1. Marilee Turscak-MSFT 34,311 Reputation points Microsoft Employee
    2023-02-01T22:58:48.8966667+00:00

    Hi Wayne Bartkowski ,

    I understand that you are seeing the "User was not found." error when running New-AzureADServicePrincipal even though you are running the command with a global administrator account. There are a few reasons why this might be happening so here are some things to check:

    1. When you run Connect-AzureAD make sure that the successful confirmation displays and that the correct tenant and account are listed.
    2. After you have connected, you can validate the connection by running Get-AzureADDomain . If you are connected to the correct domain where you have admin privileges, information about the domain will be displayed. Otherwise you will encounter the same "User was not found" error.
    3. If you receive the error when running Get-AzureADDomain, you need to run Connect-AzureAD again and make sure that the correct tenant ID is specified in the command. It's common for people to copy the tenant ID that is displayed when using Connect-AzureAd , but you need to make sure that the command is referencing the correct tenant under Azure Portal > Azure Active Directory > Overview > Tenant Id : PS C:\windows\system32> Connect-AzureAD -TenantId

    Since these steps are not explicitly mentioned in the document you linked, it sounds plausible that the account is not connected to the correct tenant.

    If you try these steps and still face the same error though, let me know and I can help troubleshoot and open a support case if needed.

    _

    If the information helped you, please Accept the answer. This will help us as well as others in the community who might be researching similar issues.

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Carlos Solís Salazar 16,696 Reputation points MVP
    2023-01-25T09:47:34.8233333+00:00

    Thank you for asking this question on the Microsoft Q&A Platform.

    Please be sure that when you execute Connect-AzureAD you are login in as the Global Administrator.

    Hope this helps!

    Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.

    NOTE: To answer you as quickly as possible, please mention me in your reply.