Management Groups Unavailable in Tenant: Limited Account Control and Organization
An issue has emerged in the tenant's account management system, as indicated by the error message: "Management Groups are not enabled in this tenant." Without this essential feature, managing and organizing resources within the tenant becomes a challenging task.
I since yesterday try to figure out how i can access the Group Management. I'm a "Global Administrator" and already granted to "Access management for Azure resources".
Going in Azure to Home > Management Groups > Overview: I see he infinity ring.
Going to Azure to Home > Management Groups > Settings: And hit "Permissions for creating new management groups"
I got the following Error:
The client 'my.name@my.domain' with object id xxxxxxx-9a74fedf03cd' does not have authorization to perform action 'Microsoft.Management/managementGroups/settings/...' over scope '/providers/Microsoft.Management/managementGrou...xxxxxxx-818ccaea25df/settings/default' or the scope is invalid. If access was recently granted, please refresh your credentials.
I hope someone can help me understand what the issue is and point me into the right direction. I found myself lost within the Azure Documentation. Everything I found was already capable of creating Management Groups.
$ az config set core.allow_broker=true
$ az account clear
$ az login
[
{
"cloudName": "AzureCloud",
"homeTenantId": "xxxxxxx-818ccaea25df",
"id": "xxxxxxx-1296f2bc0393",
"isDefault": true,
"managedByTenants": [],
"name": "projectA",
"state": "Enabled",
"tenantId": "xxxxxxx-818ccaea25df",
"user": {
"name": "my.name@my.domain",
"type": "user"
}
},
{
"cloudName": "AzureCloud",
"homeTenantId": "xxxxxxx-818ccaea25df",
"id": "xxxxxxx-3ba6acce9e01",
"isDefault": false,
"managedByTenants": [],
"name": "projectB",
"state": "Enabled",
"tenantId": "xxxxxxx-818ccaea25df",
"user": {
"name": "my.name@my.domain",
"type": "user"
}
},
{
"cloudName": "AzureCloud",
"homeTenantId": "xxxxxxx-818ccaea25df",
"id": "xxxxxxx-5cf5476a13f8",
"isDefault": false,
"managedByTenants": [],
"name": "projectC",
"state": "Enabled",
"tenantId": "xxxxxxx-818ccaea25df",
"user": {
"name": "my.name@my.domain",
"type": "user"
}
}
]
$ az account management-group list --no-register
(NotFound) Management Groups are not enabled in this tenant.
Code: NotFound
Message: Management Groups are not enabled in this tenant.