Share via

How to resolve "Unable to find target address" error during federation setup for Microsoft Entra ID as SP and Google Workspace Identity as IdP?

PGoyal 20 Reputation points
2024-03-30T19:00:30.66+00:00

Hello All,

We have a Google Workspace Account, where the id "abc.def@example.com" has super admin privileges.

I the bearer of the above email id example and role then went to https://signup.azure.com to open an Azure Account. There I was asked to sign in at login.microsoftonline.com, but since I didn't have a Microsoft account, I went ahead and sign up. The sign up was automatically done at login.live.com and then it went ahead and I got signed up at Azure.

Now, we want to use Microsoft Entra i.e. users in google workspace should be able to login to portal.azure.com via their google credentials. For this sso setup, we are referring here: https://learn.microsoft.com/en-us/education/windows/configure-aad-google-trust. As mentioned, we added our domain in https://entra.microsoft.com/ and also made it primary. While following the steps further, we are told to follow the commands in a powershell script which we did one command at a time. While executing the powershell command "New-MgDomainFederationConfiguration" we get in response "Unable to find target address". I dont know how to proceed ahead here.?

I also read up on the Internet that this is usually due to my microsoft account that i used to sign up at Azure is a live account and not work account. But how to get a work account at the same email id?

Microsoft Security Microsoft Entra Microsoft Entra ID
0 comments
Accepted answer
  1. Akshay-MSFT 17,951 Reputation points Microsoft Employee Moderator
    2024-04-01T09:33:41.4166667+00:00

    @PGoyal

    Thank you for posting your query on Microsoft Q&A, from above description I could understand that you are trying to getting "Unable to find target address" while trying to execute "New-MgDomainFederationConfiguration" .

    Please do correct me if this is not the ask by responding in the comments section:

    I am assuming this is due to the personal/live account you have been using to authenticate. As per New-MgDomainFederationConfiguration permissions Delegated (personal Microsoft account) is Not supported and this requires a work/school account.

    User's image

    Solution: Create a user within your Entra ID tenant and elevate it to global admin user and when prompted to authenticate to Microsoft Entra ID, use the credentials of this account as it would have Global Administrator role while running the PowerShell session script.

    Also make sure you are fulfilling the prerequisite 1:

    A Microsoft Entra tenant, with one or multiple custom DNS domains (that is, domains that aren't in the format *.onmicrosoft.com)

    Please "Accept the answer (Yes)" and "share your feedback ". This will help us and others in the community as well.

    Thanks,

    Akshay Kaushik

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.