Azure Active Directory Access for Windows Admin Center not working

Bryan Powell 1 Reputation point
2021-03-02T18:04:56.437+00:00

We registered our locally hosted Windows Admin Center Gateway(Server 2019, Admin Center Version 2009/Build 1.2.2009.21002) without issue. We then flipped on the option to add "Use Azure Active Directory to add a layer of security to the gateway". All pertinent users have been assigned the application in Azure AD/Enterprise Apps. However, we are seeing 2 issues:

  1. Most users are not being prompted to sign into Azure AD. Some are, but it is not consistent as to who is or is not prompted. I am aware the Azure login is a supplemental prompt for access.
  2. For those prompted, when attempting to sign in, they are met with an error the app "...needs permission to access resources in your organization only an admin can grant." This also affects when attempting to sign in to Azure in the Windows Admin Center control panel. I double checked the settings and they looked correct, specifically
    Manual Azure AD app configuration.

On paper this configuration seems straightforward, but it is not working. Does anyone have any ideas on what I am missing?

Windows Server Management
Windows Server Management
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Management: The act or process of organizing, handling, directing or controlling something.
424 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,170 questions
{count} votes