PTA Staged rollout Manage groups not available.

Maarten de Vreeze 1 Reputation point
2020-02-18T13:15:18.443+00:00

When we try to enable Azure Pass through Authenication - Staged rollout option. "Manage Groups" option is not getting enabled. Its greyed out.

Trying to setup Stage Rollout for PTA, using this manual: https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-staged-rollout

Works fine until step: Enable Staged Rollout, step 2. You can enable the feature, but the manage groups won't become clickable. For PasswordHash and Seamless-SSO this works.
I have seen this behaviour in multiple tenants.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,467 questions
0 comments

6 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marilee Turscak-MSFT 33,801 Reputation points Microsoft Employee
    2020-02-18T21:44:00.563+00:00

    It won't work if you don't have on-premises pass-through agents registered to the tenant. Can you make sure that these are registed? https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-pta-security-deep-dive

    Do you see an error when you enable it? Or does it turn on successfully with no error, but the manage groups is still unclickable?

    Make sure you try with a global admin account.

    If you can reproduce this issue please send me a screenshot or video to AzCommunity@microsoft.com and I will get someone from the product group involved.

    0 comments
  2. Maarten de Vreeze 1 Reputation point
    2020-02-19T10:22:26.52+00:00

    I have two servers which have the PTA-agent successfully installed. These servers also show up in the portal (Home -> Azure Active Directory -> Azure AD Connect -> Pass-Through Authentication.).

    I can enable / disable it without problems, it reports as successful, but Manage Groups is unclickable.
    My account is global admin account.

    I have sent additional information to the email address you mentioned.

    0 comments
  3. Maarten de Vreeze 1 Reputation point
    2020-02-19T10:26:01.16+00:00

    And there are more reports about this issue:

    And I have another AzureAD tenant, we have enabled PTA staged roll out about two months ago. At that moment I was able to select the groups for staged roll out. I have checked it again. Also in this tenant Manage Groups not available.

    0 comments
  4. Ruud S 1 Reputation point
    2020-02-19T14:57:43.067+00:00

    I also have the same problem.
    Agent registerd ok.
    PTA enabled OK
    Manage groups greyed out

    0 comments
  5. Maarten de Vreeze 1 Reputation point
    2020-02-21T12:04:01.19+00:00

    @MarileeTurscak Did you receive the information I have sent to azcommunity@microsoft.com?
    Do you need additional information? Do you have an update?

    0 comments