Azure Lighthouse and CAF / ESLZ
Hi guys, i'm working for a MSP who is setting up customers based on the CAF/ Enterprise Scale Landing Zone concept. Therefore we are setting up some core subscriptions like a Management Sub, Connectivity Sub and so on. The workloads and services…
Lighthouse - Cannot manage eligible roles in managing tenant
Hi, I am trying to get eligible authorizations working via Lighthouse, but in the managing (service provider) tenant I am finding that the "manage eligible roles" button is greyed out under my customers. I have not created a lighthouse offer…
Azure Lighhouse - cannot see role assignments
Hello, I am viewing a Customer's resources using an Azure Lighthouse account, which has the Reader role assigned on all Customer's subscriptions. I have noticed that I am unable to see any Role Assignments on those subscriptions, or any underlying…
MSP Azure Lighthouse - cannot access Azure Policies deployed at Management Group Level
Hi, We're an MSP company that provides Azure services to other companies. We're using Azure Lighthouse to allow team members to access the client's Azure Subscriptions. Currently, we've ran into an issue that when Azure Policies are deployed at a…
Documentation on Lighthouse implementation
Customer is looking for Documentation regarding onboarding on Lighthouse (primarily they are looking for details on how it looks, before they push for marketplace). How can we re-deploy the scripts in case of upgrade, can we implement using…
Checking resource limits, quotas, and constraints using PowerShell
I am looking for a solution to check for resource limit quotas that have been reached in multiple subscriptions using Lighthouse. Has anyone found a way to accomplish this using PowerShell, Graph, or other methods? Essentially, I am looking for a way to…
How can I provision an AKS cluster via Lighthouse?
I have a customer who has delegated access to me to one of their resource groups. The delegation grants me Contributor and User Access Admin roles. The User Admin Access role has a list of other roles that I can grant, but none of these roles are allowed…
Customers not showing in Azure Lighthouse.
I have onboarded several clients to Azure Lighthouse and when looking at the client tenancy I can see our organisation as a service provider and that we have delegate 'Microsoft Sentinel Reader' Access. However I cannot see the clients from our…
Unable to see Azure Policy non-compliance reason through Lighthouse
Hello, I am trying to check the reason for non-compliance for an Azure policy. When I do this using a Lighthouse-delegated account, it's not possible. The following error comes up: Encountered an error while authorizing the client [me] with…
Monitor Azure AD B2C through Azure LightHouse delegate subscription not listing
We are trying to set up an integration of Azure AD B2C (a separate directory without a subscription) with a Log Analytics Workspace in another directory with a billable subscription following this documentation as reference. Whenever running the ARM…
Does anyone knows the GA date for the Eligible authorizations feature of Azure Lighthouse?
One of my customers is asking the question as they are considering onboarding lighthouse, however, they need the Eligible authorizations feature to delegate tenant management through Azure policy. They are concerned about the feature has been in preview…
Azure Lighthouse delegated subscription's resource AKS cluster access
I have onboarded the customer account to Azure Lighthouse and accessed all the Azure services (e.g. AKS cluster) of the delegated subscription but unable to access the cluster resources. The problem is the AKS cluster has roles and role bindings for…
Manage Azure Virtual Desktop Users via Azure Lighthouse
It is basically possible to manage Azure Virtual Desktop of customer tenants via Azure Lighthouse. BUT what isn't working now is to show the users pane. So if our Helpdesk wants to logoff one User, they need either to search the user on each…
Azure Lighthouse - Resource Locks
Hi, as documented in the current limitations section of Lighthouse, it's currently not possible to work with resource locks: https://learn.microsoft.com/en-us/azure/lighthouse/concepts/cross-tenant-management-experience#current-limitations …
Azure Lighthouse - Transparency of delegated AD group
Hi, i have a customer who want's to see which employees are part of the delegated Azure AD group in our management tenant. This is a requirement of the customer for compliance reasons. Is there any convinient way to achieve this? My…
Azure Lighthouse & Partner Centre
Hi , Just looking for a sanity check here. I am trying to rollout lighthouse in my environment and I already have my customers in the Microsoft Partner Centre but I cannot see them listed in Azure Lighthouse, are they not integrated ? Thanks
Which roles do I need for Virtual Machine management (Lighthouse)?
Hello, I created a Lighthouse offer with Reader, Virtual Machine Contributor as well as other related Contributor roles and Delete Offer roles (see below). After onboarding, when I attempt to create new Virtual Machine via the Provider tennant, I…
Azure Lighthouse: Do we need to deploy our own Active directory, LogAnalytics and Sentinel to manage those from customer environment?
Hello We are deploying a new Azure instance to activate the Azure Lighthouse solution only. The purpose is to manage our customer's Sentinel, Defender and LogAnalytics solutions. My question is, once the Lighthouse configured, do we have to…
Lighthouse with AAD Registered Application: AADSTS500113 No reply address
The Azure Lighthouse repo describes the ability to register the Managed Services resource provider in all the customer subscriptions from the partner environment. The Microsoft Lighthouse documentation points to this repo as one of the solutions for…
Support for Azure Lighthouse
Hi Will Azure Managed Grafana support Azure Lighthouse? Can I integrate customers I manage via Azure Lighthouse into Azure Managed Grafana? Thanks Stefan