Hello,
I try to create a create a new B2C directory and it gives me the following error.
I've tried several times, without success. Is there something I'm doing wrong?
https://portal.azure.com/Error/ClientTimeout/?src=PageLoadTimeout
Best regards,
Cornel
Hi All,
Is there someone who can explain / help with one issue which I am facing please?
We had set up Azure AD Connect around year ago. Before that DirSync was in use.
There is a general problem with auto - upgrade on Azure AD Connect.
We used Set-ADSyncAutoUpgrade Enabled which allow us to change the status from Suspended to Enabled.
for some reason Auto-Upgrade is still not working.
I have noticed that in configuration we are do not using MSOL account. OLD DIR sync account is still in use. Is this could be the issue why we have a problem with auto-upgrade and we cannot to upgrade Azure AD Connect to the newest version ?
Microsoft Azure AD Connect version 1.1.533.0
Waiting for any ideas,
Thanks in advance.
Hi there,
we have set up Azure AD Sync with Pass Hash Sync on friday. Due to windows updates we had to restart the server today.
Now it is not syncing anymore because of permission problems:
Password hash synchronization failed for domain: horvath.de. Details:
Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsException: RPC Error 8453 : Replication access was denied. There was an error calling _IDL_DRSGetNCChanges.
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsRpcConnection.OnGetChanges(ReplicationState syncState)
at Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsConnection.GetChanges(ReplicationState replicationState)
at Microsoft.Online.PasswordSynchronization.RetryUtility.ExecuteWithRetry[T](Func`1 operation, Func`1 shouldAbort, RetryPolicyHandler retryPolicy)
at Microsoft.Online.PasswordSynchronization.DeltaSynchronizationTask.SynchronizeCredentialsToCloud()
at Microsoft.Online.PasswordSynchronization.PasswordSynchronizationTask.SynchronizeSecrets()
at Microsoft.Online.PasswordSynchronization.SynchronizationExecutionContext.SynchronizeDomain()
at Microsoft.Online.PasswordSynchronization.SynchronizationManager.SynchronizeDomain(SynchronizationExecutionContext syncExecutionContext)
.
I found this article:
https://social.technet.microsoft.com/wiki/contents/articles/51110.azure-ad-sync-troubleshooting-error-611-replication-access-was-denied-password-synchronisation-failed.aspx
But it's not clear where it needs those permissions. When installing the azure client we've let Azure AD client to manage the service user for syncing. So the entries were set by the program.
It has these rights on "root" but not on all OUs.
Can anyone please advise?
<h3>Regards Stephan</h3>
I have a Windows 7 64bit workstation and I am trying to install AAD PowerShell module.
I have a PowerShell window opened with elevated privileges and I ran the following command: Install-Module -Name AzureAD
I get the following errors. Help!
WARNING: Unable to download from URI 'https://oneget.org/nuget-2.8.5.208.package.swidtag' to ''.Hi,
I'm using OpenID Connect with Azure AD. I have an app on apps.dev.microsoft.com and things are working. Now I'm trying to add the verified_primary_email optional claim. Usually "upn" is the user's e-mail address, but sometimes it's not, for customers with various ADFS setups, so I'm trying to get the email attribute.
When I edit the manifest, add an "optionalClaims" property to the body, and save, I get an error message:
The request body contains unexpected characters/content for the specified content type and encoding.
Here's the block I'm trying to add to the manifest:
"optionalClaims": {"idToken": [
{"name": "given_name","essential": false
},
{"name": "family_name","essential": false
},
{"name": "verified_primary_email","essential": false
}
]
}I've also tried simpler variations. For example, this no-op block gives the same error message:
"optionalClaims": {}This one gives a slightly different error ("One or more property values specified are invalid"):
"optionalClaims": null
Can I get a hint as to how to add optionalClaims to the manifest?
Mike
Hello Expert,
I have a current set up which is AD FS, WAP and O365. AD FS, is also used for On-premise applications.
I want to confirm if I can replace the WAP piece with Azure AD App proxy?
Can the SSPR be programmed to reset user password if the security questions are configured? If so, I need the snippet of the code to do it. I am aware the admin can reset it but am looking at more for the user to do it themselves. We are trying to work out a POC for password reset via BOT framework. Any ideas on how this can be done? Right now, we have a AD environment running up in Azure with a few users configured. I would like to validate the questions and answers and reset the password and send it back to the user.
Hi,
I have added an application and SSO is working. I can only specify permissions for individual users and not groups. If i add a group it is set as an object type of Group, and role assigned is User. How do i add a group?
Thanks
Shane
Hello All,
Go to sign up page of b2c(local account user) Input valid email address click on send verification code feed valid verification code after verification success no acknowledgement message is dispalyed saying that code is validated can we provide acknowledge message for this scenario using default policy or using custom policy or any other way?
Azure AD has Source property. The Graph API return user profile which does not has Source.
How can I access this property in code?
Sorry! You do not have access to this page.
Why i can't access this page even though I have global administrator permission? Do I need to add other permissions somewhere?
We have 2 Azure B2C tenants, which we're currently using more like B2B tenants. My issue is that since the removal of the old Admin Portal, I cannot add external accounts (I was able to do so under the old portal very easily). I'm aware I need to invite guest, but I get a generic error of Unable to Invite User when trying to invite an external user. I believe this is due to a setting issue for Guest Inviting, however I cannot access the User Settings page to change the Guest Invite permissions. I get a very basic error: Sorry! You do not have access to this page.
My user account is a global admin for the tenant. Yet I cannot determine what I need to do to gain access to this page. Is anyone able to provide some assistance with this issue?
Hi
I am setting up a new 2016 server and attempting to use Azure AD Connect to simplify the sign in process for users. When following the wizard I was strongly recommended to use the CUSTOM option because i don't have a routable domain.
I can successfully log into the web portal with the same credentials but get the message Unable to Validate Credentials. An unexpected error has occurred.
I am not currently using a proxy so haven't altered machine.config but it did test correctly when I attempted to verify the proxy using PowerShell as described.
Any suggestions?
Thanks in advance
Hello,
ADFS servers in my current workplace was configured outside of ADconnect but we are now trying to move to PTA. i have read the procedure from the link below
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-pass-through-authentication-faq
It explains that i have to convert the domain from federated to managed but did not specify the exactly command.
has anyone migrated recently to please share which command they ran on ADFS server to change from federated to managed?
I have a group LogViewers and I added this group to Reader, Log Analytics Reader and Monitoring Reader groups in AppInsights. I need members of the group to be able to search in AppInsights logs. But whatever I do I get:
>>No permissions to run this query
And this is frustrating. So what permissions should be given to that group?
Is it possible to change the url of azure subscription? if so what is the approach and steps.
please let me know.
Hello all.
I'm trying AAD and want to add my domain name. I wrote my domain and added DNS records. But Azure cant't verify my domain name.
I replaced origin domain resistrator service to Azure DNS Zone and added records.
I check DNS records with Dig and found needed records.
But I have error on verification domain name in AAD.
Level of Subscription - Free trial.
Dear Team,
We have been trying to verify our domain name in AAD and have the correct MX record etc in the system but it still will not verify.
we have our dns with azure
Here is the record being verify:
here are the result:
Thanks!
Grant -604-218-8464