Quantcast
Channel: Azure Active Directory forum
Viewing all 16000 articles
Browse latest View live

Service Principle Creation using java api fails

November 17, 2019, 8:36 pm
$
0
0

I am using MSICredentials to logina nd then create a service principle using java api.

                MSICredentials credentails = new MSICredentials(AzureEnvironment.AZURE);
                autheticated = Azure.configure().authenticate(credentails);

               

ServicePrincipal principle = null;
String password = generatePassword(MAX_PASSWORD_SIZE);
if(principle == null)
principle = autheticated.servicePrincipals().define(name).withNewApplication("https://infa-agent/" + name).definePasswordCredential(name).withPasswordValue(password).attach().create();

The above code is throwing below exception:

java.lang.IllegalArgumentException: Parameter this.client.tenantID() is required and cannot be null.
at com.microsoft.azure.management.graphrbac.implementation.ApplicationsInner.createWithServiceResponseAsync(ApplicationsInner.java:167)
at com.microsoft.azure.management.graphrbac.implementation.ApplicationsInner.createAsync(ApplicationsInner.java:150)
at com.microsoft.azure.management.graphrbac.implementation.ActiveDirectoryApplicationImpl.createResourceAsync(ActiveDirectoryApplicationImpl.java:63)
at com.microsoft.azure.management.resources.fluentcore.model.implementation.CreateUpdateTask.invokeAsync(CreateUpdateTask.java:57)
at com.microsoft.azure.management.resources.fluentcore.dag.TaskGroupEntry.invokeTaskAsync(TaskGroupEntry.java:112)
at com.microsoft.azure.management.resources.fluentcore.dag.TaskGroup$2.call(TaskGroup.java:395)
at com.microsoft.azure.management.resources.fluentcore.dag.TaskGroup$2.call(TaskGroup.java:381)
at rx.internal.operators.OnSubscribeDefer.call(OnSubscribeDefer.java:46)
at rx.internal.operators.OnSubscribeDefer.call(OnSubscribeDefer.java:35)
at rx.Observable.unsafeSubscribe(Observable.java:10327)
at rx.internal.operators.OperatorMerge$MergeSubscriber.onNext(OperatorMerge.java:248)
at rx.internal.operators.OperatorMerge$MergeSubscriber.onNext(OperatorMerge.java:148)
at rx.internal.operators.OnSubscribeFromIterable$IterableProducer.fastPath(OnSubscribeFromIterable.java:173)
at rx.internal.operators.OnSubscribeFromIterable$IterableProducer.request(OnSubscribeFromIterable.java:86)
at rx.Subscriber.setProducer(Subscriber.java:211)
at rx.internal.operators.OnSubscribeFromIterable.call(OnSubscribeFromIterable.java:63)
at rx.internal.operators.OnSubscribeFromIterable.call(OnSubscribeFromIterable.java:34)
at rx.internal.operators.OnSubscribeLift.call(OnSubscribeLift.java:48)
at rx.internal.operators.OnSubscribeLift.call(OnSubscribeLift.java:30)
at rx.Observable.unsafeSubscribe(Observable.java:10327)
at rx.internal.operators.OnSubscribeDefer.call(OnSubscribeDefer.java:51)
at rx.internal.operators.OnSubscribeDefer.call(OnSubscribeDefer.java:35)
at rx.Observable.unsafeSubscribe(Observable.java:10327)
at rx.internal.operators.DeferredScalarSubscriber.subscribeTo(DeferredScalarSubscriber.java:153)
at rx.internal.operators.OnSubscribeTakeLastOne.call(OnSubscribeTakeLastOne.java:32)
at rx.internal.operators.OnSubscribeTakeLastOne.call(OnSubscribeTakeLastOne.java:22)
at rx.internal.operators.OnSubscribeLift.call(OnSubscribeLift.java:48)
at rx.internal.operators.OnSubscribeLift.call(OnSubscribeLift.java:30)
at rx.Observable.unsafeSubscribe(Observable.java:10327)
at rx.internal.operators.OnSubscribeMap.call(OnSubscribeMap.java:48)
at rx.internal.operators.OnSubscribeMap.call(OnSubscribeMap.java:33)
at rx.internal.operators.OnSubscribeLift.call(OnSubscribeLift.java:48)
at rx.internal.operators.OnSubscribeLift.call(OnSubscribeLift.java:30)
at rx.Observable.subscribe(Observable.java:10423)
at rx.Observable.subscribe(Observable.java:10390)
at rx.observables.BlockingObservable.blockForSingle(BlockingObservable.java:443)

Search

Changes in MFA & Azure Audit logs

November 18, 2019, 4:07 am
$
0
0

Hello,

Do you know if changes in MFA generate unique log event in audit logs?

Example:

User A disables the MFA from user B

User A disables MFA for the group C users etc.

The Use case would security surveillance. (SIEM/SOC)

Br,

Darren


Azure AD indentity certificate sharing with other apps in iPhone

November 18, 2019, 8:46 am
$
0
0

Hello,

I have configured Cisco AnyConnect with Azure AD as a SAML IdP and I want to use the conditional access - device compliance to restrict access to the VPN.

However I have encountered a small problem: Anyconnect uses integrated browser and by default it can't see the system certificates and use them in the device identification. Because of that Azure AD can't see device identifier (identity certificate)[ https://i.imgur.com/87DYqO5.png ].  Certificates must be imported into anyconnect manually or by MDM, URI, SCEP. On Android it can be done easily by enabling browser access in a company portal [https://i.imgur.com/6RC2Uc0.jpg],  however iPhone doesn't have such an option.

Is there a way to share (use different) Azure AD identity certificate with Anyconnect on iPhone? and use it for IdP and conditional access?

Intune can deploy the VPN profile to the client devices. VPN profile can define the certificate, which can be used for authentication. But I didn't found the way to define azure AD issued certificate, only custom.

Log on times don't match between Active Directory, Azure & Exchange

November 18, 2019, 11:29 am
$
0
0
When I run Active Directory reports for Audits, I am showing a bunch of users that have not logged on in over 45 days which requires them to be disabled. When I check these same users against Azure and Exchange reports,they have logged into these services within the 45 days which means that they are still active. How can I get these logins to sync between AD/Azure/Exchange without having to run three different reports and compare them?

Azure sync with office 365 online exchange

November 13, 2019, 5:31 am
$
0
0
Hello everybody, Me and my team are about to launch our CRM to the cloud and want to make it so that users can use their local computer passwords to sign in to it, but also to make it that they can do the same for their office 365 accounts. However they already have separate accounts for office made so when they sign in they use a different password. In AD users and computers they have an email set in the email box, if we sync their passwords over will they just link to their current accounts or will it create duplicates of the accounts without the current mailboxes. We need their mailboxes to sync with their passwords to make it easier. I'm asking for help because I have more experience with Server and not Azure, Thank you!!

SAML 2 error message

November 12, 2019, 12:45 pm
$
0
0

Hello,

I am hoping you can help me with this minor configuration error on my side. I am trying to demo how customers can set up SSO using SAP Cloud Platform Single Sign on and Microsoft Azure. And I have a Very nice article from your team, how this can be achieved: https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/sap-hana-cloud-platform-identity-authentication-tutorial

I could sign in using Application URL using my email address: a**t*.*a*r@sap.com successfully, however when I try to use amithnair7@gmail.com I have an issue where it says ‘Calling of URL https://my3***72s4hana.ondemand.com was terminated during SAML2 processing’

Also, while I am 'testing the application' I get a configuration error for the application that is hosted in SAP Cloud Platform. So, I know, this is a problem that is encountered for my gmail id. And Yes, I have the user for Gmail already created in my application.

To summarize, I can successfully SSO using my corporate domain, however, when using my gmail account, I get SAML2 error. 



Different roles in Azure AD return different claims

November 20, 2019, 8:57 am
$
0
0

Hi,

While configuring federated SSO between our Web APP and the customers Azure AD we encounter the following problem:

Two roles are configured in Azure AD for our APP. Both should return a specific value dictated by us in the SAML group claim. However, the claim itself is only returned by one role and not the other.

Both roles are configured similarly. We can't figure out what causes this behaviour. Is there any way to find out what might cause this behaviour?

regards,

John

User Sync Error in Azure AD Sync

November 20, 2019, 9:25 am
$
0
0

Receiving an error that I can't seem to resolve with AD Sync to Azure:

So far just  having this on one user, 9 others I have moved over are fine with no issues.

Unable to update this object because the following attributes associated with this object have values that may already be associated with another object in your local directory services: [ProxyAddresses SMTP:XXXXXX@domain.com;].  Correct or remove the duplicate values in your local directory.  Please refer to http://support.microsoft.com/kb/2647098 for more information on identifying objects with duplicate attribute values.

Tracking Id: a229bfad-f214-4e42-8da7-3e9afd43cab8
ExtraErrorDetails:
[{"Key":"ObjectId","Value":["043cea12-xxxxxxxxxxxxxxxxxxxx"]},{"Key":"ObjectIdInConflict","Value":["68c45e05-xxxxxxxxxxxxxxxxxxxx"]},{"Key":"AttributeConflictName","Value":["ProxyAddresses"]},{"Key":"AttributeConflictValues","Value":["SMTP:XXXXXX@domain.com"]}]

I have run IDfix, other duplicate property checking and I can't find any duplication on this.

I also can't see any difference between that user and others that work fine.

Thanks

Chris

Search

How to use the Azure AD Graph API and Microsoft Graph API to update MailboxSettings

November 19, 2019, 2:47 am
$
0
0

Hi all,

Lets start with my 'end goal'

#End goal

My goal is to use the Azure Active Directory app to read and write SMIME certificates to Azure Active Directory so that all users withing the company can use the certificate in Outlook or Exchange Online.

I don't know for sure if that is possible so that is why I started with 'Getting access to MailboxSettings'. Even that seem to be a bridge to far with the current documentation.

#8 mile road

The documentation is absolute crap. Not really Microsoft standards. I am writing a piece of code to update MailboxSettings by using the Microsoft Graph API. At least that was the plan.

I created an App in Azure, added all the "application permissions" that I could possible think off. Granted permission by Administrator within the Azure Active Directory dashboard.

Step 1) Getting the access_token by following the client_credentials flow. So far so good. I can access my profile and from other users within the Azure Active Directory.

Step 2)..............#fatal_error. I found 3 references to MailboxSettings. In Office365 API, ExchangeOnline API and Microsoft Graph API............Okeeeeeeeeeeeee. That makes things a whole lot clearer......#nope

A) There is no explanation at all that you actually need an Office365 subscription to even use the API.

B) There is no explanation when and how MailboxSettings are accessible. I discovered that You need to add Office365 subscription to a user to enable Mail.Office365.com access. Then it takes a while before you can even access the account through the API. No explanation whatsoever!

C) So, now finally I can access the account through the Office365 API. After discovering that you need to request an access_token by changing the scope to "https://outlook.office365.com/.default" or "https://outlook.office.com/.default".

The image below tells me 'Mail is not part of'

At this moment I am out of options. Can someone point me in the right direction? To be specific:

1) What endpoint do I need

2) What scope is used for what endpoint and/or settings

3) Where can I find specifics about which direction Microsoft is actually heading? At some pages I read 'Microsoft Graph API' will be the main entry point but then I want access specific data and you get a message "Sorry not supported yet, go to <other api>'.

4) What resources are accessible with what subscriptions? There is absolutely NOTHING documented about this.

5) https://docs.microsoft.com/en-us/graph/api/message-get?view=graph-rest-1.0&tabs=http The only actual usefull way of documenting API's. However, its limited to "ME" and there is no endpoint for 'MailboxSettings'. The 'beta' API does have this option. https://docs.microsoft.com/en-us/graph/api/user-get-mailboxsettings?view=graph-rest-beta&tabs=http Hoever, there is no explanation in requirement, subscriptions, whether or not Outlook.com users, Live.com user or only Office365.com users are able to be updated. How can I access this?

6) Eventhough my app has: 


User.Read.All
Application
Read all users' full profiles
Yes

And I request an access_token by using the "client_credentials" flow with scope set to https://graph.microsoft.com/.default. I can not list the users. I get the message:

https://graph.microsoft.com/beta/users/

{
  "error": {
    "code""Authorization_RequestDenied",
    "message""Insufficient privileges to complete the operation.",
    "innerError": {
      "request-id""e8919e38-95f6-4ecf-8340-5f2e7c611572",
      "date""2019-11-19T10:44:13"
    }
  }

}

#The End

Hopefully you can help me with these issues! I am writing code in C++ and I use Postman to validate my calls before implementation.



After getting auth token for SharePoint online get HTTP 401 with it

October 15, 2019, 2:15 pm
$
0
0
Hello,

I am developing native app: C++ with HTTP so please don't suggest .NET or JavaScript libraries :) The app should access SharePoint Online. I used to use X-Forms-Auth and "FedAuth" cookie but now need to migrate to OAuth.

1) I have registered the app in azure portal (got secret, marked redirect URI, added read/write permissions for SharePoint)

2) Then I perform OAuth flow by opening browser with

https://login.microsoftonline.com/common/oauth2/authorize
 ?client_id=<CODE FROM AZURE PORTAL>
 &response_type=code
 &redirect_uri=https://login.microsoftonline.com/common/oauth2/nativeclient
 &resource=https://testorg.sharepoint.com/

it redirects to my redirect URI and I parse out the code, as expected. Then I do

POST https://login.microsoftonline.com/b51447fd-f997-4080-bf24-833070bc14bd/oauth2/token
client_id=<CODE FROM AZURE PORTAL>
&client_secret=<SECRET FROM AZURE PORTAL>
&grant_type=authorization_code
&redirect_uri=https://login.microsoftonline.com/common/oauth2/nativeclient
&resource=https://testorg.sharepoint.com/
&response_mode=form_post
&code=<CODE FROM PREVIOUS STEP>

this also returns the expected JSON from where I get "access_token".

3) Later I call any SharePoint/WebDav API on https://testorg.sharepoint.com with the obtained token in auth header (Authorization:Bearer <TOKEN>) but get 401. However, all works fine when I follow X-Forms-Auth.

Can anyone help me here please?

Azure AD with Azure SQL Database (Best Security approach in Connection String)

November 20, 2019, 12:39 pm
$
0
0

Hi,

In Azure SQL Database (Single Instance) what is the best approach for connecting to a Database ?

I want to maintain a connection string with Azure SQL DB without exposing the credentials. i.e. 

Not using SQL authentication, wherein we provide username and password for logins and are only valid in the context of a specific database within the server

Need to use Azure AD authentication, use identities managed by Azure AD.

However I'm able to implement this (https://docs.microsoft.com/en-in/azure/sql-database/active-directory-interactive-connect-azure-sql-db) where we connect with Azure AD credentials.

But I need to maintain a connection string which is always active if I give Azure AD credentials in connection string it will get disconnected as Azure Session token might expire at some point of time.

Any Suggestion here how to achieve this maintain Azure SQL connection without exposing Azure AD credentials ? 

(https://docs.microsoft.com/en-us/azure/sql-database/sql-database-security-tutorial#secure-connection-strings)

Deleteing Tenant - Registered Apps

February 8, 2019, 2:58 am
$
0
0

Hi there,

for various reasons, I'm trying to delete my Azure AD lab tenant, however, two items are blocking the list and stopping me from deleteing the tenant. 

One is the registered apps. I've deleted all registered apps and the view is empty, but azure still seems to have an app somewhere that doesn't show up on the view.

The second is the subscription. I've cancelled that subscription and have no other license-based subscriptions, yet the item isn't cleared.

How can I check if there's still a registered app somewhere, blocking this item from being cleared. And how do I properly remove the subscription to clear the second item so I can delete the tenant?

Thanks,

Fred  

Can we install AAD Connect agent on another server?

November 20, 2019, 3:08 pm
$
0
0

Hi Experts,

Im trying to research and confirm this but I cant seem to find a solid answer so I am raising this dumb question here.  I wonder when I saw this recommendation from Azure AD.  Can we install AAD Connect agent on another server (additional install)?  Can you also share a guide on how to do this properly or we just have to mirror the settings we had on the existing AAD Connect agent installed?  Please advise.

Thank you so much!!

Logbi

Conditional Access Policy and O365 Exchange Online Problem

November 20, 2019, 3:49 pm
$
0
0

Hi All,

We have been breaking or brain with the following problem creating Conditional Access Policies to do the following:

  1. Our mail is currently hosted on Office 365
  2. We have Hybrid joined all our internal systems to Azure AD
  3. The problem is with our BYOD Mobile clients:
    1. We currently use VMWare Airwatch and Boxer to allow controlled access to email through this partitioned workspace
    2. While our goal is to strictly allow email to only be accessed to AAD joined inhouse systems and Airwatch Boxer clients, users are still able to use the iOS native client and Outlook mobile client to access email
    3. Everything we have done to remove access to the Outlook mobile and iOS clients results in loss of connectivity through the Boxer app as well.
While I know the ultimate solution would be to force Intuneenrollments and use a controlled deployment of the Outlook client and config with that, this is not an option for the next year (company just signed a 1 year contract). Any help greatly appreciated!

Thanks! Dan

How to enforce app registration uri when securing Azure Functions with OAuth

November 19, 2019, 7:32 am
$
0
0

Hey --

I have deployed an Azure Function in an Function App and change the authentication to be OAuth using a custom App Registration so access is secure using Oauth instead of function keys. This is fine. I have then defined an App Registration (my_backend_app) that I've set as a prerequisite on the Function App under Authentication (using the Express config option). Lastly I've created an App Registration for the accessing client app (my_client_app) and created a client_secret for that App Registration. The client app uses the client_credentials flow to obtain an access token which I then supplied as a Bearer token when accessing the secured function. I supply the Application URI of my_backend_app in the scope parameter (<app uri>/.default) when requesting the access token to ensure the access token is valid for the app set to secure the Function App.

Now to my issue...

The issue is that I do not need to create any link between the backend app (my_backend_app) and the client app (my_client_app) in Azure AD or Azure Functions in order for me to request an access token with the aud-claim set to the Application URI of my_backend_app. This means I can request an access token for my_backend_app even though I haven't explicitly been granted access to that app i.e. there is no link between the app registrations.

I would think that it should be a requirement as the Application URI is then simply another client secret if you would.

Comments very welcome. Thanks!

Search

How to hook up existing application to Azure AD B2C?

November 19, 2019, 2:48 am
$
0
0

Dear all, 

My current task is to "hook up" an existing application to Azure AD B2C. Before they can access the actual application, users should be able to sign up / sign in, change password, etc using Azure B2C. This is somehow a test to check if it would be possible to add AAD B2C (and custom sign up pages) to other existing projects.

I tried to use the connected services wizard provided in VS 2019 (Enterprise v. 16.3.9) to add AAD B2C. The application itself is an MVC Web application using NET 4.8.

I followed the instructions provided by the wizard. As ClientID, I used my test application's ID created in Azure under 'Azure AD B2C - Applications'. As for the domain name, I used [domainName].onmicrosoft.com. When prompted, I added the secret set for my test application created in Azure AD B2C - Applications. Upon finishing the wizard I got the following error message

Azure application reply URL: https://localhost:44347/Adding Azure application user-delegated permission to enable sign-on and read user's profiles.Adding Azure application user-delegated permission to read directory data.Error:Unable to add or update Azure AD application https://[domainName]/[applicationName]: Updates to converged applications are not allowed in this version.Error:Adding Azure AD Authentication to the project failed: Unable to add or update Azure application.


I came across this post here in the forum describing a similar issue, but given that fact that the post dates back a few years and that there was no definitive answer, I figured that things might have changed and it might give it a shot. It would be grand if somebody could

  • explain the errors and how to resolve them
  • provide a solution how to go about adding an AAD B2C login to existing projects, preferably without dismantling the existing code and/or adding classes. 

Thanks a mil in advance for your help. Please do get in touch, if you require additional information.


Users and Groups for Application

November 20, 2019, 7:32 pm
$
0
0

I am attempting to directly assign users my application in Azure (portal.azure.com). All the tutorials state that I need to select the application in the "Enterprise Applications" section, open the application details screen and then select "Users and Groups". The problem I am facing is that I do not see a Users and Groups items in the nav section of the page. 

Am I not set up correctly? Has it moved? Does my account need to be upgraded?

Thanks

User app data

November 20, 2019, 9:01 pm
$
0
0
Can Azure AD save user app data and program data normally stored in local PC?

AD Connect health agent registration failed after installation

April 16, 2018, 6:48 pm
$
0
0

After this installation of Azure AD Connect on a Windows Server 2012 R2 machine, the AD Connect health agent doesn't register. The services on the machine stay disabled and not started. I've read that I need to run the Powershell command: 

Register-AzureADConnectHealthSyncAgent -AttributeFiltering:$false -StagingMode:$false

However, this doesn't work as it comes back with "Configuration failed"

2018-04-17 01:40:54.893 Aquiring Monitoring Service certificate using tenant.cert


Configuration Failed

To retry configuration, type:
Register-AzureADConnectHealthSyncAgent

Monitoring will not start until configuration is successful.

To review installation steps and requirements, please visit:
http://go.microsoft.com/fwlink/?LinkID=518643

Detailed log file created in temporary directory:
C:\Users\admin.inova\AppData\Local\Temp\AdHealthAadSyncAgentConfiguration.2018-04-16_19-40-21.log

Register-AzureADConnectHealthSyncAgent : Failed configuring Monitoring Service using command: C:\Program
Files\Microsoft Azure AD Connect Health Sync
Agent\Monitor\Microsoft.Identity.Health.AadSync.MonitoringAgent.Startup.exe sourcePath="C:\Program Files\Microsoft
Azure AD Connect Health Sync Agent\tenant.cert" version="1.1.751.0"
At line:1 char:1+ Register-AzureADConnectHealthSyncAgent -AttributeFiltering:$false -St ...+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo          : NotSpecified: (:) [Register-AzureADConnectHealthSyncAgent], InvalidOperationException+ FullyQualifiedErrorId : System.InvalidOperationException,Microsoft.Identity.AadConnect.Health.AadSync.PowerShell
   .ConfigurationModule.RegisterAzureAdConnectHealthSyncAgent

There is no Proxy server used, which can be seen in the log files too:

2018-04-17 01:40:21.175 User Context outbound connections to https://management.azure.com/providers/Microsoft.ADHybridHealthService/ will use proxy address https://management.azure.com/providers/Microsoft.ADHybridHealthService/ (if equal, no proxy is used)
2018-04-17 01:40:21.175 Service Context: Outbound connections to https://management.azure.com/providers/Microsoft.ADHybridHealthService/ will use proxy address https://management.azure.com/providers/Microsoft.ADHybridHealthService/ (if equal, no proxy is used)

So, when I try to run the test-azureadconnecthealthconnectivity, I get the following:

PS C:\Windows\system32> Test-AzureADConnectHealthConnectivity -Role Sync
Test-AzureADConnectHealthConnectivity's execution in details are as follows:
Starting Test-AzureADConnectHealthConnectivity ...

Connectivity Test Step 1 of 3: Testing dependent service endpoints begins ...
AAD CDN connectivity is skipped.
Connecting to endpoint https://login.microsoftonline.com
Endpoint validation for https://login.microsoftonline.com is Successful.
Connecting to endpoint https://login.windows.net
Unhandled exception occurred: The operation has timed out
Connecting to endpoint https://policykeyservice.dc.ad.msft.net/clientregistrationmanager.svc
Endpoint validation for https://policykeyservice.dc.ad.msft.net/clientregistrationmanager.svc is Successful.
Connecting to endpoint https://policykeyservice.dc.ad.msft.net/policymanager.svc
Endpoint validation for https://policykeyservice.dc.ad.msft.net/policymanager.svc is Successful.
Connectivity Test Step 1 of 3 - Failed to connect some service endpoints, please investigate.

Connectivity Test Step 2 of 3 - Blob data upload procedure begins ...
Unhandled exception occurred: System.Security.Cryptography.CryptographicException: The parameter is incorrect.

   at System.Security.Cryptography.ProtectedData.Unprotect(Byte[] encryptedData, Byte[] optionalEntropy, DataProtectionS
cope scope)
   at Microsoft.Identity.Health.Common.Clients.PowerShell.ConfigurationModule.TestAzureADConnectHealthConnectivity.LoadI
dentityInfo()
   at Microsoft.Identity.Health.Common.Clients.PowerShell.ConfigurationModule.TestAzureADConnectHealthConnectivity.TestI
nsightServiceDataUploadProcedure()
   at Microsoft.Identity.Health.Common.Clients.PowerShell.ConfigurationModule.TestAzureADConnectHealthConnectivity.Proce
ssRecord()

I've used the same account with the registration command as I used with installation of the Azure AD Connect software, of which the sync is running without problems.

There is MFA enabled on that account, but I do not see an issue there.

Hope somebody can assist.

Enable EmailVerified Users

November 21, 2019, 3:33 am
$
0
0

Hello,

I am trying to setup an account on Microsoft (To join an IT Community) but I am getting the following error

We cannot create a self-service Azure AD account for you because abc.com has disabled self-service account sign-up by email validation. Ask abc.com's admin to enable EmailVerified users or create an account for you.

Can any one tell me how can I enable this EmailVerifed User option? Is it to be done through CPanel? If not then from where?

Any help would be appreciated. TIA.

Regards,

Huzaifa Juzer

Viewing all 16000 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>