In my Azure Management portal (manage.windowsazure.com)
I can create Active Directory Namespaces - e.g. "MyGreatAD"
these are in "accesscontrol.windows.net"
If I want to use graph.windows.net to Add Users, Add Groups, Query groups etc.
Do I have to create a ServicePrincipal using PowerShell commands (MSolServicePrincipal) ???
using an onmicrosoft.com account ? how does that Office365 account, give me graph access to my Azure Namespace ?
I am also confused about my tenantDomainName and the relationship "accounts.accesscontrol.windows.net" plays to the other 3 domains already in play
I created a Service Identity in the Azure portal - What relationship does that play to the Service Principal if any - e.g. is this GUI replacing the powershell command ? or not ?
Can I use the identity to gain access (somehow??) with out the principal ?
Confused
- Mark Jones
Mark Jones - Envision IT http://www.envisionit.com/