Cannot add users to On Premise Azure Devops Server - azure

I'm using Microsoft On Premise Azure Devops Server for first time, i have created a project and i need to add users to our team on project but i can't and below image show: No identities found.
Please i want to know which users can be added and how to add it.
Thanks.

You can add users who are a member of your Azure Active Directory in Project/Team directly , the members format will be user#<AzureADprimarydomain> (ex: user#test.onmicrosoft.com) like below:
But to add external users you will have to invite them to your organization first and then add them in the project/team. You can go to organization settings >> users >> add new users >> provide the email-id >> add which project the user will be part of and also select the permission level of the user >> add .
References:
To know more about Azure Devops Server 2020 you can refer this
Microsoft Documentation
Add Users to Organization and Manage Access

Related

Connecting Azure AD mobilePhone attribute to SharePoint Online/Delve

I am running into an issue with having the user data for the mobilePhone attribute update and show up for our users' contact cards which run on the SPO/Delve platform. Does anyone know of a way to have the data sync?
To update Azure AD mobile phone attribute to SharePoint online, try making use of below steps:
Make sure to have the below modules installed before running the
PowerShell script
Azure Active Directory (AD) Module
SharePoint Online Module
MS Online Services Sign-in Assistant
Office365 CSOM package
The user must be a global admin on the SharePoint User Profile Application as well as a Service Admin on the Azure tenant.
To connect to PowerShell, make sure the user account must not be configured to MFA.
To get all users, make use of below query,
$AzureADUsers = Get-MSolUser -All
To overwrite existing values, make use of below query,
$overwriteExistingSPOUPAValue = "True"
To know how to do it in detail, please find below reference by Raymond Tishenko
Sync Mobile Phone from Azure Active Directory to SharePoint Online using PowerShell (tishenko.com).
After executing the script, you can see that values are successfully copied from Azure Active Directory to SharePoint.

Connecting Blazor Server App to Azure AD - Insufficient Permissions

I am trying to create a new Blazor server app and configure it to use a new Azure Active Directory that I recently created. I have found a couple tutorials online showing how to do this, including one from Microsoft, but I keep encountering an error that says "The user account doesn't have the required permissions to access the domain."
I read online that I needed to verify that my user account is assigned to the Global Administrator role, which I did and it is. I have tried to create 3 different active directories in Azure to see if it was a fluke, but I have received the same error message each time.
Any help that you are able to provide would be greatly appreciated.
Make sure that you have signed in to Visual Studio with an admin account of the domain (here it should be "thomasagarza#yahoo.com").
After adding the account, you can apply filter for it (select the domain it is an member in). Make sure you have added it as the guest of that domain and assign Global Admin role to it.
Then all the related domains will be listed when you create a new project with Work or School Accounts Authentication. Select the domain which "thomasagarza#yahoo.com" is the admin in and click on OK. Generally you won't be required to enter your credential again in this step.
Please note if you have a custom domain for your AAD tenant and have made it primary, the domain listed here will be the custom domain name. In this case, if you manually set the domain as the format "***.onmicrosoft.com", you will get the error you are facing.

TFS Project Collection Service Accounts

Set Service Hooks in TFS and create Azure Storage
I can't finish after setting:
Access denied: [XXX]\Project Collection Service Accounts requires the following usage rights on the StrongBox to perform this action: Create StrongBox Drawer
Maybe I need to have permissions?
Any idea how to solve this?
You need Edit subscriptions and View subscriptions permissions to set up a subscription.
By default, only project administrators have these permissions. To grant them to other users directly, you could also use tfssecurity.exe from the command line. For example:
tfssecurity /a+ /collection:https://dev.azure.com/fabrikam/DefaultCollection ServiceHooks PublisherSecurity/abcdef00-abcd-0000-0000-abcdef000000 ViewSubscriptions n:fabrikamfiber4#hotmail.com ALLOW
and
Copy
tfssecurity /a+ /collection:https://dev.azure.com/fabrikam/DefaultCollection ServiceHooks PublisherSecurity/abcdef00-abcd-0000-0000-abcdef000000 EditSubscriptions n:fabrikamfiber4#hotmail.com ALLOW
The GUID is the ID of the project. You can get it using the Projects REST API.
After this you should be able to create the service hook and save it.

How to restrict project admin only to create new repository, the master branch in azure devops

Also i need to know how to make project admin to get notification when a contributor makes a pull request in azure devops.
How to restrict project admin only to create new repository, the
master branch in azure devops
It's is not possible to modify any Permissions to Project Admin by default Project Admin has all the permissions (As the name indicates he/she will be the project admin)
You will see the below error when you tried to modify the permission
Also i need to know how to make project admin to get notification when
a contributor makes a pull request in azure devops.
ProjectSetting->Notification->New Subscription->Code(git)->A pull Request is created or updated
Under the Deliver to you have the options called
Members of xxx by role
Team Preference
Custom Email address
Members of xxx Team
SOAP
You can set this to a custom email address and point the project admin email address there.

Working with external developers on Azure project - how?

I am new to Azure. I am getting myself confused very fast. My company has a project on Azure. We are looking to grant access to our external developers so they can log into our account and build a product for us ( setup a VM with mysql dbs and build an application ).
The only options I see are to invite users from another Active Directory or users who are in my own Active Directory? Is there no option to simply create a sign in credential for a user with say " email at gmail dot com" ?
What am I missing? I have created a Resource group but still can't invite anyone of our external consultants in there.
You can invite any user to manage your resources or your subscription.
There are 3 conditions for it:
You have the right to add it to your Azure AD
you are the owner of the subscription
The 'Guest user' already has an Azure account or a Microsoft Account
Then you have to go to:
Resources/Subscriptions
Access Control
Select a role (i.e. Contributor)
Type in the Account/Email of your external team member
check the checkbox and send the invitation
If you want to create generic users you can go straight forward to your AD and create a user i.e. developer1#contoso.onmicrosoft.com and add this user to the resource/subscription. Don't forget to take note of the credentials you created
So you would use Azure RBAC for that. Just click on the Resource Group > Access Control > Add.
You could also consult this blogpost for best practises.
If you just need them to develop and access SQL or a web App, you can pass the publish profile and SQL connection string to them.
Also, you can setup continous integration for the web App or virtual machine and pass git or GitHub or whatever source control you are using and pass the URL for the project, then they will commit the source code and fire a new build

Resources