We have our azure services built like this :
Company 1
Tenant 1
Subscription 1
Azure dev-opps 1 ( Projects, Builds, Release's, Source Control History )
Azure active directory 1 ( user#company1.com (same username as bellow) )
Company 2
Tenant 2
Subscription 2
Azure services 2 ( Virtual Machines, VPN's, Database's, Apps, etc )
Office 365 2
Azure active directory 2 ( user#company2.com (same username as above) )
So, we want to delete Tenant 1 and migrate Azure dev-opps 1 to the tenant 2 and subscription 2, without losing the things we have there. ( Projects, Builds, Release's, Source Control History )
It is possible to change it like this and how can I do it? I'm admin in both.
Agree with Allen Wu.
We need add the account user#company1.com to the Tenant2 and ensure that this account is a member of Project Collection Administrator in the Org Azure dev-opps 1.
Then we can change your organization connection to another Azure AD.
Steps: open org settings->Azure Active Directory
->click the button Switch directory and select a directory from the dropdown menu, then select Connect.
Please refer this link for more details: Change your organization connection to another Azure AD
Note: It will not lose the data you have there
Related
In an attempt to view the cost analysis at the Management group level, I am receiving the following error message:
Management group LandingZone does not have any valid subscriptions. (Request ID: 3867f325-14c1-4181-bc25-0299516c0b25)
It has the following subscriptions
Probably you have 2 directories: directory A and directory B.
You can check that if you go into your account and you have Switch Directory:
The billing of all the subscriptions in directory A are redirected into directory B or the other way around.
EDIT: In this case what you need to do is to go to Cost Management, create a view with all the subscription that are in the directory A and a view with all the subscriptions in the directory B and save.
Use that to see the totals
please I have deployed Azure Active Directory Domain Services Azure AD DS in my environment and added 2 VMs into this domain. When I tried to create WINDOWS failover Cluster , it failed with below error
Create computer object ggg on domain controller \aaaa.bbbb.onmicrosoft.com in organizational unit OU=AADDC Computers,DC=bbbb,DC=onmicrosoft,DC=com. Access is denied.
I've owner permissions on Subsction and hence on Azure AD DS.
Please how can I create cluster or prestage CNO in Azure AD DS .
Please I tried all permissions combinations but all failed.tried with powershell with Admin too
To resolve the error "Create computer object ggg on domain controller \aaaa.bbbb.onmicrosoft. com in organizational unit OU=AADDC Computers,DC=bbbb,DC=onmicrosoft,DC=com. Access is denied."
I suggest you try following the below steps:
Make sure to grant the user permissions while creating cluster like
below:
Active directory users and computers - > View -> Advanced features -> Right click on CNO -> Select properties -> Security tab -> Add -> Select Users, computers or groups -> click on user account -> select Ok -> Allow check box of the permissions -> Select ok.
Check whether you have granted the permissions to the OU, by following this MS Docs.
For more in detail, please refer this link : Prestage cluster computer objects in Active Directory Domain Services | Microsoft Docs.
I would like to connect data from 'Data Lake Storage Gen 1 account' to Tableau. What tableau version is recommended for Gen 1 connection?
PS: I am aware Gen 2 can be connected to Tableau 2021.1
Tableau document doesn't talked about which version is recommended for Gen 1 connection, but is also provide a way to connect to Data Lake Storage Gen 1 account.
You can ref this document: Visualize Live Azure Data Lake Storage Data in Tableau:
Authenticating to a Gen 1 DataLakeStore Account
Gen 1 uses OAuth 2.0 in Azure AD for authentication.
For this, an Active Directory web application is required. You can create one as follows:
Sign in to your Azure Account through the .
Select "Azure Active Directory".
Select "App registrations".
Select "New application registration".
Provide a name and URL for the application. Select Web app for the
type of application you want to create.
Select "Required permissions" and change the required permissions
for this app. At a minimum, "Azure Data Lake" and "Windows Azure
Service Management API" are required.
Select "Key" and generate a new key. Add a description, a duration,
and take note of the generated key. You won't be able to see it
again.
To authenticate against a Gen 1 DataLakeStore account, the following properties are required:
Schema: Set this to ADLSGen1.
Account: Set this to the name of the account.
OAuthClientId: Set this to the application Id of the app you created.
OAuthClientSecret: Set this to the key generated for the app you
created.
TenantId: Set this to the tenant Id. See the property for more
information on how to acquire this.
Directory: Set this to the path which will be used to store the
replicated file. If not specified, the root directory will be used.
I recently started looking at my Azure Subscription again. A long time ago, I was playing with Azure Active Directory...and created 2 of them.
Let's just call them...
AAA Directory
BBB Directory
Apparently, Azure creates a completely separate 'portal' alongside each manually created 'active directory'. I wanted to delete them...so I went to DELETE & followed the instructions
I deleted all groups
I deleted all application registrations
I deleted all users
I have no subscriptions...but somehow...it 'thinks' I do...and shows "Delete all license-based subscriptions"
Choosing the "Delete all license-based subscriptions" link brings you to a page that says you need to go to the 'Azure Admin Center'...
Clicking DELETE in the 'Azure Admin Center' dashboard shows the "You can't delete the last dashboard" error message
I feel like I am going in circles.
How do I delete each of the manually created Azure AD's entirely?
How do I delete any associated portals to the manually created AD's entirely?
How do I get the manually created AD Portal's 'directories' to stop listing in my subscription tab?
UPDATE:
I have noticed the following message:
"We have detected that your current user account is external to this tenant. Please sign-out and login with Global Admin credentials using the initial default domain name such as user#contoso.onmicrosoft.com."
But my Microsoft Account lists as being a Global Admin
How to remove an orphaned Application in an Azure Directory?
I have a second (non-Default) directory that I was using to test the AD Connect app, and having finished with it, want to delete.
I have been able to remove the users both with the Management Portal and remove-msoluser, but am unable to delete the directory as it has one Application registered - "Office 365 Management APIs"
In the management console, this Application looks a little weird - there are no options to do anything on its dashboard and just checking, this Application is also installed in my Default Directory and looks the same - maybe it cannot be removed?
Have tried removing the App using the Remove-msolservice cmdlet, and tried the whole-hog approach as per Method 5 in https://support.microsoft.com/en-au/kb/2967860/en-us - seems to run through ok, but the Application is still listed, and when deleting the Directory I still get the error -
Directory has one or more applications that were added by a user or administrator
I had the same problem. When performed the steps below, I could delete the Azure Active Directory tenant:
Log in to Azure and create a new user with Global Admin permissions in the AAD you're trying to delete.
Open the Azure Active Directory Module for Windows PowerShell and execute the following:
Connect-MsolService (Log in with #onmicrosoft global admin account you created)
Get-MsolServicePrincipal | Remove-MsolServicePrincipal (This will generate errors but it's ok)
Log in to https://manage.windowsazure.com as the service admin
Delete already created #onmicrosoft.com Global Admin user
Delete the AAD now
You check the sites below as well:
http://blogs.msdn.com/b/dstfs/archive/2015/05/27/trouble-deleting-azure-active-directory-aad-due-to-quot-visual-studio-online-quot-item-in-aad-quot-applications-quot-list.aspx
or here:
https://www.opsgility.com/blog/deleting-azure-ad-applications
You must run the following cmdlets after running the remove cmdlets:
Get-MsolServicePrincipal | Set-MsolServicePrincipal -AccountEnabled $False
then delete the temporary global admin account (if any) and you should be able to delete the directory.
More information about this issue: https://support.microsoft.com/en-us/kb/3112170
This article helps me to delete Azure AD I created with old Windows Azure Portal (manage.windowsazure.com):
https://blogs.msdn.microsoft.com/ericgolpe/2015/04/30/walkthrough-of-deleting-an-azure-ad-tenant/
In a nutshell:
Create a new user under the AD you intend to delete.
User must have Global Admin role.
You will get temporary password for this user. Once login to Azure Portal with this user, you will need to create a permanent password.
Use this credential, you will remove Azure AD's applications using Azure AD PowerShell
Then, go back to Azure AD you intend to delete (using your credential, not the newly created user), delete the user you just created.
Only after doing all these will you be able to delete the Azure AD.