Is't possible to merge two DevOps accounts? - azure

I wish move from Microsoft personal DevOps Account to my O365 Account Tenant where I run Azure, too.
Is't possible to mantein the benefits, too?

What you can do is that transfer Transfer Azure DevOps to New Azure Account
Add a AAD member which is a Microsoft account to your Azure DevOps organization.
Add this AAD member to Project collection Administrators group.
Log into the Azure portal and connect the organization to AAD.
Then you could login to your Azure DevOps organization with AAD member

To merge two Azure DevOps account, there is no such kind of feature at the moment.
A related user voice here:
make it possible to move a Team Project between Team Project Collections
https://developercommunity.visualstudio.com/content/idea/365365/make-it-possible-to-move-a-team-project-between-te-1.html
Any other 3rd party extension or tool will not keep history info. Suggest you use two organization separately to keep history. Or manually merge it without history.

Related

No longer able to see existing projects in Azure Devops after connecting AAD

I was logged in to my AzureDevops account using my hotmail account.I then went to Organization Settings and then connected my Org to Azure AD.
After i logged out and logged in back again with the same account, i don't see anymore my projects which i was working on. I have disconnected my Azure AD and also tried switching directories but i am no longer able to see that particular organization anymore.
Any idea how to fix this or why this happened
Please check below points :
Try logging on to https://.visualstudio.com to see you can see the organization and projects, as stated in this.
Check Troubleshoot connecting to a project
You may not able to signin or access your organization unless your work or school account has the same email address as your Microsoft account.
Although you can add new work accounts to your organization, they're
treated as new users.
If you want to access all your work, including its history, you must
use the same sign-in addresses that you used before your organization
was connected to your Azure AD.
For that Add your Microsoft account as a member to your Azure AD Or
ask the owner of the organization who has proper permissions to map
any disconnected members to their Azure AD identities Or invite them
as guests into the Azure AD.
Invited user should use corresponding account, work/school account
for AAD based, personal account for the other.
So basically the user who makes the connection must confirm the following statements are true.
User exists in Azure AD as a member. If the user is an Azure AD guest, rather than member
User must have project collection administrator or owner of the organization
User must also have Azure Service Administrator or Coadministrator permissions for the Azure subscription that's linked to your organization in Azure DevOps.
User isn't using the Microsoft account identity that matches the Azure AD identity. For example, if the Microsoft account that users are currently using is jamalhartnett#fabrikam.com, the Azure AD identity they'll use after connecting is also jamalhartnett#fabrikam.com. Use a single identity that spans both applications, rather than two separate identities using the same email.
Add your work account as an administrator in your Azure DevOps organization
The AAD tenant should be same as the DevOps tenant to connect & Transfer the ownership of the organization to your work account.
Please see if you have followed the Prerequisites to Connect organization to Azure Active Directory
FAQ: to be refered
why dont i see my organization in the azure portal
why do i have to choose between a work or school account and my personal account
what if we cant use the same sign in addresses
Note: No other user than the owner of the organization will be able to see the organization under the “Azure DevOps organizations”
service in the Azure portal. Also, Azure DevOps does not support
multiple owners, like Azure services that support Role Based Access
Control (RBAC) do. An Azure DevOps organization will only have a
single owner at a time :reference
Please try to access https://aex.dev.azure.com/ and change domain to see if your organization is present in the list.
Or
You may need to open a support case on the Developer Community to help you out or raise a support request through azure portal.
References:
Lost organization after disconnecting it from Azure Active Directory-Stack Overflow
What not to do when Connecting Azure DevOps to
AzureAD |Josh Corrick |
Restore project - Azure DevOps Services | Microsoft Docs

MS Teams DevOps Connection "you have no associated Azure DevOps organizations"

I have an Azure Organization and Devops Project assigned to my user with all the permissions setup to same as the Organiazation Owner (same email AD domain).
When I launch Azure Devops App within MS Teams, I click to Set up and it says "Sorry, you have no associated Azure DevOps organizations". The Organization Owner has no problem and can see the Option. I have rebooted, re-logged-in etc etc, checked every conceivable permission in MS Teams, OFfice 365 Admin, dev.azure.com Organization level... it still does not show the Organization in Teams.
Yet I can see the Devops Board which the Azure Devops Organization owner setup on Teams as a Tab.
Is there something I'm missing? Any help would be much appreciated.
Thank you
Thank you again for the feedback. The problem was that I had created another Azure account with my email address. I deleted the Organization but the Azure Devops add-in for MS Teams still picked the deleted Organisation as my primary Azure account despite me being assigned as an Admin to another Azure Devops Organisation and Project. It took about a week for my legacy credentials to expire and eventually I could connect to the new Azure Devops organisation.
I also received some excellent links to manage and support MS Teams integration with Devops so am posting it here in case anyone else finds it useful...
The MS teams extension for Azure DevOps has been deprecated and we suggest you to use the MS Teams apps for Azure DevOps.
https://learn.microsoft.com/en-us/azure/devops/pipelines/integrations/microsoft-teams?view=azure-devops
https://learn.microsoft.com/en-us/azure/devops/boards/integrations/boards-teams?view=azure-devops
https://learn.microsoft.com/en-us/azure/devops/repos/integrations/repos-teams?view=azure-devops
You could refer the below document which mentions the multi tenant feature of the MS teams app for Azure DevOps. This could help you to connect to all the organizations from different client AADs.
https://learn.microsoft.com/en-us/azure/devops/pipelines/integrations/microsoft-teams?view=azure-devops#multi-tenant-support
Users need to be granted with at least stakeholders access at the DevOps organization level ( not just the project ). Tell the owner to add them in there.
Check this out for further references: https://learn.microsoft.com/en-us/azure/devops/organizations/security/access-levels?view=azure-devops#stakeholder-access
You can check the prerequisites in this link and check whether your account and organization meet the prerequisites:
You should have Office365 account in order to integrate Azure DevOps
Services with Microsoft Teams.
Only Azure DevOps organizations in the same organization (AAD tenant)
can be used to integrate with your Microsoft Teams account.
In addition, here is a case you can refer to.

How to tie VSTS (aka Azure DevOps) account to Azure Subscription

I understand how to create a new DevOps project from https://portal.azure.com and I see how that creates a new DevOps organisation or reuses an existing one (scoped to that AzureAD).
A new project is also created as well as an associated WebApps project.
These are my challenges:
When one creates a new Project in that DevOps organisation, it doesn't show up for management in https://portal.azure.com. How can one ensure the resources consumed by that project are part of the Azure Subscription to which the parent organisation is tied? Or is that the default?
What is the easiest way of tying existing DevOps organisations and projects to an Azure subscription to allow increasing the default 5 user limit and consuming more pipeline resources?
There doesn't seem to be any documentation anywhere that directly addresses these issues for me.
You may use Azure DevOps Organizations to connect your azure subscription with devops account:
Then you may use users on Azure DevOps from Azure Active Directory and manage billing (get more license):
Also you may use DevOps Project wizard to create a team project from a template:
Additional links:
Quickstart: Set up billing for your organization
Azure DevOps Projects
Tutorial: Connect your organization to Azure Active Directory
Quickstart: Pay for more Basic users
About access levels

Accessing Azure with both Microsoft Account and Work Account

This problem may stem from the dependency on MS accounts for MSDN instead of work accounts, but maybe some one has found a solution?
I use the same email address for both my MS and Work Accounts.
Our Company Subscriptions seems to be linked to our MS Accounts, as does our VSTS accounts. I can sign into Azure Portals using both MS and Work Account. I want to be able to deploy do our company subscription from VSTS.
When I sign into Azure, using my work account, I can see our Azure AD. I am a global admin and can make changes, etc. This is not visible when I sign in using the MS account. It tells me I don't not have access, which I can understand.
In VSTS, I have linked my MS Account to my work account. But I cant access some of the projects # {whatever}.visualstudio.com VSTS sites with my work account, I must use my MS account.
The main problem is when I try to set up a build and deploy from VSTS into the Company Azure Subscription. To achieve this I need to set up a Service Endpoitn to ARM in Azure. So I go ahead and try to do that.
It fails as it says that the account does not have the sufficient privileges needed in Azure Active Directory. Remember, AAD is only accessible when I log into my work account in the azure portal.
One last point, AAD would see my MS account as a guest account, so I thought 'hey, I will add that account to AAD as a guest and assign privileges necessary to perform the tasks I need'. But because the same email address was used for both my MS account and work account, it tells me when I try to add the guest account, that it already exists.
Is there any way around this problem? How can I associate/move all VSTS subscriptions to my work account?
When the VSTS identity you are using does not have access to the Azure subscription your trying to deploy to, the best way to do this is to create your service endpoint manually.
The steps are [here][1]. See the Azure Resource Manager service endpoint -> Manual subscription definition section. It has a few more steps, but once you create that, just use that service endpoint in your build or release definitions & your good to go.

Using organizational AD for multiple Azure subscriptions

We have two Azure subscriptions and an Office 365 subscription for our company.
In "Subscription #1", we have a VNET and a bunch of VMs. We have our "organizational AD" in this VNET. We also set our Office 365 subscription to use our organizational AD that is in this Subscription #1.
We then have a second Azure subscription (Subscription #2) in which we have WebApp's, databases and Visual Studio Team Services (VSTS - formerly Visual Studio Online) repositories. We set up our VSTS to use the directory service -- WAAD -- associated with this second subscription.
My question is: can we set it so that this second Azure subscription uses our organizational AD to manage user access? Our primary goal here is to have "single sign-on" in this second Azure subscription. For example, we want our developers to be able to use their organization AD accounts to access the VSTS repositories.
P.S. We do prefer keeping these two Azure subscriptions separate but still have single sign-on.
In short, yes you can. The easiest way to do this is by putting in a support ticket with Azure and asking them to perform this task for you. You should be able to put a ticket in with billing support to avoid costs.
The other way to do this involves having the Service Administrator of the 2nd Azure subscription be a Global Admin on the Azure Active Directory in question. You can then follow the steps found in this link.

Resources