Introducing a person in Azure Active Directory caused some problems: it didn’t perform as I imagined it would. Allow me make clear.
Adding the person
I went to Azure Active Listing, clicked “Users” in the left menu and included the person through “New user”. I loaded in some information and facts and clicked on job “User” and select “Global reader”: in the description it claims “Can study almost everything that a global administrator can, but update nothing”. When I search at the user that I typically use in my primary account, this person has the function “Global administrator” assigned to it, so this seems good:
I opt for “Netherlands” as usage site and pressed “Create”. In the record of buyers, I copied the User principal identify:
Logging on as a new person
Immediately after logging out from my primary account and logging on with my New Person account, I went to the source teams and noticed the pursuing:
I did not count on this: why is it inquiring for a (new) membership? I have a properly legitimate membership in my key account. Why does not it use that, and why doesn’t it clearly show the source groups that I have in my primary account? I appeared at the configurations for my new consumer in Azure Energetic Listing. I did that the two with my key account credentials and also with the New Person account. This went fantastic, so it did assign some permissions, but I couldn’t uncover a location in which I could increase my “main account subscription” to this user…
In the conclusion, I went to the subscription, and changed the IAM settings: I select for reader and clicked on my newly created person.
When I refreshed the source teams display in the session I applied for my New User account, I acquired a relatively vague error. Soon after a handful of minutes I refreshed the monitor all over again and then I noticed that my source teams were obvious. All the other screens worked as properly.
Learning a new cloud can be difficult: there are several options, a lot of configurations and the settings you need can also be in locations you really do not expect them to be. But in the conclusion I succeeded in attaining my objective and I’m happy I know a tiny little bit far more about the way Azure works.