无法在Azure AD – Identity Governance中创建权益管理目录。

huangapple go评论63阅读模式
英文:

Unable to create an Entitlement Management Catalog in Azure AD - Identity Governance

问题

我无法在Azure AD - Identity Governance中创建授权管理目录。

在“名称”字段上有一个验证检查,它不停地旋转。如果我将鼠标悬停在旋转动画上,我会得到提示“已存在相同名称的目录”。然而,我在我的Azure AD实例中没有任何目录。而且,如果名称是全局唯一的,提示消息是不准确的,因为我尝试了不可能的唯一名称,仍然遇到相同的问题。

我不确定提示是否只是误导性的,是否还有其他问题需要查看,或者是否这是某种错误。

我的Azure AD实例是免费的,根据这篇文章 https://learn.microsoft.com/en-us/microsoft-365/education/deploy/design-identity-governance(许可要求部分),足以创建目录。

此外,我也被分配了“全局管理员”和“身份管理管理员”角色。

英文:

I am unable to create an Entitlement Management Catalog in Azure AD - Identity Governance.

There is a validation check on the "Name" field which keeps spinning endlessly. If I hover over the spinning animation, I get the hint "Catalog with the same name already exists.". However, I don't have any catalogs in my Azure AD instance. And if the name is globally unique, the hint message is not accurate because I've tried impossibly unique names and still getting the same issue.

I am not sure if the hint is simply misleading and there is another issue I need to take a look at or if this is a bug of some sort.

My Azure AD instance is Free which is sufficient for creating catalogs as per this article https://learn.microsoft.com/en-us/microsoft-365/education/deploy/design-identity-governance (License Requirements section).

I also have the "Global Administrator" and "Identity Governance Administrator" roles assigned to my user account.

Thanks ahead.

答案1

得分: 0

I have one Azure AD instance with Free license like below:

无法在Azure AD – Identity Governance中创建权益管理目录。

Now, I assigned same roles as you to one user named Sri like below:

无法在Azure AD – Identity Governance中创建权益管理目录。

When I signed in with above user account, I'm able to create catalog successfully like below:

无法在Azure AD – Identity Governance中创建权益管理目录。

But when I tried to create another catalog with existing catalog name, I got same error as you like this:

无法在Azure AD – Identity Governance中创建权益管理目录。

In your case, check whether you selected Select All under Enabled and Enabled for external users or not to see all existing catalogs.

Alternatively, make use of below PowerShell script to create catalog if there is any issue with your Portal:

Connect-MgGraph -Scopes "EntitlementManagement.ReadWrite.All"
Select-MgProfile -Name "beta"

New-MgEntitlementManagementAccessPackageCatalog -DisplayName "DeviCatalog" -Description "Created from PowerShell"

Response:

无法在Azure AD – Identity Governance中创建权益管理目录。

When I checked the same in Portal, catalog created successfully like below:

无法在Azure AD – Identity Governance中创建权益管理目录。

英文:

I have one Azure AD instance with Free license like below:

无法在Azure AD – Identity Governance中创建权益管理目录。

Now, I assigned same roles as you to one user named Sri like below:

无法在Azure AD – Identity Governance中创建权益管理目录。

When I signed in with above user account, I'm able to create catalog successfully like below:

无法在Azure AD – Identity Governance中创建权益管理目录。

But when I tried to create another catalog with existing catalog name, I got same error as you like this:

无法在Azure AD – Identity Governance中创建权益管理目录。

In your case, check whether you selected Select All under Enabled and Enabled for external users or not to see all existing catalogs.

Alternatively, make use of below PowerShell script to create catalog if there is any issue with your Portal:

Connect-MgGraph -Scopes "EntitlementManagement.ReadWrite.All"
Select-MgProfile -Name "beta"

New-MgEntitlementManagementAccessPackageCatalog -DisplayName "DeviCatalog" -Description "Created from PowerShell"

Response:

无法在Azure AD – Identity Governance中创建权益管理目录。

When I checked the same in Portal, catalog created successfully like below:

无法在Azure AD – Identity Governance中创建权益管理目录。

答案2

得分: 0

你需要拥有Azure AD Premium P2许可证才能在Azure AD Identity Governance中创建目录。请参考此链接以获取更多信息。

英文:

You need to have Azure AD Premium P2 license in order to create a Catalog in Azure AD Identity Governance. Please refer this link for clarity.

答案3

得分: 0

在与其他社区成员进行一些尝试和错误后,事实证明您实际上确实需要Azure AD Premium P2许可证才能处理目录、访问审查等任何事务。关于许可证要求的“许可证要求”并非完全准确,其中提到对于设置初始目录、访问包和策略并将管理任务委派给其他用户的全局管理员,不需要P2许可证。

英文:

After some trial and error with other community members, it turns out that you do in fact need Azure AD Premium P2 license to do ANYTHING with catalogs, access reviews, etc. The "License requirements" is not entirely accurate where it says P2 is not required for Global Administrators who set up the initial catalogs, access packages, and policies, and delegate administrative tasks to other users.

huangapple
  • 本文由 发表于 2023年5月11日 00:51:47
  • 转载请务必保留本文链接:https://go.coder-hub.com/76220880.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定