Forum Discussion
Error: User is not authorized to query the management service
Hi Erjen Rijnders, thank you for the prompt reply. Given the number of times I've run this now, I actually get 5 RoleAssigmentIds returned...oops. How do I tidy those up? Using Remove-RdsRoleAssigment I guess? I'll have a crack at that later...
The last one in the list though is the correct one:
I guess the only difference for me is that I am using AAD DS too, which you stated below is not supported. I'm not sure why not? I can get the VM to join the AAD DS domain. It is the DSCextension step which fails.
Anyhow, I'll do some tidying up and also keep progressing with my greenfield AAD, AAD DS and WVD deployment.
andrewstollery, you did create a new key within that app from the Azure Portal right? And you used that key during deployment on step 4?
And the user you are using deploying the VM's, does have owner rights on the Azure Subscription?
I agree it should work, however with AAD DS you don't have access to the RPC-service. So that could be the reason it doesn't work. But still curious if you checked the points I just mentioned.
- Alright, than it must be the AAD DS limitation indeed..
- Hi Erjen,
Yes, my friend, I created my service principles key and used that. I listened to everything you wrote, you know what you are doing so I didn't want to assume anything :). I also doubled checked the VM deployment user is Owner on the subscription and it is.
I really appreciate your help with this, thank you for replying.