Forum Discussion
New-RdsAppGroup error
Christian_Montoya Here's what I have for role assignments. The second one (the service principal) was never used because the host pool creation on the marketplace would always fail with the same "User is not authorized to query the management service" error. So I ended up creating the host pool with my UPN instead.
RoleAssignmentId : 302c9ef6-f57a-4be1-2187-08d751db72f6
Scope : /Default Tenant Group/Tenantname
TenantGroupName : Default Tenant Group
TenantName : Tenantname
DisplayName : Amy Sfakios
SignInName : amy@altaxprep.com
GroupObjectId : cb94329e-f164-446d-9108-8fab6a39f41d
AADTenantId : ca33ca83-5314-4ab0-81a8-c23a97718057
AppId : fa4345a4-a730-4230-84a8-7d9651b86739
RoleDefinitionName : RDS Owner
RoleDefinitionId : 3b14baea-8d82-4610-f5da-08d623dd1cc4
ObjectId : d82af3d3-4e0c-400d-f5fc-08d750e946f0
ObjectType : User
Item :
RoleAssignmentId : 35a5f471-3313-4797-c489-08d756666d7a
Scope : /Default Tenant Group/Tenantname/Hostpoolname
TenantGroupName : Default Tenant Group
TenantName : Tenantname
HostPoolName : Hostpoolname
DisplayName :
SignInName :
GroupObjectId : 00000000-0000-0000-0000-000000000000
AADTenantId : ca33ca83-5314-4ab0-81a8-c23a97718057
AppId : 7f1a85b3-49d1-4a06-a88c-da005bdb3b43
RoleDefinitionName : RDS Owner
RoleDefinitionId : 3b14baea-8d82-4610-f5da-08d623dd1cc4
ObjectId : 09a7de92-caf2-48ad-06bb-08d75666623e
ObjectType : ServicePrincipal
Item :
Maybe the problem is that the role assignment for my UPN is not scoped to the pool?
Thanks,
Dave
MicrosoftDavidMagrathSmith : Did you get any further on this? Primarily, it's a little challenging to troubleshoot permissions/access without specific details. If you have official support through Azure, I'd recommend going that way and they might be able to get down to the root cause. Just a notice though: even if you have a Global Admin account, that does not automatically give you access to manage WVD.