Forum Discussion
Block-AADUser - Azure Sentinel Playbook
Hi, I am a security Engineer and I have just started using Sentinel and Logic Apps for the first time. I have been adding various out of the box playbooks etc and triggering them in my lab. ...
Hello danb1967,
"Does this simply mean within the login app that I need to connect using an account that has permissions in both Azure and Office365" - this is exactly what you need to do. You can also open the Logic App -> API Connections -> Open each connection and go to "Edit API Connection" -> Authorize it.
You can also configure connections with Managed Identity or Service Principal.
- Hi,
I am using a managed identity to run this.
When I run the trigger the playbook completes but when I look into the run details I see that most of the actions seem to be 'skipped'
When I click into these I see errors like
{"code":"ActionConditionFailed","message":"The execution of template action 'Update_user_-_disable_user' is skipped: there are no items to repeat."}
So I have misconfigured something somewhere.
How best to troubleshoot this or has anyone here seen these types of errors before?
Should I be using the managed identity as the connection for all section of the logic app? If I open the logic app and breakdown each part I can connect various different accounts.
