Cannot Query Management Service - WVD

Copper Contributor

Hi Everyone,

Happy New Year!

Since joining a new organization, me and one of my colleagues build/maintain the azure environment we have. When I first joined I was only given Global Reader Access.

I now have the same access control as him (Owner, Contributor, User Access Admin), same AAD Roles such as Global Admin and others whilst he just has Global Admin. 

The problem I have is that I cannot manage our tenants/hostpools via powershell like he can.

Running Add-RdsAccount -DeploymentUrl "https://rdbroker.wvd.microsoft.com"

I sometimes get errors or it will connect.

I just connected and attempted to run Get-RdsTenant for one of our tenants and got the following :

 

Get-RdsTenant : User is not authorized to query the management service.

 

Even running the same command for a tenant I created I get the same error.

We have both have MFA enabled but he has no issues whatsoever.

Can anyone share any suggestions/fixes? 

2 Replies

Hi @AT1991,

 

Your doing it with the Azure CLI or Powershell?

Maybe this is a Problem with the Account Cache in the Powershell.

I saw this somewhen in the past.

Maybe reinstallation of the Modules or Azure CLI may help, and also a new AZ Login and Token Refresh. Maybe also try if the Issue is the same in your colleagues Cliwent, or if all works fine with that one.

 

Sounds more like a Client Issue instead of a Azure Permission Issue.

 

Kind Regards, Peter

Hi Peter,

I should have closed this, it is resolved. It was to do with a RDS Role permission 🙂

Thanks,
Aaron