Error: AADSTS500011: The resource principal named '*URL*' was not found in the tenant.
We are trying to add an app to our SharePoint Online site using the template from https://docs.microsoft.com/en-us/sharepoint/dev/spfx/web-parts/get-started/build-a-hello-world-web-part and we get the error below when we deploy to SharePoint and add the app/Webpart to a test SharePoint site. Found [object Object]Driver Display External Error: Error: AADSTS500011: The resource principal named https://driverdisplayexternal.azurewebsites.net was not found in the tenant named 7018324c-9efd-4880-809d-b2e6bb1606b6. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant. Trace ID: 358b22eb-cd2c-4091-b592-5a57cbc21d00 Correlation ID: ec96d656-1a36-42e2-a2b9-3ff78efc1e2e Timestamp: 2019-10-01 16:26:06Z We have added a call to our own client as shown below. We are not sure why the resource principal was not found. The Tenant ID's match and things seem to be set up properly for authentication. Has anyone else encountered this issue or know where to look for the issue? Thanks in advance!
Shared Mailbox of Separated User Management
When we have a user separation, we covert them to a shared mailbox and remove the license. Here is the dilemma, Due HIPAA we must retain these unlicensed users for 7+ years. As you can imaging soon, we will have more unlicensed users in our AAD, making it difficult to manage. Is there a way to move or hide AAD Unlicensed users without losing the shared mailbox? Thank You
How do I get job info from Azure AD for automate flow?
I need to get a piece of information under the category JOB INFO. Specifically an item called Employee ID from a given user in a Power Automate flow. I've tried to use the connectors Get User from Azure AD and even from Office 365 Users, but this information isn't part of the output. Is there some other way?Azure B2B SharePoint Integration
I've followed the steps outlined here for enabling Azure B2B integration with SharePoint & OneDrive: https://docs.microsoft.com/en-us/sharepoint/sharepoint-azureb2b-integration It has enabled successfully however there appears to be no difference when sharing from SharePoint and users aren't being added as Guests in Azure AD. Other steps I've tried: 1. Enable OTP in External Identities 2. Create User flow in External Identities to allow Azure sign up and OTP. Has anyone else had luck configuring this that can provide any futher guidance? Thanks.Sharepoint 2019 Login Azure AD
Hello, we are looking into to integrating our Azure AD to work with our on-premise 2019 SharePoint farm. I have found the guides on how to incorporate the feature, but have specific questions. 1) Can we use both local and Azure for authentication? 2) Can we granularly set the Azure authentication method to certain sites? 3) Will the Azure MFA, conditional access, and InTune features work? 4) Can we use external user accounts to provide access? Thanks!
How to securize redirection with Azure AD in a WebPart?
I have developed a Sharepoint Webpart. The aim of this component is simple, authenticate the user in an external website that is embedded inside de Sharepoint. The external website uses Azure AD to login the users. The problem that I have is the following. I know how to get obtain an access token, and the component works fine, with a great security leak. This is that I have public render(): void { token="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"; <iframe img src="https://www.example.org/oauthCallback.html?token="+token/> } For this reason, I'm trying to change for something like: public render(): void { <iframe img src="Azure redirection"/> } Azure redirection -> verify the user context with Azure AD -> redirect the callback to https://www.example.org/oauthCallback.html I want securize this process with Azure AD, but I don't know how to do. Any idea? Regards
How do I remove blocked O365 users from being displayed in SharePoint Online' search
When people leave our company we block them in our O365 admin center. The issue that we're having is that when we use sharepoint search' to look for people, the blocked users are still displayed. We want to prohibit the blocked users from being displayed in the search results. We don't want to remove the blocked users. We're using an modern SharePoint experience and we're not having an on-prem AD only an Azure AD. I've found a couple of possible solutions but it seems they only are suitable to companies with a synced on-prem AD. Kind regardsAccess Requests impacting permissions granted to Azure AD group?
We have a site where we're managing permissions via Azure AD groups (well, local AD groups that sync to Azure). This has been working fine, but recently a couple of users who were going to be added to the AAD group jumped the gun and submitted "access requests" for the site. One was declined, the other is still sitting there. When I go to the Site Permissions and run Check Permissions for their usernames, both come up as "None", despite the fact that they are now in that AAD group; others who were added to that group at the same time DO have access to the site. So, it seems like the "access request" process has some kind of impact on the users' access to the site when it is granted via an AAD group. In other words if a user requests access and it's declined, does that put some kind of block in place that interferes with permissions being "inherited" from the AAD group? If this is the case, how can I fix this (since it seems access requests can't be deleted, which I kind of understand from an audit trail standpoint)? Can I delete them from the Site Collection Users? Well, I know I can, but will that fix this problem?
What is the difference between Remove-msoluser and Remove-SPOExternalUser
Hi all I doing some clean up of external users in my tenant and deleting stale guest users. There are 2 cmdlets that can be used to delete Guest users: remove-spoexternaluser and remove-msoluser. I understand remove-msoluser can be used to delete both tenant users and external users also. But when it comes to guest users, are they both same? It looks like both can be used to delete external user from Azure AD. And both cmdlets don't delete the external user id from user info list in SharePoint. Is there a preference of one over other?
