Adaxes

Insufficient privileges to add second tenant.

0 votes

Hi

I'm trying to add a second tenant to my Adaxes setup, but I'm getting an error of insufficient privileges to complete the operation. image.png

I'm using an account with full administrative rights in Adaxes and the secret is definitely right, what am I missing?

Thanks

Matt

by (2.0k points)
0

In case this helps others, it looks like Microsoft may have made some changes to Role assignment, at least in my tenants. I don't see an option to assign a role to an enterprise application any longer, the application just doesn't show up in either of my tenants, though I have previously assigned the roles in my live tenant.

To get round this, I have had to create a new security group in Entra and ensure that roles can be assigned to the group image.png

From there, I needed to add the enterprise application, and assign the roles to the group.

by (2.0k points)

1 Answer

0 votes
by (289k points)
selected by
Best answer

Hello Matt,

Adaxes permissions are not related to the issue in any way. It occurs because the app whose credentials you specify does not have the required permissions in Entra ID (former Azure AD). For details on the required permissions and roles, have a look at sections Add API permissions (pay attention to the admin consent part) and Assign roles to the app of the following help article: https://www.adaxes.com/help/RegisterAdaxesAsAppMicrosoftAzure.

0

Thanks, I thought that the API permissions had replaced the need for the app to be added to a role ‍

by (2.0k points)

Related questions

0 votes
1 answer
User has insufficient permissions/Access rights to perform the operation

User is trying to amend the account expiry date on another user account. User has done this many times in the past - only difference is this is a new OU. Adaxes service account has the necessary permissions to the OU so I can't see why this is happening

asked Jan 3 by NeilM (20 points)
0 votes
1 answer
Insufficient permissions to set 'Accept messages from' Exchange attribute

When trying to set "Accept Messages" to "All senders" on distribution group through Adaxes web interface I get error: Adaxes doesn't have any permissions to ... of mentioned role? I tried give it msExchRequireAuthToSendTo permission but that didn't help.

asked Dec 1, 2022 by KIT (960 points)
0 votes
1 answer
Failed to install second server in shared configuration

During the upgrade of the second server with version 2021.1, shared installation selected, the process stops in "pending authorization" not allowing the process to complete ... to find Adaxes services that are waiting for authorization." Any suggest? Thanks

asked Mar 18, 2021 by Simone.Vailati (430 points)
0 votes
1 answer
Show second answer list based on answer to first field

When creating a user I would like to set it up so that once the answer to the first field is given, then a second field appears with a defined list of possible answers, ... appear and only have the options for "Orlando, Miami, New York" etc Is this possible?

asked Dec 20, 2017 by ScottGriff (400 points)
0 votes
1 answer
Connect to second domain (remote\WAN)

We have a potential use-case to connect our existing Adaxes install to a secondary AD domain (over a "VPN" with no IP broadcast availability). I know managing multiple AD' ... domain and defining a set DC to connect to intially and for all future actions. Rgds

asked Jan 18, 2017 by firegoblin (1.6k points)
3,548 questions
3,239 answers
8,232 comments
547,814 users