-
Notifications
You must be signed in to change notification settings - Fork 395
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add Announcement to Disable Tenanted Passthrough (#3437)
- Loading branch information
Showing
2 changed files
with
54 additions
and
0 deletions.
There are no files selected for viewing
52 changes: 52 additions & 0 deletions
52
docs-conceptual/azps-13.0.0/disable-tenanted-passthrough.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| --- | ||
| description: Learn about Azure PowerShell disabling tenanted passthrough to enhance security. Check tenant membership, invite guest users, and resolve login issues. | ||
| ms.custom: devx-track-azurepowershell | ||
| ms.devlang: powershell | ||
| ms.service: azure-powershell | ||
| ms.topic: conceptual | ||
| title: Tenanted passthrough is going to be disabled for Azure PowerShell | ||
| --- | ||
|
|
||
| # Tenanted passthrough is going to be disabled for Azure PowerShell | ||
|
|
||
| To enhance security, Azure PowerShell is going to block users from other organizations or personal | ||
| Microsoft accounts (consumers) from signing in with Azure PowerShell to tenants where they aren't | ||
| invited as guests. | ||
|
|
||
| > [!NOTE] | ||
| > This change affects all Azure PowerShell versions. | ||
| If you attempt to sign in to a tenant where you aren't invited as a guest, you see the following | ||
| error message in your web browser: | ||
|
|
||
| ```Output | ||
| Selected user account does not exist in tenant '$YourTenantName' and cannot access the application '00000000-0000-0000-0000-000000000000(Microsoft Azure PowerShell)' in that tenant. The account needs to be added as an external user in the tenant first. Please use a different account. | ||
| ``` | ||
|
|
||
| To sign in to a tenant, ensure the user is either: | ||
|
|
||
| - A member of the tenant | ||
| - A guest invited to the tenant | ||
|
|
||
| ## Check whether you are the member of a tenant | ||
|
|
||
| If your username is `someone@example.com` and the tenant ID is `$tenantId`, run the following | ||
| commands: | ||
|
|
||
| ```azurepowershell | ||
| Connect-AzAccount -AccountId someone@example.com | ||
| Get-AzTenant | ||
| ``` | ||
|
|
||
| When you retrieve the list of tenants, determine if `$tenantId` is included. If not, or if the list | ||
| is empty, contact the tenant administrator to request an invitation. | ||
|
|
||
| ## Invite a guest member | ||
|
|
||
| As a tenant member, you can [invite a guest user to your tenant][invite-tenant-guest]. The guest | ||
| user receives an email invitation to join the tenant. Once the invitation is accepted, they're added | ||
| as a guest user and gain access to the tenant's resources. | ||
|
|
||
| <!-- link references --> | ||
|
|
||
| [invite-tenant-guest]: /entra/external-id/b2b-quickstart-add-guest-users-portal |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters