Azure-docs: Is "-AvailableToOtherTenants $true" really correct?
Is the parameter "-AvailableToOtherTenants $true" really correct for the Service Principal? I don't see a reason why it should be available to other tenants.
Document Details
⚠Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: 156a552a-fe64-e5dc-b86a-b7d8ccbeee1d
- Version Independent ID: d83f235e-3ae2-ad71-30c6-0bd7f95fb894
- Content: Windows Virtual Desktop service principal role assignment - Azure
- Content Source: articles/virtual-desktop/create-service-principal-role-powershell.md
- Service: virtual-desktop
- GitHub Login: @Heidilohr
- Microsoft Alias: helohr
diecknet
All 5 comments
@diecknet Thank you for bringing this to our attention. We are investigating and will update you when we have additional information.
Mike-Ubezzi-MSFT
on 28 Jan 2020
From my understanding, this parameter "-AvailableToOtherTenants $true" is for creating multitenant service principal.
@ChristianMontoya Can you please confirm, I will update the document if needed. Thanks :)
Karishma-Tiwari-MSFT
on 30 Jan 2020
@diecknet : Unfortunately, this is still needed. We are updating our service and PowerShell modules to not rely on the global scope for Azure AD, and will update this document when this is no longer required.
ChristianMontoya
on 30 Jan 2020
Thanks @ChristianMontoya
@diecknet We will now close this issue. If there are further questions regarding this matter, please tag me in a comment. I will reopen it and we will gladly continue the discussion.
Karishma-Tiwari-MSFT
on 30 Jan 2020
This should be updated to -AvailableToOtherTenants $false, IMO. This setting makes it impossible to use a service principal for the azure subscription delegation required by the arm template automation for scaling hosts.
john-matlock-tech
on 21 Apr 2020
Related issues
mrdfuse
·
3Comments
bdcoder2
·
3Comments
jebeld17
·
3Comments
spottedmahn
·
3Comments
spottedmahn
·
3Comments