I’m going to go over what I had to do in our Azure Portal to get things ready. This was the biggest thing that tripped me up, mostly because I was using an account that didn’t work properly. So just a note, if you don’t log into your Azure Portal Directory with the Same “domain name” as the one you’re managing, you’ll run into issues.
Here is what happened to me. It’s no secret, our domain name is recastsoftware.com, and that is the domain our accounts are all setup in. Our DEV lab has it’s own Azure Directory which is dev.recastsoftware.com. When I was logging into the portal, I was using my recastsoftware.com account and even though I had global admin rights, was an owner of the subscription, I ran into issues.
Here below you can see the account I was using was a “guest”, which should have been a red flag, but I still had all of the proper rights, so I just over looked it.
But the issue was, when I was in the CM Console trying to run the setup, I kept getting errors on logon attempts.
While configuring the Cloud Management Gateway (CMG) at different client sites, we stumbled on an issue ‘Failed to sign in to Azure‘ to create the Azure web applications. When I googled, I found this blog post by Jonathan Lefebvre (@JLefebvreGloben) which was very interesting and helped me understand what was going on behind the scenes, so while it wasn’t the resolution I needed, it was very helpful in my understanding of what the CM Console creates on the backend.
Troubleshooting… Call my Friend Adam Gross (@AdamGrossTX) who is a Cloud Expect and ask for help. We confirmed my account had the rights and that Azure was setup. But still nothing was working. Then he tried using his Azure Subscription on in my lab, and it worked fine, so we knew it was not my local lab servers, but an issue on the Azure side. He then noticed the “guest” associated with my name and suggested I make a new account. That was the key to this.
I created a new account and gave it all the same rights. [MS Docs, difference between Members & Guests]
Account: Gary Blok Dev (firstname.lastname@example.org) then:
- Then made it a Global Admin in the dev.recastsoftwarecom site. [MS Docs]
- Made it an owner on the Subscription [MS Docs]
- Made it a Co-Administrator on the Subscription [MS Docs]
After that, I was able to follow the process as described in the Docs & in the Youtube Video Justin created.
Images to help clear anything up:
Once you have the rights on the account setup that you’ll use in the CM Console to create the Azure Services, you’ll be ready to move on to the next step.
Related Blog Posts: