Search This Blog

Showing posts with label Azure B2B. Show all posts
Showing posts with label Azure B2B. Show all posts

Thursday, December 9, 2021

Azure B2B Script to create Guest On-Prem Active Directory Account is Not Working

Description:

You are configuring Azure B2B to allow external users to access your on-premise application securely.
You have configure the Azure B2B setting and have publish the on-premise application using Azure AD Application Proxy. Now you want to use the Azure B2B script to create the Guest account in on-premise Active Directory automatically. 
You downloaded the script from https://www.microsoft.com/en-us/download/details.aspx?id=51495. 
However when you run it, you saw some error and the users never get created in on-premise Active Directory. 
During troubleshooting, you found out that the script has not enough application permission to connect or query to Azure AD. You even triple check the API permission, but cannot found the cause of the error.

Resolution:

The "AppProxy-GuestAccountCreation-v1.0.3.ps1" script is not updated. PowerShell script still uses deprecated Azure AD Graph API instead of MS Graph API. 
You can download the updated script from https://github.com/MicrosoftDocs/azure-docs/files/7090340/AppProxy-GuestAccountCreation-v1.0.3.txt.
Make sure you install Microsoft Graph PowerShell SDK prior to executing the script.

Search Google