Recently started to learn Azure Key Vault service. So as usual I start the PowerShell console and start to create a Key Vault. When I run the PowerShell command for the creation of Key Vault it create without any errors but its prompt me a warning as follows.
The other strange thing I notice was it doesn’t create any access polices as it mentioned in the warning.
Firstly I didn’t care much about it but when I go farther I was denied access for AD Application creation, for Key Vault we have to register an application which used to encrypt the disk.
After some search on the google I found that I don’t have permissions for the AAD (Azure Active Directory).
Solution.
First you have to login to the portal as the administrator of the Azure subscription.
Then from that subscription Default Directory –> Users we can see the co-admins accounts.
Next we should login to the AAD from PowerShell as the administrator of the subscription.
Connect-MsolService
Enter the following command.
Set-MsolUser -UserPrincipalName XXXXX_hotmail.com#EXT#@XXXXXX.onmicrosoft.com -Usertype Member
In the -UserPrincipalName parameter you have to use the following format.
XXXXX_hotmail.com#EXT#@XXXXXX.onmicrosoft.com
In RED color X replace the Hotmail username, ORANGE color X replace with the directory name.
After that close the PowerShell Session and login again.