Enable Co-Administrator Rights to Azure Key Vault

Recently started to learn Azure Key Vault service. So as usual I start the PowerShell console and start to create a Key Vault. When I run the PowerShell command for the creation of Key Vault it create without any errors but its prompt me a warning as follows.


The other strange thing I notice was it doesn’t create any access polices as it mentioned in the warning.

Firstly I didn’t care much about it but when I go farther I was denied access for AD Application  creation, for Key Vault we have to register an application which used to encrypt the disk.

After some search on the google I found that I don’t have permissions for the AAD (Azure Active Directory).


First you have to login to the portal as the administrator of the Azure subscription.

Then from that subscription Default Directory –> Users  we can see the co-admins accounts.

Next we should login to the AAD from PowerShell as the administrator of the subscription.


Enter the following command.

Set-MsolUser -UserPrincipalName XXXXX_hotmail.com#EXT#@XXXXXX.onmicrosoft.com -Usertype Member

In the -UserPrincipalName parameter you have to use the following format.


In RED color replace the Hotmail username, ORANGE color X replace with the directory name.

After that close the PowerShell Session and login again.