无法使用新门户在Azure AD中添加Microsoft帐户 [英] Cannot add a Microsoft account in Azure AD with the new portal

问题描述

我们的某些客户正在使用外部Microsoft帐户访问AAD服务. 由于我们没有与他们的域链接，并且其中一些使用Gmail帐户，因此很难将其整个域添加到我们的AAD中.

Some customers of ours are using external Microsoft accounts to access AAD services. Since we're not linked with their domain, and some of them use Gmail account, adding their entire domain to our AAD is hardly possible.

旧门户(manage.windowsazure.com)具有以下屏幕:

The old portal (manage.windowsazure.com) had the following screen:

新门户网站的访客系统几乎无法正常工作(添加外部访客会导致通用B2BError: Unable to invite user且没有其他详细信息-即使旧门户网站仍然有效)，而新用户"只能通过以下方式创建用户:注册域名.

The new portal has a guest system which hardly works (adding an external guest results in a generic B2BError: Unable to invite user with no other details -- even if the old portal still works), and "New user" can only create users with registered domains.

在新门户(portal.azure.com)中是否可以添加Microsoft帐户?

Is there a way, in the new portal (portal.azure.com), to add Microsoft accounts?

我现在要问的是，因为从技术上讲，这是

I'm asking this now, since this is technically a duplicate of How do I add a Microsoft account to Azure Active Directory?, because the old portal is sunsetting on November 30, 2017, at which point working like this will no longer be possible.

推荐答案

运行New-AzureADMSInvitation可以帮助我使其正常运行，并为我们自己的设置提供了更多步骤:

Running New-AzureADMSInvitation helped me to get it working, with some more steps for our own setup:

• 已执行New-AzureADMSInvitation -InvitedUserEmailAddress account-to-invite@gmail.com -SendInvitationMessage $True -InviteRedirectUrl "http://mybusiness.com"
• New-AzureADMSInvitation失败并显示错误，但是这次我可以理解:The object either is sourced from an on prem directory or is undergoing migration
• 要检查我们的本地AD是否有用户使用受影响的电子邮件.它没有.嗯.
• 以防万一，在带有Start-ADSyncSyncCycle -PolicyType Initial
的本地AD上运行完整的AD Sync周期
• 等待，直到(Get-ADSyncScheduler).SyncCycleInProgress返回到False
• 重新执行了New-AzureADMSInvitation，这一次有效.

• Executed New-AzureADMSInvitation -InvitedUserEmailAddress account-to-invite@gmail.com -SendInvitationMessage $True -InviteRedirectUrl "http://mybusiness.com"
• New-AzureADMSInvitation failed with an error, but one I could understand this time: The object either is sourced from an on prem directory or is undergoing migration
• Went to check our on-prem AD if it had a user with the affected e-mail. It did not. Huh.
• Ran a complete AD Sync cycle, just in case, on our on-prem AD with Start-ADSyncSyncCycle -PolicyType Initial
• Waited until (Get-ADSyncScheduler).SyncCycleInProgress went back to False
• Reexecuted New-AzureADMSInvitation, which worked this time.

这篇关于无法使用新门户在Azure AD中添加Microsoft帐户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！