Azure Active Directory传递带有默认模板的tenantId的空GUID [英] Azure Active Directory passing empty GUID for tenantId with default template

问题描述

我已经尝试使用多个具有Azure/AAD帐户的MS帐户，并尝试同时使用Visual Studio 2015和2017，并且遇到了完全相同的错误/错误.

I've tried this with several MS accounts that have Azure/AAD accounts in place and have attempted using both Visual Studio 2015 as well as 2017 and am getting the exact same bug/error.

使用默认的具有AAD集成的ASP.NET MVC模板(完全没有代码更改).该应用程序已在我的AAD帐户中注册，并且我看到tenantId和其他GUID分别在Web.Config中.我还尽可能地跟踪了调用堆栈，并且tenantId已正确初始化，但仍然出现此错误:

Using the default ASP.NET MVC template with AAD integration out of the box (no code changes at all). The App is registered in my AAD account, and I see the tenantId and other GUIDs are in the Web.Config as they should be. I also traced the call stack as far as I could and the tenantId is initialized properly yet I still get this error:

请求的租户标识符'00000000-0000-0000-0000-000000000000'无效.租户标识符不能为空的GUID.

Requested tenant identifier '00000000-0000-0000-0000-000000000000' is not valid. Tenant identifiers may not be an empty GUID.

这在权限接受屏幕之后发生.

This happens after the permissions acceptance screen.

以下是屏幕截图:

根据要求，这是Web.Config:

As requested, here is the Web.Config:

推荐答案

所以解析非常简单.但这在任何地方都没有记录，甚至在Vittorio Bertocci的主题书中也没有记录.这使您相信，在创建Visual Studio项目之后，无需在Azure中进行任何其他设置即可以Azure订阅所有者身份登录.

So the resolution was very simple. But this is not documented anywhere, not even in Vittorio Bertocci's book on the subject - which leads you to believe that you can log in as the Azure subscription owner after creating the Visual Studio project without any additional setup in Azure.

由于新门户处于预览状态，因此UX并不是很明显.创建具有Active Directory集成的新ASP.NET项目后，请执行以下步骤:

Since the new portal is in preview the UX is not really all that obvious. Here are the steps to take after creating a new ASP.NET project with Active Directory integration:

1. 您必须登录Azure(在新门户中)

1. You have to log into Azure (in the new portal)

单击Active Directory.

Click on Active Directory.

转到您的应用注册"

您将在此处看到您的新应用程序.点击它.

You will see your new application there. click on it.

在应用注册刀片顶部的基本" 面板内，您将看到标题为本地目录中的受管应用" 的链接.并且该链接将与您已经在(这是令人困惑的部分)中的刀片的名称相同. 单击该链接...

Inside of the "Essentials" panel at the top of the app registration blade you will see a link with the header "Managed application in local directory" and the link will have the same name as the blade you are already in (This is the confusing part). Click on that link...

您现在更深入了，可以看到此应用程序有多少用户.可能是 0 . -这是问题！

You are now one blade deeper and are able to see how many users this application has. It will likely be 0. - This is the issue!

单击左侧菜单中的用户和组" ，即可开始添加用户.

Click on "Users and Groups" in the menu on the left side and you can start adding users.

请注意，随着AAD在新门户中退出预览，以上步骤可能会更改.

这篇关于Azure Active Directory传递带有默认模板的tenantId的空GUID的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！