Azure Lighthouse
An Azure service that provides secure managed services and access control for partners and customers.
78 questions
0 answers
Eligible Role
I am creating a product with an ARM template and I created an eligible authorization for a user. I have confirmed that they have been assigned an Azure AD Premium P2 license but when I run the ARM template in a test customer's Azure tenant I get the…
asked 2021-12-14T20:34:42.993+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(169.60000000000002, 90%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETG%3C/text%3E%3C/svg%3E)
Trevor Gelsinger
11
Reputation points
commented 2021-12-15T17:07:30.22+00:00
Trevor Gelsinger
11
Reputation points
3 answers
Azure Lighthouse Pulling subscription, but not Sentinel Workspace
We're trying out lighthouse + sentinel as a way to get a first look at a threat landscape of an adjacent tenant in the organization, and we've got it all set up to the point where I can see the subscription of the other tenant that has the sentinel…
asked 2020-11-13T20:05:09.247+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 52%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESC%3C/text%3E%3C/svg%3E)
Sam C
46
Reputation points
answered 2021-11-29T05:03:42.09+00:00
Andrew Blumhardt
9,861
Reputation points Microsoft Employee
0 answers
Lighthouse - Deploy a Policy that can be remediated with Managed Identity
Can someone confirm if I'm understanding the Managed Identity part of Azure policy remediation from this article? …
asked 2021-10-15T18:35:06.057+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 15%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
bsonnek
51
Reputation points
commented 2021-10-21T16:40:03.887+00:00
bharathn-msft
5,096
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Azure Management Groups for subscriptions under another Tenant
We are trying to find a way to govern CSP subscriptions we provide to our customers. We are looking for a definitive answer to if this is possible or not. After we provide the CSP subscription to our customer we join the subscription to our Azure…
2 answers
Remote deployments on Azure Stack HCI Cluster via Arc / Lighthouse
Hello Experts, I would like to understand Arc / Lighthouse capabilities with more clarity. I have a use case where I need to deploy and configure RDS farm on a Azure Stack HCI Cluster, In a normal scenario I can login to WAC and follow…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 43%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EY%3C/text%3E%3C/svg%3E)
1 answer
Microsoft 365 Lighthouse Public Preview criteria
This feature would tie in nicely with the Azure Sentinel MSSP Architecture, allowing analysts to use the same credentials for Azure and Microsoft 365 investigations. However it looks like this public preview is only available under the CSP program and…
asked 2021-07-23T04:32:30.593+00:00
Peter Cronwright
6
Reputation points
answered 2021-07-23T07:21:14.533+00:00
Stanislav Zhelyazkov
24,376
Reputation points MVP
1 answer
LightHouse Issue
Hello - need help on Azure Light House.. I have a Account A with tenant ID: 04a96f6f-259e-4135-891f-bcd684f5d83f 2) I created an User on Account A with "reader" role (Azure Role) 3) I have another Account B, with another subscription,…
asked 2021-05-06T20:12:20.717+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 33%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESD%3C/text%3E%3C/svg%3E)
Sam@DC
1
Reputation point
answered 2021-05-12T11:07:22.027+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 57.99999999999999%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Sam Swaminathan
6
Reputation points
0 answers
Msp lease equipment ,is there a way to get multiple companys under azure to be run from a service provider stand point on leased equipment
hi I am looking to see if I can use lighthouse or tenants to set up multiple company's on are equipment to lease as a Daas /Haas solutions. or should just go old fashioned and set up multiple ad servers on the sites. we will own the kit and licence the…
asked 2021-04-28T21:15:29.903+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 83%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESF%3C/text%3E%3C/svg%3E)
Sarno, Fabrizio D (DSCIS-11SR-5Sqn-OSD SIO01)
1
Reputation point
commented 2021-05-04T19:44:27.977+00:00
olufemia-MSFT
2,861
Reputation points
1 answer
Can someone help me see the differences between Azure Automation and Azure Blueprints and when to use each? (Azure lighthouse in future plan)
I was hoping to ask someone what the difference between using Azure Blueprints and Azure Automation is, it looks like I want blueprints (multiple enviroments and clients deploying parameterised ARM templates), but what am I missing about the…
asked 2021-02-25T12:32:23.773+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 0%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETG%3C/text%3E%3C/svg%3E)
Tyeth Gundry
1
Reputation point
commented 2021-03-04T17:54:16.807+00:00
tbgangav-MSFT
10,416
Reputation points
0 answers
Connect hybrid machines to Azure Arc using a Service Principal delegated with Lighthouse
Documentation I've used this documentation to connect a hybrid machine to Azure: https://zcusa.951200.xyz/en-us/azure/azure-arc/servers/onboard-service-principal Creating Service Principal I've created a service principal in our Service Provider…
asked 2021-02-19T13:46:01.49+00:00
Nathanael Santschi
136
Reputation points
commented 2021-03-02T03:22:05.667+00:00
tbgangav-MSFT
10,416
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure Lighthouse Govt tenant
Hi Is it possible to use Lighthouse across Govt and non-govt tenants? Any documentation would be appreciated! Cheers
asked 2020-12-18T16:13:15.707+00:00
Badger
56
Reputation points MVP
commented 2020-12-21T19:13:54.417+00:00
bharathn-msft
5,096
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
Use Lighthouse for Microsoft Defender ATP
Can Lighthouse be used with the Defender Security Center https://securitycenter.windows.com/dashboard the M365 Security center at https://security.microsoft.com/homepage from multiple tenants
asked 2020-09-19T18:14:52.327+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 56.00000000000001%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDG%3C/text%3E%3C/svg%3E)
Dean Gross
41
Reputation points
accepted 2020-09-29T19:41:11.577+00:00
Dean Gross
41
Reputation points
1 answer
Lighthouse Delegation during AAD Tenant switch
What happens to a Lighthouse Delegation during a migration of one AAD tenant to another of a subscription? As the Delegation is a resource and not a AAD entity I would expect it to be preserved and operational after the migration.
asked 2020-09-23T07:31:40.96+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPH%3C/text%3E%3C/svg%3E)
Pöhn Sebastian
1
Reputation point
commented 2020-09-28T07:05:40.573+00:00
SadiqhAhmed-MSFT
45,591
Reputation points Microsoft Employee
1 answer
Lighouse access with Azure Portal not working, CLI works fine
Hi The Azure Portal fails with the following error message when accessing resources and resource groups for a subscription delegated with Azure Lighthouse: An error occured when trying to fetch resources. Additional details from the underlying API that…
asked 2020-08-05T08:43:34.32+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 85%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
Marius Solbakken Mellum
1
Reputation point
commented 2020-08-21T07:30:36.033+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 39%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
SwathiDhanwada-MSFT
18,766
Reputation points
1 answer
Customer visibility to service provider group membership
It's good that we can delegate MSP groups for access to customer environments but is there any way that a customer could see what identities are in the group so they validate access?
asked 2020-07-28T15:15:09+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 9%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPB%3C/text%3E%3C/svg%3E)
Patrick Bingham
1
Reputation point
commented 2020-08-09T20:17:11.787+00:00
bharathn-msft
5,096
Reputation points Microsoft Employee
1 answer
Can CSP use Managed Service Offer to onboard a customer?
Hi Experts, I understand there are 2 ways to onboard a customer ARM/Powershell Template Managed Service Offer I just want to know if CSP partner can use the 2nd option, because I heard there might be some issues for this. Thanks
asked 2020-07-29T02:04:33.883+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 57.00000000000001%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EXZ%3C/text%3E%3C/svg%3E)
Xinye Zhang
1
Reputation point
commented 2020-08-04T06:43:57.097+00:00
SadiqhAhmed-MSFT
45,591
Reputation points Microsoft Employee
3 answers
Azure Monitoring, view Intune device compliance and failed sign-in's from multiple tenants
I would like to create a azure dashboard that displays "Intune non-compliant devices" and "failed sign-in's" from multiple customer tenants. The customers does not have any log analytics workspaces in their tenants as of now. …
asked 2020-07-06T08:50:48.743+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 88%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
Chadzwill
1
Reputation point
answered 2020-07-15T14:04:36.337+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 0%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVM%3C/text%3E%3C/svg%3E)
VipulSparsh-MSFT
16,271
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Why should we use Azure Lighthouse ?
Why and when should we use Azure Lighthouse [Note: As we migrate from MSDN, this question has been posted by an Azure Cloud Engineer as a frequently asked question] Source: Azure Docs
asked 2020-05-14T05:10:49.873+00:00
bharathn-msft
5,096
Reputation points Microsoft Employee
accepted 2020-05-14T06:14:05.113+00:00
bharathn-msft
5,096
Reputation points Microsoft Employee