Eligible Role
I am creating a product with an ARM template and I created an eligible authorization for a user. I have confirmed that they have been assigned an Azure AD Premium P2 license but when I run the ARM template in a test customer's Azure tenant I get the…
Azure Lighthouse Pulling subscription, but not Sentinel Workspace
We're trying out lighthouse + sentinel as a way to get a first look at a threat landscape of an adjacent tenant in the organization, and we've got it all set up to the point where I can see the subscription of the other tenant that has the sentinel…
Lighthouse - Deploy a Policy that can be remediated with Managed Identity
Can someone confirm if I'm understanding the Managed Identity part of Azure policy remediation from this article? …
Azure Management Groups for subscriptions under another Tenant
We are trying to find a way to govern CSP subscriptions we provide to our customers. We are looking for a definitive answer to if this is possible or not. After we provide the CSP subscription to our customer we join the subscription to our Azure…
Remote deployments on Azure Stack HCI Cluster via Arc / Lighthouse
Hello Experts, I would like to understand Arc / Lighthouse capabilities with more clarity. I have a use case where I need to deploy and configure RDS farm on a Azure Stack HCI Cluster, In a normal scenario I can login to WAC and follow…
Microsoft 365 Lighthouse Public Preview criteria
This feature would tie in nicely with the Azure Sentinel MSSP Architecture, allowing analysts to use the same credentials for Azure and Microsoft 365 investigations. However it looks like this public preview is only available under the CSP program and…
LightHouse Issue
Hello - need help on Azure Light House.. I have a Account A with tenant ID: 04a96f6f-259e-4135-891f-bcd684f5d83f 2) I created an User on Account A with "reader" role (Azure Role) 3) I have another Account B, with another subscription,…
Msp lease equipment ,is there a way to get multiple companys under azure to be run from a service provider stand point on leased equipment
hi I am looking to see if I can use lighthouse or tenants to set up multiple company's on are equipment to lease as a Daas /Haas solutions. or should just go old fashioned and set up multiple ad servers on the sites. we will own the kit and licence the…
Can someone help me see the differences between Azure Automation and Azure Blueprints and when to use each? (Azure lighthouse in future plan)
I was hoping to ask someone what the difference between using Azure Blueprints and Azure Automation is, it looks like I want blueprints (multiple enviroments and clients deploying parameterised ARM templates), but what am I missing about the…
Connect hybrid machines to Azure Arc using a Service Principal delegated with Lighthouse
Documentation I've used this documentation to connect a hybrid machine to Azure: https://zcusa.951200.xyz/en-us/azure/azure-arc/servers/onboard-service-principal Creating Service Principal I've created a service principal in our Service Provider…
Azure Lighthouse Govt tenant
Hi Is it possible to use Lighthouse across Govt and non-govt tenants? Any documentation would be appreciated! Cheers
Use Lighthouse for Microsoft Defender ATP
Can Lighthouse be used with the Defender Security Center https://securitycenter.windows.com/dashboard the M365 Security center at https://security.microsoft.com/homepage from multiple tenants
Lighthouse Delegation during AAD Tenant switch
What happens to a Lighthouse Delegation during a migration of one AAD tenant to another of a subscription? As the Delegation is a resource and not a AAD entity I would expect it to be preserved and operational after the migration.
Lighouse access with Azure Portal not working, CLI works fine
Hi The Azure Portal fails with the following error message when accessing resources and resource groups for a subscription delegated with Azure Lighthouse: An error occured when trying to fetch resources. Additional details from the underlying API that…
Customer visibility to service provider group membership
It's good that we can delegate MSP groups for access to customer environments but is there any way that a customer could see what identities are in the group so they validate access?
Can CSP use Managed Service Offer to onboard a customer?
Hi Experts, I understand there are 2 ways to onboard a customer ARM/Powershell Template Managed Service Offer I just want to know if CSP partner can use the 2nd option, because I heard there might be some issues for this. Thanks
Azure Monitoring, view Intune device compliance and failed sign-in's from multiple tenants
I would like to create a azure dashboard that displays "Intune non-compliant devices" and "failed sign-in's" from multiple customer tenants. The customers does not have any log analytics workspaces in their tenants as of now. …
Why should we use Azure Lighthouse ?
Why and when should we use Azure Lighthouse [Note: As we migrate from MSDN, this question has been posted by an Azure Cloud Engineer as a frequently asked question] Source: Azure Docs