none
After tenant Migration Key Vault not showing Directory Name RRS feed

  • Question

  • We have migrated our solution from Tenant A to Tenant B. It includes few services along with KeyVault. All services are working as expected. However KeyVault is somehow linked to old tenant that is Tenant A and Directory Name in the properties showing as empty. I have used link https://docs.microsoft.com/en-us/azure/key-vault/key-vault-subscription-move-fix suggested in the keyvault portal page. I am able to updated old Tenant ID to new Tenant ID, still the Directory Name showing as empty. Because of this I am unable to use keyvault, unable to add access policies and all. 
    Tuesday, July 23, 2019 9:02 AM

Answers

  • Thanks for your reply, I have already created a Support ticket with MS support team. It is resolved now.

    https://docs.microsoft.com/en-us/azure/key-vault/key-vault-subscription-move-fix

    As mentioned in the question in the initial level we used Azure CLI to update TenantID.

    Fix : 

    We followed the same link to update the TenantId from Powershell along with Service Principal Identity. It worked and updated Directory Name along with TenantId. 


    • Edited by k0d3rs Thursday, July 25, 2019 8:21 AM
    • Marked as answer by k0d3rs Thursday, July 25, 2019 8:21 AM
    Thursday, July 25, 2019 8:20 AM

All replies

  • In the properties of the KV in the Azure portal, do you see the new directory ID? How long has it been since you ran the commands to update the key vault? 


    Tuesday, July 23, 2019 9:19 AM
    Moderator
  • After running the command, upfront I can see latest Directory ID in the portal KV Properites. 
    Tuesday, July 23, 2019 9:25 AM
  • If the Directory ID displays the latest tenant details, then you should be able to create and assign access policies to the users/principals linked to the new tenant?

    What is the error you are getting when you try to create an access policy? 

    Under Access Control> Role assignments, what is the role you have for the scope of Key vault?

    Tuesday, July 23, 2019 9:31 AM
    Moderator
  • 

    I am unable to add any Access policies from portal. I am able to add my self to access policies from Azure Cli, still it is not giving permission to access keyvault secrets. 

    Tuesday, July 23, 2019 9:44 AM
  • If you are still facing the issue, I would recommend engaging Microsoft Support through a ticket to investigate further. If you do nothave access to support, then drop an email to azcommunity@microsoft.com with your subscription ID and I will have it enabled for free one time support.
    Wednesday, July 24, 2019 11:45 AM
    Moderator
  • Thanks for your reply, I have already created a Support ticket with MS support team. It is resolved now.

    https://docs.microsoft.com/en-us/azure/key-vault/key-vault-subscription-move-fix

    As mentioned in the question in the initial level we used Azure CLI to update TenantID.

    Fix : 

    We followed the same link to update the TenantId from Powershell along with Service Principal Identity. It worked and updated Directory Name along with TenantId. 


    • Edited by k0d3rs Thursday, July 25, 2019 8:21 AM
    • Marked as answer by k0d3rs Thursday, July 25, 2019 8:21 AM
    Thursday, July 25, 2019 8:20 AM