Issue with sharing a MDA #9248
Comments
|
Have you given that team access to the SR? |
|
Hi Jenefer, I presume you mean the below: As you can see the Makers Team has the the Power Platform Maker SR
Should the "Power Platform CoE - Maker Team" not have both the "Power Platform Maker SR" and the "Basic user" role? We have installed the CoE using the wizard so I presume that the necessary permissions have been granted during the install? Where else do I need to check! |
|
@Jenefer-Monroe I think I have discovered the "Power Platform CoE" - Maker Team. (It would appear that the group in the error message is not the same group as the M365 Group specified in the Power Platform Team) Which seems quite strange...
however the group that is assigned to the Power Platform Team is as follows.
I am not sure how this has occurred but this definitely appears to be the problem.
Is there an easy way to fix this without resetting the whole environment??? Your assistance would be appreciated! |
|
It sounds like the Maker group is just misconfigured, is that what you are saying?
|
|
Hi @Jenefer-Monroe, There is something VERY strange going on here... Our Power Platform Team ("Power Platform CoE - Maker Team") and all the Environment variables point at the correct Entra ID Group ID, as you can see from all the screenshots above. HOWEVER... The Maker Apps are all trying to authenticate with a completely different Microsoft 365 Group than the one specified in the Power Platform Team. Group Shown in Power Platform Team = "Power Platform - Makers" Group being authenticated with "Power Platform - Admin - Test" (This is the group it is using despite having specified and showing the group above the solution simply uses the incorrect M365 Group?????) |
|
Sorry it sounds like you are having issues with the product's SRs and Sharing, which is something outside of my ability to help debug. I think you'll need to have someone local assist who can explore and debug with you, and maybe contact product support if needed. |
|
Hi @Jenefer-Monroe, This is Microsoft's Unified Support Response...
It feels a little like no one is taking ownership of this issue. I would agree with you that this appears to be a core Power Platform issue but they seem to think it is a CoE issue as can be seen above. |
|
Sorry I'm a little lost. Let's forget the kit for a minute and see if you can explain the situation without the context of the kit. You have a team in the envt : Power Platform CoE - Maker Team Then people from the team do not have access? |
|
I think your issue is here Apps need to be shared with the entra group not the envt team. |
|
Hi @Jenefer-Monroe, Yes that is completely correct... So you are saying we should share it with the M365 Group not the "Power Platform - Maker Team"? We didn't create the "Power Platform - Maker Team"??? It was done as part of the install wizard. We have done the full install with the Installation wizard. So I presumed that the Team was part of the automated setup that occurs via the installation wizard??? |
Yes that is correct but we didn't create the "Power Platform CoE - Maker Team" this was created as part of the installation wizard process I presume. |
|
It looks like the product behavior changed here and this action Which used to grant the group permission (as seen here for a case when run in the past) Now does not and only shares with the team. |
Jenefer-Monroe
changed the title
|
Hi @Jenefer-Monroe, I have tried manually removing the Power Platform Team and adding the group directly to the Makers Dashboard but the M365 Group gets automatically replaced by the Power Platform Team. What is really worrying however is how the Power Platform Team shows that it is mapped to the correct M365 Group but actually Mapped to a completely different M365 Entra ID group. That is a bit worrying if you ask me from a security prespective. |
|
Ok thanks for pointing out the name changes when added the permissions via the UX as well. I do repro this too. Let's level set to be sure we can find where the issue is. I do still suspect the issue is with the product but we shall see All this works for me, please check that this part is all correct for you tooEntra groupsWhich one: ADMIN Which one: MAKER CoE Env VarsValidate you have the correct values for these assigned TeamsName: Power Platform - Admin - Test Team Hit Edit for each and validate and validate its correctly configured to the group above Click on the name to open in a form, GUID should be the correct Entra group AppApp itself Shared with both SRs Each team shared with its SR What is broken for meThe team member lists are empty. Will test back in several hours to see if the sync is still broken |
Jenefer-Monroe
changed the title
|
For me, I had to wait ~12-18 hours but then the team finally sunk up with entra and now its working.
Please let me know where in the above you differ. |
|
closing out as no further action for starter kit team |
Does this bug already exist in our backlog?
Describe the issue
We recently installed a completely fresh install of the CoE Starter Kit with a new environment and have been having a number of issues.
One issue is with access to the Maker Command Center. Users are getting the following access error:
I have checked that the maker dashboard has been shared and as far as I can see it seems to have been.
I have also confirmed the users are a member of the M365 Group.
I am however able to access the maker dashboard with the Installation Administrator account???
Expected Behavior
I would expect users to be able to access the Maker Command Center if they are a member of the makers group in Entra ID.
What solution are you experiencing the issue with?
Core
What solution version are you using?
4.45
What app or flow are you having the issue with?
Make Command Center
What method are you using to get inventory and telemetry?
Cloud flows
Steps To Reproduce
No response
Anything else?
No response
The text was updated successfully, but these errors were encountered: