Thursday, June 30, 2016

Set-MsolUserPrincipalName : Access Denied. You do not have permissions to call. Azure powershell error

while trying to set the password never expire for AAD, I got below error while running Set-MSOLUser command. (here is the link how to make password never expires for AAD user account)


"Set-MsolUserPrincipalName : Access Denied. You do not have permissions to call
this cmdlet.
At line:1 char:26
+ set-msoluserprincipalname <<<<  -userprincipalname millerj@cajonvalley.net -n
ewuserprincipalname accountame@xxx.onmicrosoft.com
    + CategoryInfo          : OperationStopped: (:) [Set-MsolUserPrincipalName
   ], MicrosoftOnlineException
    + FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.UserN
   otFoundException,Microsoft.Online.Administration.Automation.SetUserPrincip
  alName".
this say very clearly that the account you are logged in to perform this activity does not have the permission to do this.
hence to check and give access login to office 365 (https://www.office.com/).
then go to Admin icon and look for User and then find the account you are using to run the cmdlet above, as shown in right side pic.
just click edit side to role and assign Global Admin (Password admin if you select Customised Admin Rights), then click OK and close.
just wait for few minutes, as it needs to effect all across. (actually I was trying to execute the set command quickly and hence I was getting the same error). so just wait for a while and then run your Set command and this time it should be ok.

Regards,
Yes.Sudhanshu

Posted by at
Labels:

1 comment:

  1. PraveenOctober 16, 2019 at 10:30 PM

    Alternatively if you are still wanting to use powershell, I had success doing the following:

    Get-MsolUser -UserPrincipalName user1@domain.com | Set-MsolUserPrincipalName -NewUserPrincipalName user2@domain.com

    ReplyDelete

Subscribe to: Post Comments (Atom)