Intel vPro® Platform
Intel Manageability Forum for Intel® EMA, AMT, SCS & Manageability Commander
3051 Discussions

Intel EMA New AD Group Error

Yauheni
Beginner
‎12-11-2024 11:33 PM
2,473 Views

Hello,

I have installed and configured Intel EMA server and use Azure SSO to login users from my organization. It works well. I see there is an option to add whole AD groups to server and use them to manage access rights. But I encounter a problem (Internal server Error) when I try to add any group from Azure AD. Is it even possible or I do some mistakes during setup process?

Preview file
67 KB
0 Kudos

Link Copied

8 Replies
Yauheni
Beginner
‎12-12-2024 01:33 AM
2,443 Views

It happens due to lack of api permissions for groups for appRegistration for Azure. It is confusing because I didn't find any information about this permissions in intel-ema-server-installation-and-maintenance-guide.

0 Kudos
Copy link
Tristan_T_Intel
Employee
‎02-10-2025 11:17 AM
1,793 Views
In response to Yauheni

Could you share a screenshot or details on what permission change?

In response to Yauheni
0 Kudos
Copy link
Yauheni
Beginner
‎02-10-2025 10:57 PM
1,782 Views
In response to Tristan_T_Intel

Yes, to work with AD groups via Azure SSO you need to add group permissions for App registration in Azure.

Yauheni_0-1739257054332.png

It is confusing because in intel-ema-server-installation-and-maintenance-guide manual they mention only "User.Read.All" permission

Yauheni_1-1739257286740.png

 



 

 

In response to Tristan_T_Intel
0 Kudos
Copy link
vij1
Employee
‎12-12-2024 04:40 PM
2,417 Views

Hello Yauheni,

 

Greetings!

 

Could you please share the details below:

 

OS version of the Server

SQL version

Location of both; (physical, virtual)

Will they be on the same server machine?

Authentication mode: Local, Azure AD, or Windows AD

Intel® EMA software version:

 

Regards,

Vijay N

Intel Customer Support.

intel.com/vpro

 


0 Kudos
Copy link
vij1
Employee
‎12-17-2024 02:54 PM
2,354 Views

Hello Yauheni,

 

I am following up on the case and wondering if I can help you with anything else. Look forward to your response.

 

Regards,

Vijay N


0 Kudos
Copy link
Yauheni
Beginner
‎12-17-2024 10:40 PM
2,346 Views

As I mentioned earlier I fixed my problem by adding additional API permissions for appRegistarion.

0 Kudos
Copy link
vij1
Employee
‎12-18-2024 09:58 AM
2,326 Views

Hello Yauheni,

 

Greetings!

 

Thank you for your response.

 

Please find the Intel® Endpoint Management Assistant (Intel® EMA) Deployment Guide for Microsoft Azure at the link below:

Intel® EMA Deployment Guide for Azure


https://www.google.com/url?sa=i&url=https%3A%2F%2Fcdrdv2-public.intel.com%2F841816%2Fintel-ema-web-deployment-guide-fo-azue.pdf&psig=AOvVaw1Y1i8yI1CIqqx_X7fr5w44&ust=1734630578669000&source=images&cd=vfe&opi=89978449&ved=0CAYQrpoMahcKEwiAsIjN8LGKAxUAAAAAHQAAAAAQBA

  

If you need any assistance in the future, please feel free to reach out to us.

 

Best regards,

Vijay N


0 Kudos
Copy link
Chrisatwork
Beginner
‎03-12-2025 06:32 AM
1,313 Views

I have the same error using standard on prem AD and LDAP, when trying to add AD Groups using the EMA tool and AD distinguished name.
(Internal Server Error)

What could cause that.
Very frustrating.

 

0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.