There is a new support page built into Nova to help with troubleshooting why Azure Tenant information is not being populated in TMS (it’s needed for Delegation & Policy Control) despite the user having already logged in.
If you’re affected by this problem you should complete the following steps, and provide the information to the customer experience team:

  1. Go to
  2. Login as normal using AAD / SSO login.
  3. Click on the button labelled ‘Login as support’
  4. A diagnostic page should appear, as shown below

This page will only appear if we could get the data from the login token and Microsoft Graph. If not, then there is something more fundamentally wrong than syncing with TMS – we can’t get the data from Microsoft Graph, or the user didn’t use AAD login (notice IdentityProvider shows AzureAd for the login above, which shows it’s an AAD login – anything else, it is not).
Two important things on this page:

  1. The green highlighted domain is the Primary Domain. This should match TMS.
  2. The TMS Org ID, at the bottom, is the org ID that got synced to for this login. If it DOES NOT match the org you are looking at in TMS, then this primary domain (Azure Tenant ID) is linked to another org somewhere in the hierarchy, and this will likely cause problems.
Print Friendly, PDF & Email