How do I solve "The registration definition 'eeb6d891-559e-5554-9f5f-b0f6954430c8' not allowed to use the 'dfe4b198-ec21-4e8d-b62f-543cfc923071' as ManagedByTenantId."?

Question

How do I solve "The registration definition 'eeb6d891-559e-5554-9f5f-b0f6954430c8' not allowed to use the 'dfe4b198-ec21-4e8d-b62f-543cfc923071' as ManagedByTenantId."?

Benjamin Roedell 0

I'm unable to find any reason nor documentation to explain this error message when attempting to onboard a customer

{
	"code": "InvalidTemplateDeployment",
	"details": [
		{
			"code": "InvalidManagedServicesTemplateDeployment",
			"message": "The managed services template deployment file contains invalid values. Please see details.",
			"details": [
				{
					"code": "InvalidRegistrationDefinitionCreateRequest",
					"message": "The registration definition 'eeb6d891-559e-5554-9f5f-b0f6954430c8' not allowed to use the 'dfe4b198-ec21-4e8d-b62f-543cfc923071' as ManagedByTenantId."
				}
			]
		}
	],
	"message": "The template deployment 'Microsoft.Template-20250519165831' is not valid according to the validation procedure. The tracking id is '9a7ef542-73ee-45f4-806a-5fda7ffe8207'. See inner errors for details."
}

This was for a specific resource group and the customer uploading the template has the Owner role for their whole subscription.

Vinod Pittala 6,135 Reputation points Microsoft External Staff Moderator

2025-05-20T20:38:00.2366667+00:00

Hello Benjamin Roedell,

We haven't heard back from you regarding the advice Suwarna S Kale provided earlier. Could you please let us know if it was helpful? If you have any questions or encounter any issues, please don't hesitate to reach out. We are committed to resolving your concerns as a priority.

Thanks
Vinod Pittala 6,135 Reputation points Microsoft External Staff Moderator

2025-05-21T20:22:30.0566667+00:00

Hello Benjamin Roedell,

Just want to check if the below solution worked for you or else please let us know if any help needed, we are always here to help whenever you need us.

Please do not forget to Accept the answer and “upvote it” wherever the information provided helps you, this can be beneficial to other community members.it would be greatly appreciated and helpful to others.

Thanks

1 answer

Your answer

Vinod Pittala 6,135 Reputation points Microsoft External Staff Moderator

2025-05-20T20:38:00.2366667+00:00

Hello Benjamin Roedell,

We haven't heard back from you regarding the advice Suwarna S Kale provided earlier. Could you please let us know if it was helpful? If you have any questions or encounter any issues, please don't hesitate to reach out. We are committed to resolving your concerns as a priority.

Thanks
Vinod Pittala 6,135 Reputation points Microsoft External Staff Moderator

2025-05-21T20:22:30.0566667+00:00

Hello Benjamin Roedell,

Just want to check if the below solution worked for you or else please let us know if any help needed, we are always here to help whenever you need us.

Please do not forget to Accept the answer and “upvote it” wherever the information provided helps you, this can be beneficial to other community members.it would be greatly appreciated and helpful to others.

Thanks

Answer 1

Hello Benjamin Roedell,

Thank you for posting your question in the Microsoft Q&A forum.

The error you're encountering "InvalidRegistrationDefinitionCreateRequest" typically occurs when there's a tenant-level misalignment in Azure's Managed Services onboarding process. Specifically, the error indicates that the ManagedByTenantId (the tenant managing the resources) is not authorized to link with the customer's tenant (the Managed Services registration target).

To resolve this, you may verify below configs:

Verify Tenant Permissions: Ensure the customer’s tenant has explicitly granted access to the managing tenant (via Azure Lighthouse) before deployment.
Check Azure AD Trust: Confirm there’s no conditional access policy or cross-tenant restriction blocking the partnership.
Review Template Syntax: Validate that the ManagedByTenantId in the ARM template matches the authorized managing tenant’s ID.

If the issue persists, escalate to Microsoft Support with the tracking ID for tenant-level diagnostics.

Some reference documentation you may review:

https://learn.microsoft.com/en-us/azure/lighthouse/how-to/onboard-customer

If the above answer helped, please do not forget to "Accept Answer" as this may help other community members to refer the info if facing a similar issue. Your contribution to the Microsoft Q&A community is highly appreciated.

Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

Share via

How do I solve "The registration definition 'eeb6d891-559e-5554-9f5f-b0f6954430c8' not allowed to use the 'dfe4b198-ec21-4e8d-b62f-543cfc923071' as ManagedByTenantId."?

1 answer

Your answer