Forum Discussion

Neil Goldstein's avatar
Neil Goldstein
Iron Contributor
May 19, 2021

"New" home endpoint https://security.microsoft.com/?tid=<TenantGUID> does not work

So windows defender ATP .. err.. Microsoft Defender Endpoint is now starting to push the console functionality from the old securecenter.microsoft.com url to the "new" consolidated security.microsoft.com

 

One huge problem is that the "new" url does not support the https://security.microsoft.com/?tid=<TenantGUID> functionality.

 

Please fix the "https://security.microsoft.com/?tid=" functionality before you start moving blades/links on the DefenderATP console to take you to the new page.

 

Thank you!

 

3 Replies

Sort By
  • Sonali_Meshram's avatar
    Sonali_Meshram
    Icon for Microsoft rankMicrosoft
    Jun 10, 2021
    Hi Neil,
    Thank you for your feedback on this issue.
    Currently, we do not support tenant switch in same browser. If you want to switch tenants, please sign out of the first tenant from your browser and then sign in to the next tenant using the above URL pattern for delegated access.

    Thank You!
    • Neil Goldstein's avatar
      Neil Goldstein
      Iron Contributor
      Jul 02, 2021

      Sonali_Meshram   

       

      ====

      Sonali,

       

      I am not talking about tenant switch - I am talking about the loss of serviceability.

       

      Scenario:

      • Consultant X supports 10 small clients, each has M365-E5 user count of 10 thus having access to Defender for Endpoint.
      • Each customer has their CSP licenses using CSP-Direct (some with Insight, some with CDW, etc) -- NOT with consultant X
      • Consultant X has O365-E3 license but does NOT have access to Defender for Endpoint on own tenant.
      • Consultant X login has access rights to manage/operate Defender for Endpoint, MCAS, Intune, etc. on each client tenant.

       

      Current Access:

      1. Defender for endpoint: https://securitycenter.windows.com/?tid=<customer
      2. Intune/Endpoint:           https://endpoint.microsoft.com/?tid=<customerID>
      3. MCAS:                           https://portal.cloudappsecurity.com/?tid=<customerID>
      4. AzureAD                        https://aad.portal.azure.com/<TenantRootDomain> (aka blah.OnMicrosoft.com)
      5. M365AdminCenter:      https://portal.office.com/Partner/BeginClientSession.aspx?CTID=%3CClientTenantID%3E&CSDEST=o365admincenter 

       

      PROBLEM: But what doesn't work...

      • https://Security.Microsoft.com 

       

      That only works if I am logging on with a user WITHIN the tenant.

      i.e. Consultant X needs a dedicated user license with each client like mailto:ConsultantX@CustomerY.com just to access the security.microsoft.com page.

       

      Tenant switching within Security.Microsoft.com would be nice .. but at this point I just need an access method where an EXTERNAL user account that has been granted access to manage Defender for Endpoint can login.

       

      Either that or please STOP the forced switch to security.microsoft.com and leave access to securitycenter.microsoft.com

       

      Thank you.

       

      • Sergg's avatar
        Sergg
        Iron Contributor
        Nov 16, 2021

        Neil GoldsteinI agree the situation should be more consistent. And thank you very much for sharing the link for switching Azure AD in Office 365!!!

         

        M365AdminCenter:      https://portal.office.com/Partner/BeginClientSession.aspx?CTID=%3CClientTenantID%3E&CSDEST=o365admincenter

         

        The above works well.

Resources