Forum Discussion

Timil75's avatar
Timil75
Copper Contributor
Sep 17, 2019
Solved

CSP access to MCAS

Hello   As a Cloud Service Provider, I can access all my customers services with my CSP user technical account (who is Global Admin via guest integration in AD, by default) However, the one and on...
Cloud App Security
  • Julian Rasmussen's avatar
    Julian Rasmussen
    Sep 17, 2019
    Don`t think so! I have the same issue for my customers. but one way to get around it is to be granted "security reader" with a guest account or a dedicated user in Azure AD - not a good sollution but it should work to get insights. bur for working with the alerts etc. you need to a higher role. preffered is to use PIM to elevate the users up.
Pål Winther's avatar
Pål Winther
Iron Contributor
Sep 24, 2019

That is interesting Dima Donhin That can solve part of our problem, but not the part with the other unreachable portals like security and compliance portal.

awaaziz's avatar
awaaziz
Copper Contributor
Feb 04, 2020

Pål Winther 

Hello,

 

When you want to access to Microsoft 365 portals with guest user credential, you will ask you the password, for example if you the mail address of your guest user is guest@contoso.com the credential to use is guest_contoso.com#ext#@organizationname.onmicorosoft.com where ogranizationname is the name of the organization that invites you. So this password must be configured by an office 365 administrator, if you try to define this password directly from the Azure AD portal we will get an error message.

So to configure this password follow these steps :

Open a session as gloabl admin in admin.microsoft.com

Go to Active Users and select the guest user.

Define a password and confirm.

 

After you can give your guest user the role that you want from Azure AD Portal.

 

for me that work very fine.

 

Best Regards,

Adil WAAZIZ

Resources