Cloud Only account accessing Configmgr information for devices

Robert Young · ‎Aug 03 2021

In our current configuration, we separate our on-prem management and our cloud management accounts. We have come across an issue with Endpoint Manager when we access any info that comes from ConfigMgr (Timeline, Collections, CMPivot, ect ect) due to a 401 error.

The reason why this happens is that our username@company.onmicrosoft.com does not have access to this data on-premise. You need to grant a local account, username@company.com, access to pull this info.

I have tested that if our onprem account is granted access to endpoint manager, they can pull the information but I really do not want to have to train my team that you use your onmicrosoft.com for everything cloud, and then use your local account for Endpoint Manager.

Is there any way around this?

DxR · ‎Sep 27 2021

Hi,

You can’t use separate account for these functionnalities. It’s a prereq to use the same account for Configuration Manager and Admin Center.

https://docs.microsoft.com/en-us/mem/configmgr/tenant-attach/troubleshoot-cmpivot#bkmk_noinfo

Robert Young · ‎Sep 28 2021

Which is a poor design IMO, if you separate your accounts for security purposes. I was aware of the limitation, was wondering if anyone was able to overcome it.

Cloud Only account accessing Configmgr information for devices

Cloud Only account accessing Configmgr information for devices

Re: Cloud Only account accessing Configmgr information for devices

Re: Cloud Only account accessing Configmgr information for devices

Products (52)

Special Topics (29)

Video Hub (447)

Most Active Hubs

Most Active Hubs

Video Hub

Cloud Only account accessing Configmgr information for devices

Cloud Only account accessing Configmgr information for devices

Re: Cloud Only account accessing Configmgr information for devices

Re: Cloud Only account accessing Configmgr information for devices