SOLVED

License guide or infographic

Deleted
Not applicable

Are there any license resource/guides/Q&A available that gives on "overview" about the various licensing in O365/Azure?.
Example:
Q: I want to do 'Conditional Access' for 50 out of 5000 users

A: OK - you need a Azure P1 license/subscription - and you'll have to license all your 5000 users - not just the 50   

6 Replies

Hello @Deleted (amazing),

I am not sure if there is something as granular/specific as what you are looking for, but this is my holy grail when it comes to O365 licensing info - https://technet.microsoft.com/library/office-365-service-descriptions.aspx

The service description file can be spliced every which way with the pivot tables at the top. It wont get a specific as your example "you need all users licensed for this." But you could 100% find out what licenses have what features, etc.

Hope this helps somewhat!

Adam

Hi @Adam Ochs 

Thanks! - "It's not who we are but what we do that defines us."

 

Very useful link, but seeking more in the "admin" part - its a "big dark (knight) jungle" - when it comes to licensing :)    

There are various "rumors/statements" floating around like; "You only need one Azure P1 license for the Global Admin in order to achieve "this and that"....."  


and like this from a MS page:: 
"The administrator who configures the settings, and the members of the affected groups, must have Azure AD Premium licenses assigned to them" 

 

 

In the above scenario I clearly don't need to assign/buy a Azure P1 license for all 5000 users (if they are not all in the groups :)... ) 

Does the same apply for conditional access? 


    

Hey @Deleted,

 

I can test this in my lab for your today, I will try to get back to you before the weekend! 

 

Adam

best response confirmed by VI_Migration (Silver Contributor)
Solution

So I just got done testing this out.

 

1st - Turns out enabling the conditional access policy helps.... i was sitting there for like an hour like why the heck is this not working....


Anyways,

I have a user with e3, as well as another with e5. The e5 user obviously has the appropriate AADP licensing to do conditional access and the e3 does not.

I created a conditional access policy for SPO and set MFA as a prereq fro both users. After a bit, I tested, and it enforced the MFA on both of them.

So even my user with just e3, and lacking the appropriate AADP license, still had conditional access enforced.

I would think think this would be how you can expect your tenant to act right now, but honestly I am unsure if that is intentional or not. It seems like a problem with auditing more than anything. So for now, I would say you are in the clear, but It would not surprise me if they set auditing better in the future and forced you to have AADP for CA to work.

Adam

Hi @Adam Ochs 

Thanks :)

So I'll buy a single license for now - then doing the conditional access policy - and see whats "coming" audit wise  - and maybe I'm violating the license rules .. but what the heck, MS needs to be more "transparent" in their licensing :D 

Thanks again :)  

There is some sort of joke about vigilante justice in here ;)

1 best response

Accepted Solutions
best response confirmed by VI_Migration (Silver Contributor)
Solution

So I just got done testing this out.

 

1st - Turns out enabling the conditional access policy helps.... i was sitting there for like an hour like why the heck is this not working....


Anyways,

I have a user with e3, as well as another with e5. The e5 user obviously has the appropriate AADP licensing to do conditional access and the e3 does not.

I created a conditional access policy for SPO and set MFA as a prereq fro both users. After a bit, I tested, and it enforced the MFA on both of them.

So even my user with just e3, and lacking the appropriate AADP license, still had conditional access enforced.

I would think think this would be how you can expect your tenant to act right now, but honestly I am unsure if that is intentional or not. It seems like a problem with auditing more than anything. So for now, I would say you are in the clear, but It would not surprise me if they set auditing better in the future and forced you to have AADP for CA to work.

Adam

View solution in original post