Customer CUSTOMER_NAME notified of anomalous activity in Azure subscription
How do others feel about the alerts showing up in the Partner Center? We’ve detected suspicious or malicious activity in this Azure subscription. The customer of this subscription has been notified. What suspicious or malicious activity did microsoft detect you ask? An important security update is available for your Windows Server Update Services (WSUS) resource(s). That's right, there is no suspicious or malicious activity. Microsoft wants people to install an out of band security update and thought sending a notification to all azure customers was the best way to ensure that happened. Half the clients that received this alert aren't even running windows servers! Those that are running windows servers do not have the WSUS role installed. All the clients Microsoft alerted us about to suspicious activity in their subscriptions... Don't use WSUS We did have the pleasure of manually closing every single alert as "ignore" and I'm delighted to know that these alerts didn't count towards the security requirement to have an avg response time of less than 24h. I thought the partner security alerts were to notify us of critical issues microsoft detected in azure subscriptions. This, does not appear to be that. Am I missing something? thoughts?
Flagged for “serious compliance violations” – possible TAUX0 / third-party data mix-up?
Hello everyone, I’m posting here to see if anyone has experienced something similar or has any guidance. My company has been operating since 2006 as an IT/consulting firm. All members / staff are fully vetted, currently hold active government-level clearances with an impeccable record and we go through rigorous verification and clearance checks. Recently, our Microsoft partner / CSP access was deactivated. The only explanation I receive from support is the standard message: “Microsoft runs on trust… As a part of this commitment, we perform regular due diligence and vetting on all members of our partner network. In this case, our vetting revealed serious compliance violations attributable to your organization or with persons in a position of influence within your organization. We are unable to share further details.” When I asked for a meeting, support created a ticket and sent me a link to schedule an appointment. I scheduled it, but the ticket was closed almost immediately. At the same time, I received the same boilerplate “serious compliance violations” message again, and no one joined the scheduled meeting. I was then told explicitly that the decision cannot be changed by opening a new support case. From the outside, it looks like an internal “flag” has been set and front-line support can only paste that one response. I strongly suspect there may be a mistaken identity or bad third-party data involved. I see that the verification process uses AU10TIX and, from what I can tell, AU10TIX in turn relies on a data source called TAUX0 (or similar). When doing simple searches on my name/company, I see multiple entries for different entities that share similar names, some of those unrelated entities do have legal records. My concern is that these mixed records in TAUX0 (or related sources) have been combined and attributed to me/my company, even though we have no such history. I did contact AU10TIX, they said they will refer this to their R&D but "nothing they can do", I will have to contact Microsoft. My questions to the community: 1. Has anyone else had their partner/CSP access deactivated with the same “serious compliance violations” boilerplate and no details? 2. Was anyone able to get clarification or a remediation path, or is this truly final once the internal flag is set? 3. Does this type of enforcement affect only partner/CSP status, or can it also impact our ability to use Microsoft services as a customer? I’m not looking to argue or threaten legal actions, so please no such suggestions. I simply want to understand the practical impact and whether there is any constructive way to correct an apparent misunderstanding caused by third-party data. We are a small business and heavily impacted by this, as we cannot renew our Partner benefit packages. My hope is that, out of cases like this, Microsoft and AU10TIX can find a way to provide some guidance and a remediation path for small businesses, instead of leaving them in the dark with a generic “serious compliance violations” label and no explanation. Thanks in advance for any insights or similar experiences you can share.
I have a question about upcoming FY26 on the Distributor side minimum of 30 million USD TTM billed.
I am in Tie Distribution, distributing in Thailand. i see New Update What does this mean, please elaborate. I want to know how the revenue is calculated and is the minimum really 30 million USD? How can I check how much the current amount is? How is the TTM billed CSP revenue measured, and where can we view our historical data?
Questions Regarding New CSP Authorization Enforcement Policies
I have the following questions about the scenario in which a direct bill partner does not meet the new requirements at the CSP tenant anniversary date: Restricted Status vs. Suspension/Revocation: Until recently, official documents indicated that at T+0, a direct bill partner would move to "Restricted" status, allowing them to continue billing and renewing existing customers, but not create new customers or subscriptions, for an indefinite period. This also allowed a reasonable timeframe for transition to indirect CSP. Now, the new enforcement policies state that at T+30, the tenant is placed in "Suspended" status, and at T+60, it is "Revoked," with no further possibility to operate on active customers and their subscriptions—even in cases where subscriptions have already been paid for annual or annual/monthly contracts. Could you clarify the reason for this change and the rationale behind the new, stricter enforcement timeline? Customer Transition Feasibility: How does Microsoft expect all customers to be transferred to an indirect provider within just 30–60 days after T+0? Is there any support or guidance for partners to manage such a rapid transition? Because in my opinion is not feasible and could be a potential risk to loose customers business. Prepaid Subscriptions: Even if it were possible to transfer all customers within the required timeframe, has Microsoft considered that many of these subscriptions have already been prepaid for an entire year or are in the middle of an annuality with monthly payments by the direct bill partner to Microsoft? We appreciate your attention to these concerns and look forward to your guidance on how to best manage compliance and customer impact under the new policies. My personal opinion is that is immediately necessary to restore the process as before with the Restricted Status if Direct Bill are not satisfied and give time (one year) to the partner to move to indirect provider all the customers/subscriptions. Thank you in advance for your support.
i have a Question FY26 Indirect reseller security score Can't access it.
I must say that I am a Distributor and my Partners do not have access to the Security page and I want to make sure that they can access it. From what I have found, it only says that it is enforced for direct bill partners, distributors (formerly indirect provider), and indirect resellers. Can you please update this because the FY26 document requires that you Complete the mandatory requirements of the Partner Center security score. Please provide clarity on compliance with the Security requirements. FY26 When I click on the link Adn i see in Security Role i Not see Indirect reseller access On Partner Center Indirect reseller Can't access Even if they are Global Admins, they cannot access it.
