Do you have to buy Premium P2 for every licensed user to use Privileged Identity Management
Do you have to buy Active Directory Premium P2 for every licensed user in your tenant to use Privileged Identity Management or can you just purchase it for the admin accounts you want to manage? $8 a month for every user is steep if you just want to control admin access but not too bad if we just had it on our admin users.
Connect-SPOService : Could not authenticate to SharePoint Online
Hi All! I am unable to connect to SPO from SharePoint online management shell using my account. MFA is enabled. Connect-SPOService -url https://[URL].sharepoint.com I'm getting the following response: Connect-SPOService : Could not authenticate to SharePoint Online https://[URL].sharepoint.com/ using OAuth 2.0 At line:1 char:1 + Connect-SPOService -url https://[URL].sharepoint.com + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [Connect-SPOService], AuthenticationException + FullyQualifiedErrorId : Microsoft.Online.SharePoint.PowerShell.AuthenticationException,Microsoft.Online.SharePoi nt.PowerShell.ConnectSPOService Can anyone help with this? Thanks.
Best setup for multiple machines
I have a live account for my email address as I have a surface and originally registered for an account to use for machine backups, browsing syncing etc. I also use onenote and wanted it syncing to a 365 onedrive account so I signed up for office 365 business basics so that I could sync onedrive and all of the associated attachments, audio records etc to it. I would love to use use the paid business account but I cant sign into the surface with the business account, only home accounts as I dont have pro. The next issue is that I use another laptop, android tablet and phone also signing into the business 365 account. These all used to sync fine but now, all other devices disconnect as the one you have signed into it connects. Not a major issue, you sign into the device you want to use, sync and then continue However i jump from device to device that often that it starts to grate on me that i cant just grab a device and sync. Is there any way I can register each device so that they are trusted and then more than one device can stay connected.Azure AD Connect Admin Audit log
Hi, Does anyone know if there is an Admin audit log for AADConnect? i'm looking for something that logs when an admin has, for example, made a change to the sync, such as adding or removing an OU from the sync scope, manually triggering an initial or delta sync, opening the admin tools or opening the connectors in edit mode? i am seeing a lot of clients systems whereby AAD Connect spends a lot of its time complaining about the need for an initial sync, I suspect a lot of these cases are where an admin has opened the sync and OK'd, or even cancelled out, but it seems to have marked the connector as changed. it seems odd that there is no evident admin audit log for something as critical, and security sensitive, as AAD Connect, if there isnt. if it relies on logging to event viewer only, then is there any guidance or documentation (i haven't managed to find any) to identify which event IDs would correlate to the above activities, trawling the logs so far i havent found anything identifying when a connector has been changed or, frankly, when an admin has opened or used the tools (MIISClient or Azure AD Connect app/tool) Thanks in advance for your input. Pete
Global Admin Locked Out - STILL no call back from "Data Protection Team"
Posting this here in the hope that someone will be able to help me. I'm the global admin of a small O365 tenancy and am locked out of the admin portal owing to my mobile phone (and subsequent Microsoft authenticator app) being damaged beyond repair meaning I cannot complete the MFA process to log in. Whilst I appreciate I should have had either a) a secondary method enabled such as a phone call or b) "break-glass" account with a complex password and no MFA, I need support with this issue ASAP. I have called the Microsoft support line no less than FIVE(!) times to be told that someone from the "Data Protection Team" will be calling me back within X hours yet it has now been over 2 weeks and I have still had no call. This is an M365 Business license and thus not the level of support I would expect. Please can someone advise on how to escalate this case (happy to provide case details via PM)
Issue with activating Azure Rights Management in hybrid environent
Hello, We have a client that we have the ARM templates working in Exchange online but they continue to get errors with their local Outlook clients trying to access them. In a hybrid environment what else is needed to get the local versions of Outlook to work? They are using Outlook 2016 and have E3 subscription. Thanks, JamesSharePoint permissions/group for Azure AD account removed the re activated.
Hi, We sync users from our on-prem AD to Azure AD. We moved a user from the OU on-prem that is synced. The sync happened and the Azure AD account disappeared (or was deactivated?) When the user was moved back and the next sync happened they reappeared on Azure AD, but had lost their previous SharePoint permissions and were not in the groups that they previously belonged to in SharePoint Online. Do the permissions have to be manually reinstated? Thank you for your time, Ollie
