Okay, I’ve got a very short break between project A and project B. Hope, you’ll enjoy the result of 3 months development effort (unfortunately I cannot disclose any details, but those who watch for new MPs will probably understand what was the “project A” :). Hint: it is not related to SQL Server).
Meanwhile, let’s shed the light on some O365 MP staff. I saw several complaints about security configuration for this scom management pack and, indeed, this is not well-documented part.
So, Office 365 MP defines two Run As profiles:
Office 365 Subscription Password secure reference.
This one is used to store O365 management credentials which are used for authentication at the management portal via O365 API. I’ve seen some complaints about updating credentials via O365 MP subscription administration UI, but this can be worked around by editing Run As accounts directly at “Run As Account Properties” dialog.
Office 365 Subscription Proxy secure reference.
This one absolutely undocumented though very important. It is used by all data sources involved into both data collection and automatic alert closure:
So, to make everything work, an account mapped to this profile should met following criteria:
- It should be a domain user;
- It should be able to login at the management server (otherwise SCOM will fail to run o365 monitoring workflows);
- It should be able to access Office 365 API endpoint (via https), so configure your firewalls, proxies, etc. There are no specific requirements for ports.
- It should be able to access SCOM data via SDK API to enumerate and close alerts. Usually the membership in “Operations Manager Operators” role is enough, but for unknown reason this doesn’t work in this case. So, ensure that you have granted “Operations Manager Administrators” role.
That’s it. And yes, I agree that synchronization and automatic closure logics could be somewhat more flexible and convenient.