Skip to content

FAQ

Jump to bottom
Seema Guggari edited this page May 8, 2019 · 21 revisions

Please use this as a general guide for answers to frequently asked questions. Visit our Tips document on the Microsoft Graph site for more FAQ answers.

Where do I find sample ARM templates?

Sample ARM templates are here

I am running into Privileged Access Management is not enabled for the tenant…. How do I fix this?

This is because your tenant has not opted in and enabled the Privileged Access Management feature. Please follow the instructions here

I am running into Invalid autnN type ...

Please make sure you are connecting to Exchange Online Powershell using multi-factor authentication. Please follow the instructions here. You do not need to enable multi-factor authentication for your Office 365 organization in order to do this. Connecting with multi-factor authentication creates an OAuth token that is used by Privileged Access Management for signing your requests.

I am running into ... is not digitally signed. You cannot run this script on the current

Please run the following before in your Powershell window

Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process

I setup triggers in my ARM template, but they do not run.

Triggers by default, are not kicked off during the ARM template deployment. Please run the trigger via the UI or Powershell. If you want to run triggers by default, on deployment, please reference the following

I kicked off a pipeline but only one of them completed, the rest seem to be stuck...?

Pipelines, by definition, consist of a set of activities to copy Office 365 Data. Each activity generates its own Privileged Access Management (PAM) Request. Please make sure you approve requests for all activities for a given pipeline

An approver approved a data access request, how long is this valid for?

Requests approved by Office data request approvers are valid for 6 months for data access as long as the scope of the request remains the same. After 6 months, a new request will be triggered automatically for approval. Any changes to the shape of the data will also trigger a new PAM request flow.

I am running into Writing to 'AzureDataLakeStore' failed. Message: The remote server returned an error: (403) Forbidden

Please make sure to grant the SPN access to the destination ADLS store in the ARM template of your application:

initialUser": "[parameters('destinationServicePrincipalAadId')]

To get the AAD Id of the SPN, run the following command in Azure Powershell:

Get-AzureRmADServicePrincipal -SearchString "DisplayName of the SPN" | fl Id

I am running into something else?

Please follow the guidelines here to reach out to us Contact Us.

Table of Contents

  1. Run ADF pipelines to copy Office 365 data
  2. Publish an Azure Managed Application to copy Office 365 data
  3. Capabilities

Quick Links

Help

Clone this wiki locally