Nova DPC uses service accounts to manage tenants and to perform actions on behalf of delegated administrators.
You can review and manage these accounts on the
Manage Administration >Service Accounts page.
For a service account to be effective:
- It needs to be a global administrator in the tenant
- Multi-factor authentication should not be enabled on the account (It is used to programatically run PowerShell sessions, and therefore cannot be multi-factor authentication enabled). Application passwords are not supported for the service account.
- It must be free from any policies that would restrict its access in the tenant. (For example a Conditional Access Policy that limits basic authentication attempts from internal IP addresses only)
- It should be dedicated for use with Nova DPC
If the password of the service account is changed, it must also be changed in Nova DPC.