Closed micceo closed 1 year ago
Mikael,
Thanks for contacting us. It looks like you are doing everything right.
Can you try:
If that fails please send me the user and api key to my company email matt.mcdermott@spanning.com
Also, have you tried out the new Azure AD Group licensing feature? The team just released it and it may reduce the amount of scripting you have to do.
Hi and thanks for the swift response.
Sorry missed that part.
Azure AD Group -thingy? No I've missed that. Got a link to educate myself? My spagetti-code forking out what should be removed and added sure needs cleaning up, so maybe this is the way to go.
Mailing away the requested stuff right now.
We are continuing to investigate your tenant, in the mean time, here is the KB on the new Group Based Licensing feature: Azure AD Group Based Licensing
Also, if you are not getting Spanning email, you need to fix that. When you run low on licenses we email you so you don't run out!
Thank you.
I noticed "Spanning DOES NOT automatically unassign licenses even if users are removed from a group or from Microsoft 365 ". My script takes care of removal also, and if not licenses are enough it takes what it can and reports how many missing, so for now I'll use that. But maybe the above will be an option in the future?
I've got email setup alright! Spanning is spamming me with error that it can't backup 0-byte files... 😀
Correct,
As a backup provider we did not want to have automation to remove the license in the event, either through intent, accident, or malicious activity, you remove users from the AD group. The application removes the backups for unlicensed users after 30 days. If you make a mistake and remove users from the group and don't notice for 30 days, you will not be able to restore the user's data.
We decided to err on the side of SAFETY.
Yes, 0 byte files cannot be restored, because there is no data.
Completely understand the decision. But this gives me some motivation to keep struggling with my own solution.
Off topic: Yeah the zero-file is a shortcoming in the API from Microsoft I understand. This is not a problem just would nice if it could be filtered out.
Good point, I'll ping the PM about it.
OK, I think we have this one figured out. There is an issue with creating the API Token if you log into the Spanning tenant from VSA or UniView. Start with a clean browser session and login directly to Spanning Backup as a Global Admin or Spanning Admin. Then generate the API Token.
I'll leave this issue open until you determine that is the solution.
Yes! Signing directly into Spanning with the tenants Global Admin account generates a working API Token. Confirmed.
In my case i used the an Edge profile signed in with the customers GA. Was presented with the dialog for letting Spanning access the tenant and from there went into settings. In Settings it showed that no API Token was generated even though I had created one previously when I logged in through UniView.
Excellent! Thanks Again. Once we update the UI to prevent this confusion I'll contact yo for a field test.
Hi,
What: A powershell script for managing licenses in Spanning through semi-intelligent filtering (group member, disabled account...) from Office 365.
Problem: Auth with token to Spanning. It works for other tenants but not for one of them. Had a support case/request with Spanning and they claim that there is no problem with the instance of the failing tenant at their backup solution.
Module version: 4.4.0.1
Error:
I use the same powershell script for multiple tenants just changing the admin and token for Spanning and the Office 365 credentials.
The working tenant report this with -verbose
The failing tenant reports this:
The difference start at
VERBOSE: GET https://o365-api-eu.spanningbackup.com/external/tenant with 0-byte payload
the working tenant follows up withVERBOSE: received 59-byte response of content type application/json
, the failing with the error.So need help to figure this one out, why one of the auths fails and others don't. To me they are exactly the same. Both accounts has a Spanning license enabled (a difference that Spanning support noticed. But adding a Spanning license to the tenant failing didn't solve anything).
Brgs,