Creating PowerShell Account
READ THIS BEFORE PROCEEDING
This guide only applies to GCC High Environment types.
For Commercial Environments, follow this guide.
For GGC High env't, unattended sign-in are required and 3rd party SSO and MFA must be disabled.
Make sure you are logging into your Microsoft 365 Admin center using an account with administrative privileges.
Login as an administrator to the Microsoft 365 admin center
Go to Users
Go to Add a user
Create the new account
Fill out the Basics section
Under Product Licenses, select Create user without product license option
Under Optional Settings, select Admin center access and enable Team Administrator checkbox
Complete the account creation
You can now start using your new service account in ZPM if you do not have Multi Factor Authentication.
If you do have MFA, please follow the steps on the next section as well.
Disabling Multifactor Authentication Service Settings
Once the account is setup, if you have Multi Factor Authentication enabled in your organization, it will need to be disabled or modified for the above created account.
Method 1: Disable MFA for the account
Connect to your Microsoft Azure tenant
Go to the Users section and find the account you initially created
Click on Disable
You can now use your new service account in ZPM without MFA
Method 2: Whitelist the IP of the ZPM machine
Login as an administrator to the Microsoft 365 admin center, search for the account you created and click on Manage Multifactor Authentication
Click on service settings
Add the IP or IP range from which requests originating from ZPM to Microsoft 365 will be placed as a trusted IP to ensure the service account can bypass MFA
You can now use your new service account in ZPM without MFA