edge sync cxxxh@fxxxs.com, DISABLED_BY_ADMIN, STOP_SYNC_FOR_DISABLED_ACCOUNT, Microsoft Information
hello community, i have a problem with microsoft edge sync. with exxxa@fxxxs.com the edge sync works under mac. Edge sync does not work on mac with cxxxh@fxxxs.com. it's the same mac. both users have the same license: microsoft 365 business premium. Azure Information Protection (AIP) + Azure AD Enterprise State Roaming (ESR) are enabled. I also performed Enable-AipService via powershell and checked it with Get-AipService. I also checked Get-AipServiceOnboardingControlPolicy + found no problems. I looked through https://docs.microsoft.com/en-us/deployedge/microsoft-edge-troubleshoot-enterprise-sync. restarting and setting up the edge, including a new profile, were unsuccessful. on iOS + windows 10 it is also not possible to sync with cxxxh@fxxxs.com + edge. Thank you ################## edge error log: Thu Jul 29 2021 15:50:08 GMT+0200 (Mitteleuropäische Sommerzeit) ====== Status ====== { "actionable_error": [ { "stat_name": "Error Type", "stat_status": "", "stat_value": "DISABLED_BY_ADMIN" }, { "stat_name": "Action", "stat_status": "", "stat_value": "STOP_SYNC_FOR_DISABLED_ACCOUNT" }, { "stat_name": "Error Description", "stat_status": "", "stat_value": "Microsoft Information Protection service is disabled" } ], "actionable_error_detected": true, "details": [ { "data": [ { "stat_name": "Transport State", "stat_status": "", "stat_value": "Disabled" }, { "stat_name": "Disable Reasons", "stat_status": "", "stat_value": "Feature not supported" }, { "stat_name": "Sync Feature Enabled", "stat_status": "", "stat_value": false }, { "stat_name": "Setup In Progress", "stat_status": "", "stat_value": false }, { "stat_name": "Auth Error", "stat_status": "", "stat_value": "OK since browser startup" }, { "stat_name": "Sync Account Type", "stat_status": "", "stat_value": "AAD" } ], "is_sensitive": false, "title": "Summary" }, { "data": [ { "stat_name": "Client Version", "stat_status": "", "stat_value": "Microsoft Edge Mac OS X 92.0.902.55 (2f31ea24c029d582f5472682b25153751b8021b3)" } ], "is_sensitive": false, "title": "Version Info" }, { "data": [ { "stat_name": "Server URL", "stat_status": "", "stat_value": "https://edge-enterprise.activity.windows.com/v1/feeds/me/syncEntities/" }, { "stat_name": "Server Environment", "stat_status": "", "stat_value": "edge-enterprise.activity-v1" }, { "stat_name": "Fetch Result", "stat_status": "", "stat_value": "SUCCESS" }, { "stat_name": "Fetch Message", "stat_status": "", "stat_value": "" } ], "is_sensitive": false, "title": "Environment Info" }, { "data": [ { "stat_name": "Requested Token", "stat_status": "", "stat_value": "n/a" }, { "stat_name": "Received Token Response", "stat_status": "", "stat_value": "n/a" }, { "stat_name": "Last Token Request Result", "stat_status": "", "stat_value": "OK" }, { "stat_name": "Has Token", "stat_status": "", "stat_value": false }, { "stat_name": "Next Token Request", "stat_status": "", "stat_value": "not scheduled" }, { "stat_name": "Last Token Error", "stat_status": "", "stat_value": "None" } ], "is_sensitive": false, "title": "Credentials" }, { "data": [ { "stat_name": "Requested Token", "stat_status": "", "stat_value": "n/a" }, { "stat_name": "Received Token Response", "stat_status": "", "stat_value": "n/a" }, { "stat_name": "Last Token Request Result", "stat_status": "", "stat_value": "OK" }, { "stat_name": "Has Token", "stat_status": "", "stat_value": false }, { "stat_name": "Next Token Request", "stat_status": "", "stat_value": "not scheduled" }, { "stat_name": "Last Token Error", "stat_status": "", "stat_value": "None" } ], "is_sensitive": false, "title": "Credentials for Key" }, { "data": [ { "stat_name": "Download Key Result", "stat_status": "", "stat_value": "Uninitialized" }, { "stat_name": "Net Error Code", "stat_status": "", "stat_value": "Uninitialized" }, { "stat_name": "HTTP Response Code", "stat_status": "", "stat_value": "Uninitialized" }, { "stat_name": "Process Key Result", "stat_status": "", "stat_value": "Uninitialized" }, { "stat_name": "Set Key Result", "stat_status": "", "stat_value": "Uninitialized" }, { "stat_name": "Fetched Key Count", "stat_status": "", "stat_value": 0 } ], "is_sensitive": false, "title": "MSA Account Key Status" }, { "data": [ { "stat_name": "Pack/Unpack Key Result", "stat_status": "", "stat_value": "Uninitialized" }, { "stat_name": "Last MIP Result", "stat_status": "", "stat_value": "Uninitialized" }, { "stat_name": "Last Key Status", "stat_status": "", "stat_value": "Uninitialized" }, { "stat_name": "New Key State", "stat_status": "", "stat_value": "Uninitialized" }, { "stat_name": "Key Commit Response", "stat_status": "", "stat_value": "Uninitialized" }, { "stat_name": "Set Key Result", "stat_status": "", "stat_value": "Uninitialized" }, { "stat_name": "Packed/Unpacked Key Count", "stat_status": "", "stat_value": 0 } ], "is_sensitive": false, "title": "AAD Account Key Status" }, { "data": [ { "stat_name": "Server Connection", "stat_status": "", "stat_value": "not attempted" }, { "stat_name": "Last Synced", "stat_status": "", "stat_value": "Never" }, { "stat_name": "Sync First-Time Setup Complete", "stat_status": "", "stat_value": true }, { "stat_name": "Sync Cycle Ongoing", "stat_status": "uninitialized", "stat_value": false }, { "stat_name": "Local Sync Backend Enabled", "stat_status": "", "stat_value": false }, { "stat_name": "Local Backend Path", "stat_status": "uninitialized", "stat_value": "Uninitialized" }, { "stat_name": "Last Successful Sync Time", "stat_status": "", "stat_value": "2021-07-29 15:49:28 +02" }, { "stat_name": "Last Audited", "stat_status": "", "stat_value": "Just now" } ], "is_sensitive": false, "title": "Local State" }, { "data": [ { "stat_name": "Throttled or Backoff", "stat_status": "uninitialized", "stat_value": false }, { "stat_name": "Retry Time", "stat_status": "uninitialized", "stat_value": "Uninitialized" }, { "stat_name": "Notifications Enabled", "stat_status": "uninitialized", "stat_value": false } ], "is_sensitive": false, "title": "Network" }, { "data": [ { "stat_name": "Explicit Passphrase", "stat_status": "uninitialized", "stat_value": false }, { "stat_name": "Passphrase Required", "stat_status": "uninitialized", "stat_value": false }, { "stat_name": "Cryptographer Ready To Encrypt", "stat_status": "uninitialized", "stat_value": false }, { "stat_name": "Cryptographer Has Pending Keys", "stat_status": "uninitialized", "stat_value": false }, { "stat_name": "Encrypted Types", "stat_status": "uninitialized", "stat_value": "Uninitialized" }, { "stat_name": "Has Keystore Key", "stat_status": "uninitialized", "stat_value": false }, { "stat_name": "Next Key Request Time", "stat_status": "uninitialized", "stat_value": "Uninitialized" }, { "stat_name": "Keystore Migration Time", "stat_status": "uninitialized", "stat_value": "Uninitialized" }, { "stat_name": "Passphrase Type", "stat_status": "uninitialized", "stat_value": "Uninitialized" }, { "stat_name": "Explicit passphrase Time", "stat_status": "uninitialized", "stat_value": "Uninitialized" }, { "stat_name": "Trusted Vault Migration Time", "stat_status": "uninitialized", "stat_value": "Uninitialized" }, { "stat_name": "Trusted Vault Version/Epoch", "stat_status": "uninitialized", "stat_value": 0 } ], "is_sensitive": false, "title": "Encryption" }, { "data": [ { "stat_name": "Sync Source", "stat_status": "uninitialized", "stat_value": "Uninitialized" }, { "stat_name": "GetKey Step Result", "stat_status": "uninitialized", "stat_value": "Uninitialized" }, { "stat_name": "Download Step Result", "stat_status": "uninitialized", "stat_value": "Uninitialized" }, { "stat_name": "Commit Step Result", "stat_status": "uninitialized", "stat_value": "Uninitialized" } ], "is_sensitive": false, "title": "Status from Last Completed Session" }, { "data": [ { "stat_name": "Notifications Received", "stat_status": "uninitialized", "stat_value": 0 }, { "stat_name": "Updates Downloaded", "stat_status": "uninitialized", "stat_value": 0 }, { "stat_name": "Tombstone Updates", "stat_status": "uninitialized", "stat_value": 0 }, { "stat_name": "Reflected Updates", "stat_status": "uninitialized", "stat_value": 0 }, { "stat_name": "Successful Commits", "stat_status": "uninitialized", "stat_value": 0 }, { "stat_name": "Conflicts Resolved: Client Wins", "stat_status": "uninitialized", "stat_value": 0 }, { "stat_name": "Conflicts Resolved: Server Wins", "stat_status": "uninitialized", "stat_value": 0 } ], "is_sensitive": false, "title": "Running Totals" }, { "data": [ { "stat_name": "Encryption Conflicts", "stat_status": "uninitialized", "stat_value": 0 }, { "stat_name": "Hierarchy Conflicts", "stat_status": "uninitialized", "stat_value": 0 }, { "stat_name": "Server Conflicts", "stat_status": "uninitialized", "stat_value": 0 }, { "stat_name": "Committed Items", "stat_status": "uninitialized", "stat_value": 0 } ], "is_sensitive": false, "title": "Transient Counters (this cycle)" }, { "data": [ { "stat_name": "Updates Downloaded", "stat_status": "uninitialized", "stat_value": 0 }, { "stat_name": "Committed Count", "stat_status": "uninitialized", "stat_value": 0 }, { "stat_name": "Entries", "stat_status": "uninitialized", "stat_value": 0 } ], "is_sensitive": false, "title": "Transient Counters (last cycle of last completed session)" } ], "syncShowClearServerDataButton": false, "type_status": [], "unrecoverable_error_detected": false }SharePoint IRM & AIP; Differences and Configuration
Hello TechCommunity Friends! Have a client that has had a SPO Classic Site and New Communication Site created by a third party with IRM enabled. Their goal is to be able to upload PDFs to the Communication Site that cannot be downloaded or printed, problem with IRM is that they are unable to open the PDFs in Adobe Reader (preferred) which tells them they need to use other application or use AIP. When they open in e.g. Foxit it applies a Watermark (not configured to do this). They have requested AIP be looked into since it is included in their E3 subscription. Jumping into their Azure Portal, enabled AIP and can see the following is created, but not sure whether this is because IRM was already configured? (Believe you can convert IRM labels to AIP labels): Looking at the Document Library for the Communication Site, there does not appear to be a place for AIP to be configured. Does IRM need to be disabled? Will this version of AIP achieve what the client wants? Have watched Atul's demo and gone through docs. but not sure on where to go from here.
Exclude Microsoft first party applications in Azure conditional access policy
We have app built on Microsoft Graph resource and we have a conditional access policy that targets all cloud apps. when users sign into this app using Chrome browser on iOS they get error and prompt to use Edge. We do not want users to change the browser and tried to exclude Microsoft Graph from CA policy using all options including API but fails with the below error. Policy contains invalid applications: unsupported firstpartyapplication. Is there a way to exclude Microsoft Graph from the policy?
PayAsYouGo to CSP Model Migration
Hi, We are planning to migrate from a "pay as you go" to a CSP subscription model (for our Azure Tenant/Subscription). We currently have Sentinel and AIP sharing the same log analytics workspace. AIP is configured in both on-prem and Azure Cloud. Sentinel is connected to about 8 different source systems. During the migration, will we have to recreate the Sentinel and AIP log analytics workspaces as separate workspaces? Or can we simply migrate the single workspace across? What about all the AIP protected & encrypted data - will that be impacted in any way during this migration? Will people be able to access everything seamlessly after the migration? Thank you, SK
AIP Policies - What determines the order fo the policies? Example?
You can move AIP policies up and down. So it seems the order matters. What is an example where I would need to pay attention to the order and what does it determine? For example my users would get 3 policies: - the standard (global) policies für all company users (e.g. public, internal, confidential, restricted (protected)) - a department policy (Sales Restricted (protected)) - a policy allowing some users customized protection Would this also be the recommended order? Thanks, Franck
Office 365 Azure Information Protection - How to set "Do Not Reply" restriction?
We have recently set up and enabled the Office 365 email encryption system via Azure Information Protection. This is working well however we would like to edit the default "Do Not Forward" template so that it also includes a restriction which prevents the encrypted emails from being replied to as well. Does anyone know how to do this? So far via a lot of Googling I've not found anything. thanks
Viewing AIP protected PDF's in SharePoint/Teams
Is it possible to open a AIP protected PDF in SharePoint/Teams? If so, can can this be achieved? I can open PDF, Word, Excel, and PowerPoint files without AIP in SharePoint/Teams with no issue. I can open Word, Excel, and PowerPoint files with AIP in SharePoint/Teams with no issue. I can open AIP protected PDF's in Adobe without issue. When I try to open a PDF with AIP in SharePoint/Teams I get an message saying "This is a protected document. You can view it using a supported PDF reader app". Since I can open the same PDF file without AIP in SharePoint/Teams I would assume that SharePoint/Teams are supported PDF reader app's. As soon as I enable AIP on the PDF file, upload it to SharePoint/Teams, and try to open it I get the attached error. So my question stands. Is it possible to open a AIP protected PDF in SharePoint/Teams? If so, can can this be achieved? Any insight into my issue would be of great help. I have asked in Microsoft Discord-Cloud Services and Reddit-r/MicrosoftTeams and nobody has replied.
