Creating a new MS Office 365 service account with global administrator permissions

Contributors netapp-aherbin netapp-rlithman Download PDF of this page

Creating a new Microsoft Office 365 service account with global administrator permissions is recommended when signing up for SaaS Backup for Office 365. However, creating a new account is not required. If you prefer, you can use your existing Microsoft Office 365 service account.

  1. Log in to your Office 365 Management portal using an account with administrative privileges.

  2. Click Users.

    Screenshot of users icon

  3. Select Active users, and then click Add a user.

    Screenshot of Office 365 Admin Center

  4. Enter the details of the new service account.

    • First name

    • Last name

    • Display name

    • User name
      The user name is the name of the service account.

  5. Expand Roles, select Global administrator as the role, and then click Add.

    Screenshot of available administrator roles in Office 365
    The service account details are sent to the administrator.

  6. Log in to your Office 365 Management Portal with the new account to activate it.

  7. Ensure that the service account includes licenses for Exchange Online and SharePoint Online, at a minimum.

    This is especially important if you restrict the individual licenses for the Global administrator role.

    You can enable multi-factor authorization (MFA) on this account.

ZZZ Config account

As part of your SaaS Backup subscription, a new account is created with ZZZ CC Config [GUID].

This auto-created account is used for discovering Shared/Archive mailboxes and private groups. It should have Exchange and SharePoint permissions (customized administrator in O365). It is recommended that you exclude this account from MFA policies.