Getting started using the Microsoft Assessment Microsoft Entra Application
Connectivity Requirements
Office 365 requires connectivity to the Internet. The endpoints listed here should be reachable.
The setup of the Microsoft Assessment Microsoft Entra Application requires access to the following endpoints:
aadcdn.msauth.net:443
az818661.vo.msecnd.net:443
c.urs.microsoft.com:443
go.microsoft.com:443
iecvlist.microsoft.com:443
ieonline.microsoft.com:443
login.microsoftonline.com:443
oneget.org:443
ongetcdn.azureedge.net:443
psg-prod-eastus.azureedge.net:443
www.powershellgallery.com:443
Setting up the Microsoft Microsoft Entra Application
- Open the Windows PowerShell command prompt with [Run as Administrator] on the Data Collection Machine.
- Run the following command.
New-MicrosoftAssessmentsApplication -AzureEnvironment <Cloud Type e.g. AzureCloud>
#Example
New-MicrosoftAssessmentsApplication -AzureEnvironment AzureCloud
Note
This script will run and then prompt for Global Administrator Credentials.*
Cloud Type
| Value | Description |
|---|---|
| AzureCloud | General Azure |
| AzureChinaCloud | Azure China |
| AzureGermanCloud | Azure German |
| AzureUSGovernment | Azure US Government |
Note
If the value is "AzureCloud", you can omit the parameter as below.*
New-MicrosoftAssessmentsApplication
Type “Y” if you are prompted to install the package.
At the credential prompt, please enter an account with Global Administrator access rights.
You will be prompted to Sign-in again, please provide Global Administrator Credentials
Note
If using MFA you will be prompted to respond to the MFA request, e.g. "Enter code". During the setup process you may receive multiple Sign-In prompts, this is normal whether using MFA or a Non-MFA enabled account. Please follow the On-Screen instructions in order to complete the setup.
Click on Accept on "Permissions requested Accept for your organization". Permission requirement for each Cloud Assessment
Once the permission has been accepted. You will be Signed-on into the Azure Portal.
On the Azure portal, Select [Microsoft Entra Directory] > [App Registrations] and confirm the “Microsoft Assessments” app is present on the right pane.
Click on the Microsoft Assessment Application to open it and click on “View API Permissions”
Confirm the SharePoint App Permissions section was also configured.
Troubleshooting
Please refer to General Troubleshooting OnDemand Assessment Guide for common issues, with regards to setup.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for