Office 365 integration prerequisites

In this article, you will learn which prerequisites need to be configured on your Safetica Management Server and Azure tenant for the Safetica Office 365 integration to work correctly.

The steps described below need to be performed by all users who haven’t yet configured the Safetica Office 365 integration or who are setting up a new tenant. Also, if you are experiencing issues with Safetica Office 365 integration, please check these settings before contacting Safetica Support.

Two areas need to be checked and configured:

1. Allow PowerShell Basic Authentication

Safetica uses PowerShell commands to communicate with Microsoft Graph API. Graph API, however, only supports PowerShell Basic Authentication method: https://office365.uservoice.com/forums/264636-general/suggestions/20570782

From security perspective, we are not happy about this, and we intend to change the authentication method as soon as Microsoft enables us to do so. In the meantime, you can use the following commands to turn on Basic Authentication on your Safetica Management Server machine:

Command Prompt

winrm set winrm/config/client/auth @{Basic="true"}

PowerShell

winrm set winrm/config/client/auth '@{Basic="true"}'

2. Disable Microsoft security defaults

From October 22th, 2019, Microsoft sets for newly created Azure tenants to Enabled by default. This setting, however, blocks all unknown connections including Safetica. For Safetica Office 365 integration to work correctly, you need to disable security defaults for your tenant:

  1. Sign in to the Azure portal as a security administrator, conditional access administrator, or global administrator.
  2. Go to Azure Active Directory -> Properties.
  3. Click Manage security defaults.
  4. Set the Enable security defaults option to No.
  5. Click Save.

This setting does not compromise security, it just allows your Azure tenant to communicate with third parties.

Please note that applying these changes in Azure tenant might take some time. We recommend waiting a few hours before contacting Safetica Support with issues.

After you perform these steps, you can start configuring Safetica Office 365 integration in the desktop Safetica Management Console.