Tenants
Centralized Tenant Management and Oversight
Overview
The Tenants page is a centralized platform for administrators to oversee and manage all tenants within CIPP. This page provides detailed information about each tenant and facilitates actions related to their exclusion status and permissions.
This page also shows tenants that have been excluded, or removed due to the amount of errors received.
Table Fields
The main table on this page displays the following columns:
E Tag
Partition Key
Row Key
Exclude Date
The date when the tenant was excluded, if applicable.
Exclude User
The user who excluded the tenant, if applicable.
Excluded
A Boolean field indicating whether the tenant is excluded.
Graph Error Count
Last Graph Error
Last Refresh
Requires Refresh
Customer ID
Default Domain Name
The default domain name for the tenant.
Delegated Privilege Status
Display Name
The display name of the tenant.
Domains
Has Auto Extend
A Boolean field indicating whether the tenant has auto extend on the GDAP relationship enabled.
Initial Domain Name
Relationship Count
Relationship End
Features and Actions
Actions List on the Tenants Tab
The actions available in the "Actions" column for each tenant include:
Exclude Tenants: Excludes selected tenants from display and actions.
Include Tenants: Includes selected tenants back into the management list.
Refresh CPV Permissions: Refreshes the CPV permissions for the selected tenants.
Reset CPV Permissions: Resets the CPV permissions for the selected tenants by deleting the Service Principal and re-adding it.
Remove Tenant:
Tenant Exclusion Control
To exclude a tenant:
Find the tenant's row in the table.
Click on the eye slash icon in the "Actions" column to trigger a confirmation dialog.
Confirm the action, this excludes the tenant from showing up in the tenant selector and any actions applied to it.
Removing a Tenant's Exclusion Status
Administrators can remove a tenant's exclusion status by:
Locating the tenant's row in the table.
Clicking on the eye icon in the "Actions" column.
confirm the action, this includes the tenant and makes it show up in the tenant selector and have actions applied to it again.
Refreshing a Tenant's Permissions
CIPP works using the Control Panel Vendor API - Also known as the CPV API. The CPV API is used to add the CIPP application to your managed tenants and allows CIPP to execute actions within these tenants. Each night at 00:00 UTC the permissions are refreshed for all tenants. This makes sure that the application always has the latest set of required access.
Sometimes, pressing the CPV Refresh button might be required when a new tenant is added or a new GDAP permission is applied to the CIPP-SAM service account. Administrators can refresh a tenant's permissions by:
Finding the tenant's row in the table.
Clicking on the blue refresh icon in the "Actions" column.
Confirming the action to initiate the permissions refresh process.
Resetting a Tenant's CPV Permissions
Note: The CPV Reset is a powerful tool and should be used only if you cannot manage permissions at all. This action will delete the Service Principal and re-add it, which may be necessary if there are issues with the existing permissions setup.
To reset a tenant's CPV permissions:
Select the tenant(s) for which you need to reset permissions.
Go to the bulk actions menu and choose "CPV Reset".
Confirm the action to reset the CPV permissions, which will delete and re-add the Service Principal.
Filtering Tenants
You can filter tenants based on their exclusion status:
Excluded Tenants: Filtered by the condition "Excluded eq true."
Included Tenants: Filtered by the condition "Excluded eq false."
Additional Functionality
The Tenants page also provides export and filter functionalities:
Export: Download a CSV or PDF file of the tenant table for offline use or analysis.
Filter: Use the 'Filter' dropdown to display tenants based on whether they are excluded or included.
Feature Requests / Ideas
Last updated
Was this helpful?