How do I create a Service Principal or reset a Service Principal password offline for Directory and Resource Administrator?

  • Document ID:7016442
  • Creation Date:21-Apr-2015
  • Modified Date:14-Sep-2015
    • Micro Focus Products:
      Directory and Resource Administrator

Environment

NetIQ Directory & Resource Administrator 9.0

Situation

How do I create a Service Principal offline for DRA?

How do I reset a Service Principal password offline for DRA?

Resolution

To create a Service Principal or reset a Service Principal password you will need to supply credentials for an Office 365 administrator for the tenant the Service Principal belongs to.
To create a Service Principal offline for DRA

Execute the {DRA_Application_Path}\SupportingFiles\CreateServicePrincipal.ps1 script in a PowerShell window.

When the script prompts you for the Service Principal name NetIQ recommends that you use the name specified in the DRA console. Once the script finishes running copy the Application Principal ID and password into the DRA console.

To reset a Service Principal password offline for DRA

Execute the {DRA_Application_Path}\SupportingFiles\ResetServicePrincipalPassword.ps1 script in a PowerShell window.

When the script prompts you for the Service Principal name you must supply the name specified in the DRA console. Once the script finishes running copy the password into the DRA console.

Cause

DRA 9.0 and later supports managing Mailboxes hosted in Office 365. DRA uses a Service Principal to collect data about the Office 365 tenant. The Service Principal must have directory reader permissions within the Office 365 environment. This Service Principal and its password can both be created or updated using the DRA Delegation console. It is also possible to use Windows Powershell to update or create the Service Principal outside of the DRA client.