Files

Mike Swanson 9c56690270 sync: auto-sync from GURU-5070 at 2026-06-10 20:18:48

Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-06-10 20:18:48

2026-06-10 20:19:05 -07:00

Microsoft 365

Tenant Info

App suite onboarded: 2026-06-01 (Tenant Admin consented by Rob; rest auto-consented + roles assigned via onboard-tenant.sh).
- Tenant Admin → Conditional Access Administrator
- Security Investigator → Exchange Administrator
- Exchange Operator → Exchange Administrator
- User Manager → User Administrator + Authentication Administrator
- Defender Add-on → incomplete (2 ATP perms failed — no Microsoft Defender for Endpoint license; re-run onboard if MDE is added)
GDAP: not required for ongoing access — the app-suite consent above gives durable, non-expiring admin access independent of GDAP, so the impending GDAP expiry is a non-issue. Reissue GDAP via the suite/CIPP only if delegated/portal admin is ever specifically needed. (Aside: the CIPP API client ClaudeCipp2/420cb849 currently has no CIPP role — 403 on every endpoint — so CIPP-API automation is unavailable until a role is assigned; not blocking anything here.)

License Type	Quantity	Assigned	Available
Exchange Online (Plan 1) — EXCHANGESTANDARD	8	8	0

Total users: 10 (8 licensed; 2 unlicensed — likely shared mailboxes / admin).

Mail Domain(s): vonscarstar.com
MX Record Points To: vonscarstar-com.mail.protection.outlook.com (M365 / EOP, pref 0)
Stale secondary MX: mx00.1and1.com (1&1 IONOS, pref 10) — leftover from a prior host; should be removed to avoid split/misrouted delivery.
SPF Record:
DKIM Enabled:
DMARC Policy:
Shared Mailboxes:
Distribution Groups:
Mail Flow Rules:

Defender for Office 365:
MDE (Defender for Endpoint): No (Defender Add-on onboarding failed on missing MDE license)
Audit Log Retention: