Years ago, several third-party providers and Microsoft made a licensing agreement when Office 365 (now named Microsoft 365) first started. The agreement allowed the 3rd parties to sell Microsoft 365 Licenses directly to its users rather than having users purchase through Microsoft and then setting up the odds and ends. This seems like a great idea in concept. Having all your different software services in a singular location, with a single login could be a huge benefit to users as they only need a single username/password. The domains purchased from these third parties are also already linked to the different aspects of their Microsoft 365 account, like custom emails with users’ domains (name@finchloom-hcdchbdydhfph4fw.westus-01.azurewebsites.net for example). The issue is ease of access and control of your tenant.
When a customer purchases a domain from a 3rd party (either personal or business related), it is very easy to set it up. The user sets up a username and password with the third party and selects from a menu of cloud services they want to buy, like the Microsoft 365 business premium package. They can even bundle it with security, email archiving, and other features.
Now what is not explicitly stated is that many of the 3rd party providers had gotten their contracts years ago and have been grandfathered into a lot of the services that Microsoft did not provide at the time, but now does. Today, Microsoft 365 has its own Identity Database, Azure AD. There is a catch to these new services if a business purchases licenses through certain third party providers. Some utilize their own identity database and federate all new customers to Microsoft. They also hold all the user and password information which is generally stored with Microsoft if purchased from Microsoft directly.
This does not pose a problem directly if you do not need all the features of Microsoft 365, but for those who want all what is available to them, this creates an issue. When signing up for Microsoft 365 through some 3rd party providers, customers are given access to the third party’s admin portal instead of Office 365 directly, and generally do not know how to gain access to their own tenant. This access is kept by the provider, although some users have reported being able to access the admin from their mobile device, in this example, the provider is GoDaddy. I am not sure who would want to be confined to using their mobile device instead of a computer, but it is a potential workaround, nonetheless.
Why does having Tenant Admin rights matter?
For starters, any company needs to maintain their users. From new hires, to retirements, there will always be a need to adjust your tenant. Within Azure AD, adding or removing a user is as easy as a few clicks. With some 3rd party providers on the other hand, it has been reported that users cannot make these changes without going through their provider directly first. When these Microsoft 365 users attempt to sign in on Office.com, they are immediately redirected to the third party’s webpage and then can make changes or request support to make changes from there.
A great example of the necessity of admin rights is to access all the features of Microsoft 365, like Microsoft Teams for example. When purchasing through certain third parties, Teams has been reportedly ‘off’ by default. To activate this feature of Microsoft 365, users will need to contact the 3rd parties support and have them add it on, or simply purchase one of their conferencing products instead.
If I have invested years of time into the Microsoft programs that the 3rd party has provided, and I want to switch to a new tenant, do I lose all that progress, all the emails and files stored in OneDrive and Teams?
Traditionally, customers have had to contemplate choosing the lesser of 2 evils, messy migrations to Office 365 mailbox, and then moving it again risking losing everything and starting over with a CSP (Cloud Solution Provider) or maintaining the ties with the 3rd party and paying higher premiums for less access to the services which are being paid for. Well… Finchloom has figured out a solution that utilizes all the benefits without any of the risk.
Finchloom has identified a way to ‘kick out the 3rd party’ so to speak WITHOUT migration. Basically, instead of using the 3rd parties Identity provider, Finchloom will utilize Azure AD, and associate themselves with the tenant as a CSP. As an authorized reseller of Microsoft, Finchloom then becomes a delegated admin of the account, and with the permission of the customer, will become their CSP partner.
Why Deal with a CSP instead of Microsoft Directly?
Have you seen the episode of “The Office” where Jim and Dwight pitch their customer service as a key selling point to the customer? Watch it here. This is what Finchloom as a CSP can do for you. If you are facing any difficulties, have questions, or otherwise, Finchloom is your one and only contact. Instead of having to use Microsoft support which can at times be tedious and confusing, you have a direct contact at Finchloom who solves or escalates all questions and issues that arise. Finchloom acts like a property manager in this sense, the property being your tenant. You are always able to access your property, and if you ever need assistance, Finchloom is here to help!
If you are currently using Microsoft 365 and feel like you do not have control over your users, Finchloom can ensure your companies I.T. admins fully control of your tenant. With Finchloom’s Admin as a Service support plan, we can provide your company with a way to understand how to manage your environment without relinquishing control over your user information and company data. Let us help you get up to speed on managing your tenant, and once you learn, you will have no need for us anymore! Painless, affordable, and transparent admin support. Contact Finchloom today to take back your tenant in as little as 2 hours and for a low flat rate!