How do I change the passwords for accounts used in the M365 SMP?

As with most IT Organizations the requirement to change service account passwords has turned out to be a fairly common task. We recently received some questions about changing the passwords in the M365 SMP so I figured that we would cover this in a post and provide instructions on how to change the passwords for the accounts that execute the M365 SMP scripted workflows. Let’s get started …..

After changing the account passwords in Azure AD, use the following steps to update the password in the M365 MP configuration.

Change password for default M365 account

  1. In the SCOM Console, navigate to Monitoring\Windows Computers
  2. Select all computers that are used at Watcher Nodes, and run the “M365 Supplemental – Configure Watcher Node Default Settings” task
  3. Click on Override
  4. Enter the following values for each parameter
ParameterValue
WriteToEventLog<LEAVE EMPTY>
WriteActionTimeoutSeconds<LEAVE EMPTY>
TLSVersion<LEAVE EMPTY>
TenantName<TENANT NAME>
PoshLibraryPath<LEAVE EMPTY>
M365_ClientSecret-1
M365_ClientID-1
M365_AccountPassword<NEW PASSWORD>
M365_AccountName-1
Location-1
IntervalSeconds<LEAVE EMPTY>
DeleteConfiguration<LEAVE EMPTY>
ApiURL<LEAVE EMPTY>*
APITokenURL<LEAVE EMPTY>*
ApiTokenScopeURL<LEAVE EMPTY>*

IMPORTANT!! If you are using a Government tenant, you will need to re-enter the values of ApiURL, APITokenURL, and ApiTokenScopeURL. Otherwise, they’ll be replaced with the Defaults.

5. Click on Override, then click on Run.

Change password for Mailflow accounts

  1. In the SCOM Console, navigate to Monitoring\M365 Supplemental\M365 Watcher Nodes
  2. Select all computers, and run the “M365 Supplemental – Configure Mailflow” task
  3. Click on Override
  4. In the Parameters table, enter the new passwords in the M365_SendPassword and M365_ReceiverPassword fields. Enter -1 in all of the fields whose Default Value is empty:
NameNew Value
M365_SenderPassword<NEW PASSWORD>
M365_SenderEmailAddress-1
M365_ReceiverPassword<NEW PASSWORD>
M365_ReceiverEmailAddress-1
ExchangeURL-1
Exchange_SenderPassword-1
Exchange_SenderEmailAddress-1
Exchange_ReceiverPassword-1
Exchange_ReceiverEmailAddress-1

5. Click on Override, then click on Run.

Change the password for OneDrive and Licensing configurations

  1. In the SCOM Console, navigate to Monitoring\M365 Supplemental\M365 Watcher Nodes
  2. Select all computers, and run the “M365 Supplemental – Configure OneDrive” task and/or the “M365 Supplemental – Configure Licensing” task
  3. Click on Override
  4. In the Parameters table, leave everything to the default setting

5. Click on Override, then click on Run.

Change the password for the SharePoint configuration

  1. In the SCOM Console, navigate to Monitoring\M365 Supplemental\M365 Watcher Nodes
  2. Select all computers, and run the “M365 Supplemental – Configure SharePoint” task
  3. Click on Override
  4. In the Parameters table, enter -1 for the SiteName value.

5. Click on Override, then click on Run.

Change the password for the Teams configuration

  1. In the SCOM Console, navigate to Monitoring\M365 Supplemental\M365 Watcher Nodes
  2. Select all computers, and run the “M365 Supplemental – Configure Teams” task
  3. Click on Override
  4. In the Parameters table, enter -1 for the TeamName and ChannelName values.

5. Click on Override, then click on Run.

We are exploring options to make this quicker and easier, for example creating a single task to streamline these steps in future versions. Thanks to Jimmy Harper for putting these steps together! As the The Old Grey Wolf used to say when wrapping up his broadcast day, “Stay Hard, Keep Jammin’ and we’ll see ya!”

Leave a Reply

Your email address will not be published. Required fields are marked *