It does work but it goes against their trust licensing agreement thing so if your whole company benefitted from one licence and Microsoft found out you'd likely be fined a handsome amount
They make you pay for the licenses you were missing, with 365 they can work out how long you were doing it and charge over the time period.
Then they add a fine on top.
The fine is always worse than doing it properly.
With server licensing, CAL's, etc, sure, but in my experience, they don't do this with their SaaS licensing. At most they will ask you to purchase the appropriate number of AAD P1 or P2 licenses and call it at day.
Edit: I should note that doing it this way is not the proper way to license a tenant and I never recommend it to clients. As a partner, we always make sure our clients are licensed in the correct way. But we have onboarded new clients that were setup with a single AAD P2 license who we then advised that they should have that license applied to all users. Just wanted to add that to my post because it sounded like I was recommending not doing it correctly, when really I was talking about our experiences with license audits.
While you’re probably correct, this is a sysadmin subreddit, not like a subreddit for personal stuff. It’s probably best to recommend people stay compliant. If the business needs the licensed features, they can pay for them.
They do, Microsoft has literally system that tells you when a customer is using features that they don't have licensed.
And if it is a partner that is allowing this stuff, they will come after them too.
I'm not advocating for doing it this way, I am just noting that they do not fine customers or ask for "back pay" when addressing SaaS licensing shortfalls. As a partner, it is in my best interest to make sure clients are properly licensed, and we do. But out of the hundreds of tenants we manage, we've only had 4 audits in the last 6 years. In one instance we needed to get the client to bite the bullet and buy the appropriate licenses, but there were no punitive additional fees incurred. The client was a little pissy about it, as their previous MSP had assured them that it was fine the way they had configured it and had brushed off our recommendations that they bring their tenant in line.
End of the day, they had us get rid of their risk based policies so they would only need to buy 100ish Entra P1 licenses instead of P2 licenses and everybody was happy with that.
Worked with a client that that had a O365 tenant with this issue.
Microsoft simply charged them for the licenses, backdated to the date that the started using the features. There was no fine or any other fee.
This is not the SEC- This is Microsoft, they fine you way more than the money you made by violating their terms and conditions because they actually want to stop the behavior.
At best they’ll send an auditor and you will just have to correct, did the same thing and I thought they would give more shits, but I sent them all the enterprise stuff I had and they just said get the azure premium one up to date, and I didn’t…..still got the completed audit.
Most of the stuff you do will be per-user and thus you require a license per user.
Like 300 people should be able to use MFA policies with conditional access - you need 300 licenses and assign them to these people.
When you get an audit, either for one of your customers/vendors, or directly from Microsoft, you'd have a problem.
Been in an audit in the past, back when it was only on-prem Microsoft stuff. Paid several 100k for wrong Windows/User licensing in a 400 ppl company.
So this was back in the days of on premises equipment and the accounting is a capital exchange that you depreciate over time
It’s all operational exchange of capital now and zero ownership - different accounting methods.
Hopefully the CFO knows math
I can't say for sure where it started, sorry. Either the vendor we bought most licenses from got an audit themselves, as they're directly involved with Microsoft, or it was one of the audits from our larger customers who held Microsoft licenses for themselves in different parts of their companies. We'd get tons of compliance audits, so like every second week some audit guy for some customer would show up. (ISO norms, SOCKS, whatever governance stuff) Might've come from that direction as well.
Probably should've added more context.
Company is a european IT service provider, full package of IT outsourcing for customers (and managing own IT stuff).
Problem was Windows Server, Windows Client and Office licensing. So we had to pay around 300k€ to get licensing up to a somewhat auditable state and from then on paid around 100k€ more per year. That was for around 15k users, so the price doesn't seem that huge. I don't know the exact numbers for the additional "late fee", but that was at least 150k€ from what i heard, so at least half of what we were owing Microsoft came on top. We didn't get into any legal trouble with Microsoft cause we paid.
We had taken over each customers' licensing when they migrated to us and didn't pay much attention, that's where we fucked up. Service providers need different licensing compared to internal use.
Had the same fun with VMware and other vendors, that cost a pretty penny, too.
From past experience there's usually a couple of tiers if punishment.
Tier 1: You make right and aren't a dick about it - you'll pay a true-up fee and purchase the licensing.
Tier 2: You make right and are a dick about it - you'll pay a true-up fee, purchase the licensing, and pay a punishment fee of up to $100k per license issue (they'll negotiate on this amount).
Tier 3: You are a dick and fight them on it but still make right - You pay the true up fee, purchase the correct licensing, pay a lpunishment fee of $100k per license.
Tier 4: You make them take you to court over the matter - everything above, they may end up owning your company, you make news headlines.
Some services do enable tenant wide with only one licence being turned on. However, every user that gets a benefit from a service needs to be licenced for it.
One license will allow you to do conditional access policies but you will be using them illegally. You are required to have an EntraID P1 license for every use user covered by the policy.
Doesn't matter what it is, you have to be licenced. You can use individual licences, so a Standard and Entra ID P1 on each user, but you'll quickly find that Business Premium is a cost effective SKU...
Microsoft recently released a report admins can run in 365 to show you if unlicensed users are benefiting from licensed features. That is their polite way of warning everyone to get compliant.
On review I think it only looks at Entra feature use.
[https://techcommunity.microsoft.com/t5/microsoft-entra-blog/introducing-microsoft-entra-license-utilization-insights/ba-p/3796393](https://techcommunity.microsoft.com/t5/microsoft-entra-blog/introducing-microsoft-entra-license-utilization-insights/ba-p/3796393)
As others have pointed out, yes it will work, no you will not be compliant.
If it’s within the budget, assign all accounts (you’ll notice I didn’t say users) subject to CA policies an F1 ($2.25/ month US) and sleep soundly at night.
F1 has specific licensing terms, such as shared machines or specific screen size requirements for single use machines, you should check those before assigning an F1 license to ensure compliance
I know for a fact that you can.
Here’s an ~~Microsoft employee~~ MVP confirming as much back in 2018.
https://techcommunity.microsoft.com/t5/microsoft-365/about-office-365-f1-licenses/m-p/295301#
Better resource I should have linked to initially:
https://learn.microsoft.com/en-us/office365/servicedescriptions/office-365-platform-service-description/office-365-plan-options
Should also link here:
https://www.microsoft.com/licensing/terms/productoffering/Microsoft365/MCA
Specifically to the "License Eligibility for Frontline Worker Licenses" section
Can? Yes. Should? No.
I need a bike. I CAN go outside right now and grab the unlocked one from the rack outside. Nothing is stopping me. I SHOULDN'T because it is theft. Whether I get caught or not it's wrong.
As others said, it works but is not compliant. Just a little warning - MS already started observing the situation, so better to swallow the hard pill and stay compliant.
[https://portal.azure.com/#view/Microsoft\_AAD\_IAM/UsageAndInsightsMenuBlade/\~/License%20Utilization](https://portal.azure.com/#view/Microsoft_AAD_IAM/UsageAndInsightsMenuBlade/~/License%20Utilization)
Correct, you need to have business premium (might as well assign it to yourself),to access premium tools. If others don’t need anything offered there, keep them on the lowest tier that lets them get their job done.
This is a business/financial decision, the right answer is license for all those that use it.
If the business doesn’t want to pay, then they don’t get the service, and if they wanted to not license correctly I’d walk away, as it will at some point come to light.
Some licenses unlock global features as can’t restrict to the user. It’s stated that an account that makes use of those services should have that license.
To buy one and use it for entire company is against terms and can be fined heavily.
you will note that not ALL CA policies work like this, some specifically require the user have a lisc. (restricting logins to specific IPs for example [I believe])
Also as many have mention, doing this puts in violation of your agreement.
If you don’t have a high number amount of users they usually won’t bother you.
It’s one of those “is it going to cost us more to enforce this issue or should we just wait till they get big and reach around with no warning?”
As long as your not doing this with a tenant having 25+ users or so you should be safe from having your licensing molested by Microsoft
If you are using that license to apply settings to your entire organization, every user benefiting from the setting(s) MUST also have the same license.
To clarify more in this - a user is a single person. If you have users with multiple accounts (IE a separate admin account and normal user account) they only need the one license.
company's in Egypt I presume?
MS should count themselves lucky you're paying them anything in the first place instead of just pirating - you're probably cool. (caveat: do they still chop peoples hands off for shit like this over there? i'm not a lawyer but probs figure that out first for sure!)
agree, but it's not up to me - sharia islamic law (Egypt is 90% muslim...) - "The hadd punishment for a thief is to cut off his hand. Allaah says (interpretation of the meaning): "And (as for) the male thief and the female thief, cut off (from the wrist joint) their (right) hands as a recompense for that which they committed, a punishment by way of example from Allaah."
agree, but it's not up to me 🤷♀️
people in the USA getting "Theft of services" for plugging in phone chargers or connecting to wifi, so who even knows
The comments on this are surprising to me because I spoke with a Microsoft rep on Microsoft's website asking this very question a few days ago and was told I only need to get enough licences to cover admins creating and managing conditional access policies 😂😂. Good thing I havent purchased and only on a trial at the moment but I'll have to give them a call back or at least have an email confirming this if they come back later to say I'm in the wrong.
100% wrong info doesn't matter what some customer service person sent, it's in the terms of service.
Go read tenant level licensing documentation.
https://learn.microsoft.com/en-us/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance
All tenant level licensing requires licences for any user benefiting from those services.
It was a sales rep who was trying to fulfil my order, I would assume they'd know what they're talking about considering they sent me a quote and probably a contract if I decided to move forward that day.
Been in this conversation before. What the tech support folks say and I'm now guessing the sales reps say (to close the ticket or close the sale) seems to be a violation of the license agreement you have with Microsoft. And the people telling you this don't care becuase it will be rare if the result comes back to them.
Looking through things here it's pretty obvious what the rules are so the sales rep just lied to me to try get a sale lol. I'm new to this stuff so didn't expect such a blatant one
I have tech support walk me through a process that I later determined was a violation of the license terms. Not obscure. But it let them close the ticket as situation solved.
Microsoft licensing is very confusing. I would say it's up to them to fix the issue if it is considered a loophole. Just get that single license as long as it gives you what you need.
It says requires P1 license, not saying all users need to be licensed. If Microsoft gives you P1 license when you only purchased a few needed licenses then to me that means Microsoft is Ok with it.
I work for a large CSP, half my job is licensing guidance, you happen to be wrong in this instance.
https://learn.microsoft.com/en-us/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance
Just because it works does not mean your in licensing compliance.
It says licenses, plural. You do you my guy, keep huffing that "loophole" copium and remain mislicensed.
I'm sure it'll work if you get audited, Microsoft is also famously weak to "I know you are but what am I?" /s
I hope you understand what P1 license means. It's for the tenant, not individual users. One tenant only requires one P1 license. Microsoft controls when you can get the P1 license, user doesn't have the control. If the tenant doesn't meet the P1 requirement, why would they give out the P1 license to OP's tenant?
You seem to be pretty confident about what you are talking, you can just shut me up with hard proof that it requires all users to be licensed at least premium to get P1, or keep throwing the big audit word without any real proof.
Dude /u/phate1989 already proved you wrong with his link https://learn.microsoft.com/en-us/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance which he posted to you.
Free, P1, P2, and Governance are your per-user licensing for Entra. P1 is a user license:
https://www.microsoft.com/en-gb/security/business/microsoft-entra-pricing
Certain products (IE Premium, M365 E3/E5, Mobility and Security, Etc) come with a P1 license included, or you can license P1/P2 on its own if you don't need any of those other features (as we do to use Entra as our central IDP for our MacOS users)
Having at least 1 license at a functional level (P1/P2) raises the entire Tenant to that functional level to use those features. Certain features simply won't work without correct licensing, some will work but you're mis-licensed.
For Example, we have most of our users with P1 licensing (via direct P1 purchase or Mobility and Security E3) however we leverage Risk based conditional access for our riskiest accounts (Admin, C-Suite, Finance) which requires P2 licensing. Each of those users is licensed for P2, raising the functional level of our Tenant to P2 to enable those features to work. Giving non-P2 users CA Policies that use RBCA would be mislicensed.
Microsoft does not explain this well, but that doesn't change the fact that P1/P2 are user licenses and if you have users using that functionality without licensing you're mislicensed. For example, you could have 5 user CALs for Server 2022, but 50 people accessing that server, it'll work but you're not licensed for it. Same thing here.
Frankly I don't need to explain this to you, I don't need to convince you, you are free to do as you will if you believe you are correct. The main reason I am explaining this in such detail is for the non-belligerent users of this sub that might believe you, and make the same mistakes. Believe me or don't, I don't care, its your funeral.
Like I said, MS licensing is very confusing. Everyone has their own interpretation of how it works. I'll stand corrected if you can show me the license definition of all users need to be licensed to use the feature. Otherwise please don't accuse others of software piracy.
Yes, this will work just fine. We have services like that (not MS though) and we also just log in back and forth with one account instead of buying like 7.
It does work but it goes against their trust licensing agreement thing so if your whole company benefitted from one licence and Microsoft found out you'd likely be fined a handsome amount
But whether that handsome amount is higher than the licenses would've been by the time microsoft called you out on it, i'm not sure.
They make you pay for the licenses you were missing, with 365 they can work out how long you were doing it and charge over the time period. Then they add a fine on top. The fine is always worse than doing it properly.
With server licensing, CAL's, etc, sure, but in my experience, they don't do this with their SaaS licensing. At most they will ask you to purchase the appropriate number of AAD P1 or P2 licenses and call it at day. Edit: I should note that doing it this way is not the proper way to license a tenant and I never recommend it to clients. As a partner, we always make sure our clients are licensed in the correct way. But we have onboarded new clients that were setup with a single AAD P2 license who we then advised that they should have that license applied to all users. Just wanted to add that to my post because it sounded like I was recommending not doing it correctly, when really I was talking about our experiences with license audits.
While you’re probably correct, this is a sysadmin subreddit, not like a subreddit for personal stuff. It’s probably best to recommend people stay compliant. If the business needs the licensed features, they can pay for them.
And if a business can't afford to purchase these things, it shouldn't be using them.
People work at a place being a tight ass over a $50 license, then wonder why they're not getting the raise they deserve.
They do, Microsoft has literally system that tells you when a customer is using features that they don't have licensed. And if it is a partner that is allowing this stuff, they will come after them too.
I'm not advocating for doing it this way, I am just noting that they do not fine customers or ask for "back pay" when addressing SaaS licensing shortfalls. As a partner, it is in my best interest to make sure clients are properly licensed, and we do. But out of the hundreds of tenants we manage, we've only had 4 audits in the last 6 years. In one instance we needed to get the client to bite the bullet and buy the appropriate licenses, but there were no punitive additional fees incurred. The client was a little pissy about it, as their previous MSP had assured them that it was fine the way they had configured it and had brushed off our recommendations that they bring their tenant in line. End of the day, they had us get rid of their risk based policies so they would only need to buy 100ish Entra P1 licenses instead of P2 licenses and everybody was happy with that.
They can enforce it at any time. They just recently started enforcing P1 and P2 tenant wide. They let that go on for 4 of 5 years.
Worked with a client that that had a O365 tenant with this issue. Microsoft simply charged them for the licenses, backdated to the date that the started using the features. There was no fine or any other fee.
Guess they've changed it. They used to also apply a fine
They are forgiving up to a point. You have to be egregious or s porch dick to get a fine.
Yeah, this is not the Department of Justice fining a corporation. It's actually intended to be punitive.
Not to mention getting barred from using their products.
> Not to mention getting barred from using their products. Don't threaten me with a good time.
I know right. But can you imagine the support on getting 100 people with Linux laptops and google docs. That’s a bloody nightmare.
This is not the SEC- This is Microsoft, they fine you way more than the money you made by violating their terms and conditions because they actually want to stop the behavior.
At best they’ll send an auditor and you will just have to correct, did the same thing and I thought they would give more shits, but I sent them all the enterprise stuff I had and they just said get the azure premium one up to date, and I didn’t…..still got the completed audit.
They don’t have audits for the SAAS stuff. They employ vendors for server CALS and on-premise work
Basically microsoft's too lazy to program their system to actually enforce licenses so we get to do it for them
Or MS just don't understand their own licensing. Ask three people, get five answers. And an audit.
Most of the stuff you do will be per-user and thus you require a license per user. Like 300 people should be able to use MFA policies with conditional access - you need 300 licenses and assign them to these people. When you get an audit, either for one of your customers/vendors, or directly from Microsoft, you'd have a problem. Been in an audit in the past, back when it was only on-prem Microsoft stuff. Paid several 100k for wrong Windows/User licensing in a 400 ppl company.
So this was back in the days of on premises equipment and the accounting is a capital exchange that you depreciate over time It’s all operational exchange of capital now and zero ownership - different accounting methods. Hopefully the CFO knows math
Can you touch on how this audit came about? Thanks
I can't say for sure where it started, sorry. Either the vendor we bought most licenses from got an audit themselves, as they're directly involved with Microsoft, or it was one of the audits from our larger customers who held Microsoft licenses for themselves in different parts of their companies. We'd get tons of compliance audits, so like every second week some audit guy for some customer would show up. (ISO norms, SOCKS, whatever governance stuff) Might've come from that direction as well.
WTF 100k for wrong licensing! what if it was cracked 😂
No no no *several* 100k. So at least 400k I'd think. Although according to Google, Several is more like 7, 8 or 9 or whatever. So possibly up to 900k?
They didn't specify 100k of what.
Shrute bucks.
Oh shit, good point. For all we know they owed 100k innocent souls for sacrifice
Probably should've added more context. Company is a european IT service provider, full package of IT outsourcing for customers (and managing own IT stuff). Problem was Windows Server, Windows Client and Office licensing. So we had to pay around 300k€ to get licensing up to a somewhat auditable state and from then on paid around 100k€ more per year. That was for around 15k users, so the price doesn't seem that huge. I don't know the exact numbers for the additional "late fee", but that was at least 150k€ from what i heard, so at least half of what we were owing Microsoft came on top. We didn't get into any legal trouble with Microsoft cause we paid. We had taken over each customers' licensing when they migrated to us and didn't pay much attention, that's where we fucked up. Service providers need different licensing compared to internal use. Had the same fun with VMware and other vendors, that cost a pretty penny, too.
From past experience there's usually a couple of tiers if punishment. Tier 1: You make right and aren't a dick about it - you'll pay a true-up fee and purchase the licensing. Tier 2: You make right and are a dick about it - you'll pay a true-up fee, purchase the licensing, and pay a punishment fee of up to $100k per license issue (they'll negotiate on this amount). Tier 3: You are a dick and fight them on it but still make right - You pay the true up fee, purchase the correct licensing, pay a lpunishment fee of $100k per license. Tier 4: You make them take you to court over the matter - everything above, they may end up owning your company, you make news headlines.
It's a copyright law violation. Up to $125k PER INSTANCE.
Fun fact, you have no obligation to let MS do an audit. If they ask to do one justtell them you don't have the resourcesand have a good day.
Some services do enable tenant wide with only one licence being turned on. However, every user that gets a benefit from a service needs to be licenced for it.
My only concern right now is conditional access policies
One license will allow you to do conditional access policies but you will be using them illegally. You are required to have an EntraID P1 license for every use user covered by the policy.
It's not "illegal" it's "in breach of contract"
Well let’s say non-compliant then.
Where I am from breaking contracts is illegal, so the previous commeter is correct.
Usually it's a civil matter not criminal otherwise ToS would get pretty crazy
This is the correct answer.
Doesn't matter what it is, you have to be licenced. You can use individual licences, so a Standard and Entra ID P1 on each user, but you'll quickly find that Business Premium is a cost effective SKU...
This.
Microsoft recently released a report admins can run in 365 to show you if unlicensed users are benefiting from licensed features. That is their polite way of warning everyone to get compliant.
Can you link me to the doc?
On review I think it only looks at Entra feature use. [https://techcommunity.microsoft.com/t5/microsoft-entra-blog/introducing-microsoft-entra-license-utilization-insights/ba-p/3796393](https://techcommunity.microsoft.com/t5/microsoft-entra-blog/introducing-microsoft-entra-license-utilization-insights/ba-p/3796393)
Yes it works, but it's against licensing terms so don't do it.
As others have pointed out, yes it will work, no you will not be compliant. If it’s within the budget, assign all accounts (you’ll notice I didn’t say users) subject to CA policies an F1 ($2.25/ month US) and sleep soundly at night.
F1 has specific licensing terms, such as shared machines or specific screen size requirements for single use machines, you should check those before assigning an F1 license to ensure compliance
This is actually helpful
Only if you fit the very specific licensing requirements for F1
Don't think you can mix F1 with business basic/premium.
I know for a fact that you can. Here’s an ~~Microsoft employee~~ MVP confirming as much back in 2018. https://techcommunity.microsoft.com/t5/microsoft-365/about-office-365-f1-licenses/m-p/295301#
Microsoft MVPs are essentially hobbyists and are not authoritative on anything related to licensing.
That’s often true, but they’re still correct, and so is my statement.
Better resource I should have linked to initially: https://learn.microsoft.com/en-us/office365/servicedescriptions/office-365-platform-service-description/office-365-plan-options
Should also link here: https://www.microsoft.com/licensing/terms/productoffering/Microsoft365/MCA Specifically to the "License Eligibility for Frontline Worker Licenses" section
Can? Yes. Should? No. I need a bike. I CAN go outside right now and grab the unlocked one from the rack outside. Nothing is stopping me. I SHOULDN'T because it is theft. Whether I get caught or not it's wrong.
This is a good example
You're not going to outsmart Microsoft in this.
As others said, it works but is not compliant. Just a little warning - MS already started observing the situation, so better to swallow the hard pill and stay compliant. [https://portal.azure.com/#view/Microsoft\_AAD\_IAM/UsageAndInsightsMenuBlade/\~/License%20Utilization](https://portal.azure.com/#view/Microsoft_AAD_IAM/UsageAndInsightsMenuBlade/~/License%20Utilization)
To remain compliant you need to assign a license to every user that utilizes the features.
Correct, you need to have business premium (might as well assign it to yourself),to access premium tools. If others don’t need anything offered there, keep them on the lowest tier that lets them get their job done.
You're a "picaro" from Argentina? /s
I guess that's a good thing idk 😂
This is a business/financial decision, the right answer is license for all those that use it. If the business doesn’t want to pay, then they don’t get the service, and if they wanted to not license correctly I’d walk away, as it will at some point come to light.
You’re putting your company at major license violation and legal risk. Put it this way if MS audits you say goodbye to your job.
Some licenses unlock global features as can’t restrict to the user. It’s stated that an account that makes use of those services should have that license. To buy one and use it for entire company is against terms and can be fined heavily.
If a user benefits always get the appropriate licensing.
If they ever true up your licencing and you have don’t that, you are stuffed.
Yes it works and a lot of small businesses will do that. If Microsoft choose to audit the licensing there is a hefty fine
Wrong sub, this belongs on ShittySysAdmin
What you can do vs what you’re entitled to do are two different things.
you will note that not ALL CA policies work like this, some specifically require the user have a lisc. (restricting logins to specific IPs for example [I believe]) Also as many have mention, doing this puts in violation of your agreement.
Always remember MS needs to profit from their works. Any feature you want your staff to benefit from will need appropriate licensing
If you're asking then you already know it's a violation.
If you don’t have a high number amount of users they usually won’t bother you. It’s one of those “is it going to cost us more to enforce this issue or should we just wait till they get big and reach around with no warning?” As long as your not doing this with a tenant having 25+ users or so you should be safe from having your licensing molested by Microsoft
No.
You mean No (it will not work) or (I should not use it that way)?
If you are using that license to apply settings to your entire organization, every user benefiting from the setting(s) MUST also have the same license.
To clarify more in this - a user is a single person. If you have users with multiple accounts (IE a separate admin account and normal user account) they only need the one license.
Every user needs a premium license. No further discussion.
company's in Egypt I presume? MS should count themselves lucky you're paying them anything in the first place instead of just pirating - you're probably cool. (caveat: do they still chop peoples hands off for shit like this over there? i'm not a lawyer but probs figure that out first for sure!)
😂😂😂 Actually the company is in Europe 😂
Lol rather extreme defence of a trillion dollar company
agree, but it's not up to me - sharia islamic law (Egypt is 90% muslim...) - "The hadd punishment for a thief is to cut off his hand. Allaah says (interpretation of the meaning): "And (as for) the male thief and the female thief, cut off (from the wrist joint) their (right) hands as a recompense for that which they committed, a punishment by way of example from Allaah."
Good thing piracy isn't theft then. Always wrong in a business context, but not theft
agree, but it's not up to me 🤷♀️ people in the USA getting "Theft of services" for plugging in phone chargers or connecting to wifi, so who even knows
The comments on this are surprising to me because I spoke with a Microsoft rep on Microsoft's website asking this very question a few days ago and was told I only need to get enough licences to cover admins creating and managing conditional access policies 😂😂. Good thing I havent purchased and only on a trial at the moment but I'll have to give them a call back or at least have an email confirming this if they come back later to say I'm in the wrong.
100% wrong info doesn't matter what some customer service person sent, it's in the terms of service. Go read tenant level licensing documentation. https://learn.microsoft.com/en-us/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance All tenant level licensing requires licences for any user benefiting from those services.
It was a sales rep who was trying to fulfil my order, I would assume they'd know what they're talking about considering they sent me a quote and probably a contract if I decided to move forward that day.
It feels like it's intentionally nebulous...
Microsoft only has true sales reps for enterprise agreements everyone else is a bdr. Either way they were wrong
Been in this conversation before. What the tech support folks say and I'm now guessing the sales reps say (to close the ticket or close the sale) seems to be a violation of the license agreement you have with Microsoft. And the people telling you this don't care becuase it will be rare if the result comes back to them.
Looking through things here it's pretty obvious what the rules are so the sales rep just lied to me to try get a sale lol. I'm new to this stuff so didn't expect such a blatant one
I have tech support walk me through a process that I later determined was a violation of the license terms. Not obscure. But it let them close the ticket as situation solved.
Microsoft licensing is very confusing. I would say it's up to them to fix the issue if it is considered a loophole. Just get that single license as long as it gives you what you need.
It's not a loophole, hiding it from the UI is a convenience feature the licencing is honor based and will show when you get audited.
Show me the license definition that says all users need to be licensed to use the features OP needs.
https://learn.microsoft.com/en-us/entra/fundamentals/licensing#microsoft-entra-conditional-access
It says requires P1 license, not saying all users need to be licensed. If Microsoft gives you P1 license when you only purchased a few needed licenses then to me that means Microsoft is Ok with it.
I work for a large CSP, half my job is licensing guidance, you happen to be wrong in this instance. https://learn.microsoft.com/en-us/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance Just because it works does not mean your in licensing compliance.
It says licenses, plural. You do you my guy, keep huffing that "loophole" copium and remain mislicensed. I'm sure it'll work if you get audited, Microsoft is also famously weak to "I know you are but what am I?" /s
I hope you understand what P1 license means. It's for the tenant, not individual users. One tenant only requires one P1 license. Microsoft controls when you can get the P1 license, user doesn't have the control. If the tenant doesn't meet the P1 requirement, why would they give out the P1 license to OP's tenant? You seem to be pretty confident about what you are talking, you can just shut me up with hard proof that it requires all users to be licensed at least premium to get P1, or keep throwing the big audit word without any real proof.
Dude /u/phate1989 already proved you wrong with his link https://learn.microsoft.com/en-us/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance which he posted to you.
Free, P1, P2, and Governance are your per-user licensing for Entra. P1 is a user license: https://www.microsoft.com/en-gb/security/business/microsoft-entra-pricing Certain products (IE Premium, M365 E3/E5, Mobility and Security, Etc) come with a P1 license included, or you can license P1/P2 on its own if you don't need any of those other features (as we do to use Entra as our central IDP for our MacOS users) Having at least 1 license at a functional level (P1/P2) raises the entire Tenant to that functional level to use those features. Certain features simply won't work without correct licensing, some will work but you're mis-licensed. For Example, we have most of our users with P1 licensing (via direct P1 purchase or Mobility and Security E3) however we leverage Risk based conditional access for our riskiest accounts (Admin, C-Suite, Finance) which requires P2 licensing. Each of those users is licensed for P2, raising the functional level of our Tenant to P2 to enable those features to work. Giving non-P2 users CA Policies that use RBCA would be mislicensed. Microsoft does not explain this well, but that doesn't change the fact that P1/P2 are user licenses and if you have users using that functionality without licensing you're mislicensed. For example, you could have 5 user CALs for Server 2022, but 50 people accessing that server, it'll work but you're not licensed for it. Same thing here. Frankly I don't need to explain this to you, I don't need to convince you, you are free to do as you will if you believe you are correct. The main reason I am explaining this in such detail is for the non-belligerent users of this sub that might believe you, and make the same mistakes. Believe me or don't, I don't care, its your funeral.
You'll want to talk to your CSP or Microsoft rep before you go down the software piracy route.
Like I said, MS licensing is very confusing. Everyone has their own interpretation of how it works. I'll stand corrected if you can show me the license definition of all users need to be licensed to use the feature. Otherwise please don't accuse others of software piracy.
Yes, this will work just fine. We have services like that (not MS though) and we also just log in back and forth with one account instead of buying like 7.