When the discovery job has finished, we get this 1 error: "One or more errors occurred"
Attempted the solution on the KB https://support.quest.com/enterprise-reporter/kb/4234564/what-are-the-needed-permissions-to-collect-from-o365
Added the Global Reader, whitch was missing. But still get the same error.
Created a new Discovery without adding any scope and we still get the same kind of error.
Log in to Intra "Azure" and open the User Settings page (https://portal.azure.com/#view/Microsoft_AAD_UsersAndTenants/UserSettings.ReactView). Check if the setting "Restrict access to Microsoft Entra admin center" is turned on. It is possible it could cause issues for non-admin accounts collecting extended tenant attributes like password sync.
If it is turned on we have two options:
If the setting is not turned on, open the ER node, log in to the Azure portal using the ER service account, then open the password reset policy page: https://portal.azure.com/#view/Microsoft_AAD_IAM/PasswordResetMenuBlade/~/Properties
Note: If nothing works try adding the "hybrid identity admin" We recently discovered security requirements have changed for one of the APIs used in the AD discovery.
© 2025 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center