When trying to migrate a mailbox, it is failing with error: "Error creating source session. The request failed. The remote server returned an error: (403) Forbidden". Source account is GA, and MFA is not enabled for it. However access is given by the Service Principal. Service Account is PIM-enabled. Source is hybrid and accounts are synced from the onprem AD.
Note: the issue can also happen with the cloud-only tenant, where service account was created through Microsoft PIM.
© ALL RIGHTS RESERVED. 使用条款 隐私 Cookie Preference Center