Worth taking note. Particularly anyone struggling to fit SCSM outbound email to Office 365 into your security model.
Back in 2013 Microsoft discovered a bug in the upgrade process from Microsoft System Center 2012 Orchestrator to Microsoft System Center 2012 R2 Orchestrator. More information can be found here.
This exact same problem can occur when Update Rollup 1 is applied to Microsoft System Center 2016 Orchestrator.
The web console displays this warning:
Error Executing the current operation
Running the following two SQL statements against the Orchestrator database will fix it:
WARNING – Run these statements at your own risk. Take all precautionary measures necessary!
GRANT EXECUTE ON object::[Microsoft.SystemCenter.Orchestrator].[GetSecurityToken] TO [Microsoft.SystemCenter.Orchestrator.Operators] GRANT SELECT ON object::[Microsoft.SystemCenter.Orchestrator.Internal].[Settings] TO [Microsoft.SystemCenter.Orchestrator.Operators]
Stumbled across a great blog post today by Jan Van Meirvenne that provides good guidance on configuring RBAC for Service Manager. It’s also the first in a series of posts about configuring SCSM to be multi-tenant capable.