Documentation forAccess Rights Manager

Required accounts and permissions for a OneDrive scan

To perform a OneDrive scan, you must configure two accounts:

Process Account

The "Process account" is used to execute the scan process on the selected collector. This account must have local administrative rights and interactive logon privileges on the collector. Recommended: You can leave the input blank and ARM will use the service account from the base configuration.

Scan Account

The "scan account" is used for the actual scan. As described in the "Prepare Microsoft365 integration" chapter, you need to register an app in the Azure portal and use the generated App ID and the Client Secret Value as credentials.