Last updated: February 2022
This article lists the known issues for Microsoft 365 Lighthouse by feature area. For more information about Lighthouse, visit the Microsoft 365 Lighthouse help library.
Users
Issue Description |
Solution |
|
Helpdesk Agent is unable to reset a user password |
Managed Service Provider (MSP) technicians who are members of the Helpdesk Agent group are unable to reset passwords for users in customer tenants. When they try to reset the password for a user, they get the following error message: “You don’t have permission to do this. Learn more” |
To work around the permissions issue, Helpdesk Agents should reset passwords by using the Microsoft 365 admin center or Azure Active Directory. |
Devices
Issue Description |
Solution |
|
Deleted policy appears |
After a device compliance policy has been deleted from Intune, it will temporarily continue to be visible in Lighthouse. If MSP technicians attempt to do a policy comparison that includes a policy that’s been deleted, the technicians get the following error: “Something went wrong. Please refresh the page and try again.” |
To resolve the error, clear the deleted policy from the policy comparison and compare only existing policies. |
Threat management
Issue Description |
Solution |
|
Threat name is missing |
When MSP technicians view the list of threats from the Threat Management page, some threats may be missing the name of the threat. This will occur when the device that the threat was detected on was recently removed from Intune. |
The issue will resolve within 48 hours. No additional steps are required. |
Baselines
Issue |
Description |
Solution |
Conflicting settings when comparing block legacy authentication and MFA deployment steps |
If a customer tenant has deployed block legacy authentication and one of the MFA deployment steps, a comparison test will erroneously describe these settings as conflicting. |
No workaround is required. The settings do not actually conflict and users in the customer tenant are not impacted. |
Windows 365
Issue Description |
Solution |
|
Retry provisioning error |
MSP technicians get a "You don't have permissions to do this” error message when attempting to retry provisioning of a Cloud PC. |
To work around this issue, log in to the customer tenant and then reprovision Cloud PCs from the Microsoft Endpoint Manger admin center. For instructions, see Reprovision a Cloud PC. |
Audit logs
Issue Description |
Solution |
|
Deactivate and Reactivate actions are not listed in audit logs |
The following activities are currently not reported on the Audit logs page in Lighthouse:
|
There’s no workaround, but we’re working on a fix. These activities will appear in audit logs once the fix is deployed in the service. |
Filter is not showing all users |
When MSP technicians try to filter by using Initiated By, the list of all User Principal Names (UPNs) – corresponding to email IDs of the technicians who initiated actions generating audit logs – isn’t fully displayed under the filter. Note that the audit logs themselves will be fully displayed; only the ability to filter them by using Initiated By is impacted. |
There’s no workaround, but we're working on a fix. The filter will revert to its expected behavior – displaying the full list of UPNs to filter by – once the fix is deployed in the service. |
Delegated Admin Permissions (DAP)
Issue |
Description |
Solution |
Permissions delay when changing DAP roles |
If an MSP technician is added to or removed from the Admin Agent or Helpdesk Agent group, there may be a delay in reflecting the appropriate permissions within Lighthouse. |
The issue will resolve within 30 minutes. No additional steps are required. |
Granular Delegated Admin Permissions (GDAP)
Note: GDAP is currently in Technical Preview (Public Preview) to allow partners to assign granular permissions before GDAP is generally available.
Issue Description |
Solution |
|
Various GDAP permission issues across Lighthouse |
|
Before GDAP General Availability, the workaround is to assign the user an Admin Agent DAP role. For instructions on how to assign the Admin Agent DAP role, see Assign roles and permissions to users. For a list of actions in Lighthouse that require certain Azure Active Directory roles in the partner tenant, see Configure Microsoft 365 Lighthouse portal security. |