Creating UMP Service Account

This procedure describes how to define users and administrators for the Windows login account service on the Service Provider domain. These users perform the following tasks to setup the UMP-365 for the Service Provider operator before they can start onboarding customers. The following actions are performed by the Windows Service account (SysAdmin user on the local UMP-365 machine):

Install UMP-365 (see Installing UMP SP)
Create DNS Subdomains (see Register End Customer Tenant DNS Sub domains)
App Registration for Background Processing (see Configuring Microsoft Teams Direct Routing SBC)
Define Invitation Settings (see Configuring Invitation Settings)
Define Email Settings (see Configuring Email Settings)
Configure License (see Multitenant Portal Licensing)
Configure Service Provider Logos (see Updating Service Provider Logos)
Secure networking between UMP, SBC and OVOC (see Networking)
For configuration on the Microsoft Azure platform, ensure that you have Global Admin permissions for both the Main Tenant and Service Provider operator tenant platforms. If customers are using a backend SQL server, them the same account must be used to login to the SQL server on the backend server.
The names of the users created in the procedure below "UMP-Service-Account" and UMP-Admin-User" are examples only.
To create a Windows UMP Service account:
1. Open the Computer Management (Local) screen.
2. Open the Local Users and Groups folder.

Graphical user interface, text, application, email Description automatically generated

3. Create a new user UMP-Service-Account; right-click the Users folder, and then choose New User.

4. Enter the details of the SysAdmin user to manage the UMP-365 Service account (it's recommended to set Password never expires option. Do not use spaces in User name and Full name fields), and then click Create; the new user is added. See Local Users and Groups for information on creating and managing users and groups that are stored locally on a computer.

5. Right-click the user, and then select Properties.
6. Select the Member Of tab.

7. Click Add to add the UMP-Service-Account user to the Administrators group.

8. In the text box, type 'Administrators', and then click Check Names.

9. Click OK; the UMP-Service-Account is added to the Administrators group.

10. Open the Properties of the Administrators group; view that the UMP-Service-Account has been added to the Administrators group.

The example screen below shows a new group “UmpAdmins” that is created following the installation. The Administrator who ran the installation is automatically a member of this group.

11. Create a new user to add to the UMPAdmin group; right-click the Users folder, and then choose New User.

12. Enter the details of the user (it's recommended to set Password never expires option. Do not use spaces in User name and Full name fields), and then click Create; the new user is added. See Local Users and Groups for information on creating and managing users and groups that are stored locally on a computer.

13. Right-click the UMPAdmins group, and then click Add to Group.

14. Click Add to a new user to the group.

15. In the text box, type 'UMP-Admin-User', and then click Check Names.

16. Click OK; UMP-Admin-User is displayed under UMPAdmin Properties.

17. Click OK again.
18. Click Add to add other users to this group who you wish to manage the UMP-365.

All users defined in the UmpAdmins group can perform Wyupdates.