Fortinet black logo

Online Help

Home FortiCASB 24.1.b Online Help
24.1.b
24.1.b
24.1.a
23.4.a
23.3.a
23.2.b
23.2.a
23.1.0
22.4.0
21.4.0
21.2.0
21.1.0
20.4.1
20.4.0
20.3.0
20.2.0
20.1.0
4.2.0
4.1.0
2.1.0

Cannot Be Scanned (Access Denied) Error (One Drive)

Cannot Be Scanned (Access Denied) Error (One Drive)

Cannot Be Scanned(Access Denied) error is one of the Data Scan Status in Office 365 > Files page. This guide is targeted on the files in Microsoft OneDrive account.

Root Cause Analysis

The file resided in OneDrive is not accessible for data scan, thus returning the "Cannot Be Scanned" error. This error occurs when the Office 365 service account used for the FortiCASB onboarding process is not part of the new Office 365 user's OneDrive Site Collection Administrators.

Solution 1: Update Office 365 Account

In FortiCASB, update the Office 365 Account and follow the instructions to update the account. The service account should be added automatically to the new user's OneDrive Site Collection Administrator when the account is successfully updated.

Solution 2 - Add Admin Account to One Drive Site

The service account or the Office 365 account used in the FortiCASB onboarding process needs to be added to the new Office 365 user's OneDrive site collection administrator.

By completing this configuration, the data stored in OneDrive will be accessible for FortiCASB data scan.

  1. Log into the new user's Office 365 account, click on the Apps menu and select OneDrive.
  2. Click on the setting icon in the top right corner.

  3. In Settings, click OneDrive setting.

  4. Click More Settings, inside Manage access, click Site Collection administrators.

  5. Check to see if the Office 365 service account used for FortiCASB onboarding is one of the Site Collection Administrators. If not, add the account in the list and click Ok.

Previous
Next

Cannot Be Scanned (Access Denied) Error (One Drive)

Cannot Be Scanned(Access Denied) error is one of the Data Scan Status in Office 365 > Files page. This guide is targeted on the files in Microsoft OneDrive account.

Root Cause Analysis

The file resided in OneDrive is not accessible for data scan, thus returning the "Cannot Be Scanned" error. This error occurs when the Office 365 service account used for the FortiCASB onboarding process is not part of the new Office 365 user's OneDrive Site Collection Administrators.

Solution 1: Update Office 365 Account

In FortiCASB, update the Office 365 Account and follow the instructions to update the account. The service account should be added automatically to the new user's OneDrive Site Collection Administrator when the account is successfully updated.

Solution 2 - Add Admin Account to One Drive Site

The service account or the Office 365 account used in the FortiCASB onboarding process needs to be added to the new Office 365 user's OneDrive site collection administrator.

By completing this configuration, the data stored in OneDrive will be accessible for FortiCASB data scan.

  1. Log into the new user's Office 365 account, click on the Apps menu and select OneDrive.
  2. Click on the setting icon in the top right corner.

  3. In Settings, click OneDrive setting.

  4. Click More Settings, inside Manage access, click Site Collection administrators.

  5. Check to see if the Office 365 service account used for FortiCASB onboarding is one of the Site Collection Administrators. If not, add the account in the list and click Ok.

Previous
Next