KiritoC

KiritoC

mark
HomeArchives

Microsoft 365 E5 Renew Plus

63
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
Microsoft 365 E5 Renew Plus is an upgraded version of Microsoft 365 E5 Renew, offering improved functionality and ease of use. It supports easy deployment without servers and provides options for calling permissions and API configurations. It allows for customization of call intervals and work hours, and includes features like smart pause and automatic configuration saving. It supports unlimited account numbers and customization of client keys and interface design. The text also provides information on joining a group related to these products, importing old account information, and configuring API permissions. It explains the different types of permissions and provides steps for manual and automatic configuration. It suggests creating a new E5 sub-account for API calls and disabling dual authentication for API calls.

Origin of Microsoft 365 E5 Renew Plus
Microsoft 365 E5 Renew Plus is an upgraded version of Microsoft 365 E5 Renew, with improved functionality, ease of use, and aesthetics compared to the old version.

Main Features
Supports background calling after startup: Easy to use, no need to purchase server deployment, local application can be used immediately
Two optional calling permissions: Call as a daemon without user login (requires client password), or call directly as a logged-in user (requires account password)
Automatic configuration of API permissions: API permissions for login calls are automatically configured by the program
Wide range of API types: 43 optional APIs from Microsoft Graph REST API Beta (more may be added in the future)
Fully random API selection mode: Randomly select one or more APIs from the selected API sequence (random number and API)
Fully random API call order: Random order of API calls in each round
** Fully random API content (only supported by some APIs)**: Random upload content for POST write-type APIs
Fully random API call interval: Random range of 500s-86400s, customizable
Customizable daily working hours: Calls can be made during normal working hours, suitable for servers that are never shut down or restarted
Customizable working days per week: Calls can be made on working days of the week, suitable for servers that are never shut down or restarted
Intelligent pause during operation: Prevents account suspension due to running under incorrect configuration
Automatic saving of runtime configuration: Save runtime configuration without repeated settings
Unlimited number of accounts: Theoretically allows unlimited number of accounts to be automatically called in the background
Support for custom client keys: Allows non-login calls to use custom keys
Customizable user interface: Supports custom background images, transparency, and frosted glass effects
Main interface

image

View runtime results

image

Group entry requirements
Using this series of products only increases the probability of E5 renewal and does not guarantee 100% renewal success
Renewal operations require some technical expertise and a certain level of self-learning ability
Everyone's time is valuable. When encountering problems, please consult the help documentation first. If you cannot solve the problem, then ask a question (the art of asking questions)
QQ communication group: 254058945
TG communication group: https://t.me/MS365E5Renew
Software download
Supported operating systems and installation environments
Operating system Version CPU architecture .NET 6.0 (required) WebView 2 (optional) Patches (required)
Windows Client 7 SP1(ESU), 8.1 x64 Download .Net 6.0 Desktop Download WebView 2 Download ESU
Windows 10 Client Version 1607+ Arm64, x64 Download .Net 6.0 Desktop Download WebView 2 Not required
Windows 11 Client Unrestricted Arm64, x64 Download .Net 6.0 Desktop Not required Not required
Windows Server Version 2012+ x64 Download .Net 6.0 Desktop Download WebView 2 Not required
Download links for each version (recommended to add to whitelist for running)
Version File description LanZou Onedrive
Framework included (recommended) No additional installation environment required, can be run directly Download Download
Regular version Requires installation of .NET 6 Desktop Runtime x64 Download Download
Historical versions (deprecated) More compatible with Windows 7, no longer updated Download Download
0 How to import account information from previous versions of the program? (For upgrading existing users, new users can ignore this)
0.1 Copy account information from the old version of the program
Open the Account.txt file in the root directory of the old version of the program, and copy one account information per line (multi-line recognition is not supported).

image

0.2 Import account information into the new version of the program
Open the new version of the program and click "Start Running"-"Add Account". In the pop-up "Add Account" window, find the clipboard icon in the upper right corner, and the program will automatically recognize the copied account information. If the copied content is error-free, the program will automatically recognize the call type and fill in all blank fields. After checking for accuracy, click the "OK" button to complete the import of an account information.
https://cdn.jsdelivr.net/gh/wdm1732418365/CDN/e5plus/4.png

1 Register Azure application
1.1 Application registration
Click "Sign in to Azure" or click directly to enter Azure application registration, and log in using the administrator account of the Microsoft 365 E5 subscription you applied for (the account name should be in the format [email protected]).
After logging in, click the "Portal" button in the upper right corner to enter the Azure management center. Enter "App registrations" in the search bar and click to enter (if "App registrations" cannot be found, click here to enter directly).

  1. Click the "New registration" button

  2. Configure the application. Enter any application name, select the last option for accessibility, leave the redirect URL blank for now, and click "Register" to complete.

1.2 Configure application redirect URL (authentication)

  1. Click "Overview", then click "Add a redirect URL" to enter the redirect URL configuration page. The "Application (client) ID" in the figure below is the "Client ID".

  2. Click "Add a platform", then click "Mobile and desktop applications",

  3. Continue to check the first URL, and finally click "Configure" at the bottom. The URL is "https://login.microsoftonline.com/common/oauth2/nativeclient" and can also be added manually.

  4. Configure the default client type to treat the application as a public client. Click the toggle button to "Yes", and finally click "Save".

2 Configure API permissions for the application (important)
Beginner's tip: It is recommended to choose "Delegated permissions (user sign-in)" for the permission type. It has more API calls and fewer steps, making it simpler and more straightforward with a higher success rate.

There are two types of API permission types for the registered application, and their main differences are shown in the table below:

Permission Type Delegated permissions (user sign-in) Application permissions (non-user sign-in)
Official Definition The application must access the API as a signed-in user The application runs as a background service or daemon without user sign-in
Required Information Account name + account password + Application (client) ID Account name + client secret + Application (client) ID
Function Impact All APIs in the program can be called Some API permissions are restricted and cannot be called (official limitation)
API Permission Configuration API permissions can be automatically configured and added by the program API permissions must be manually configured
Program Color Indication Blue Dark cyan
Based on the selected API permission type, selectively read in either 2.1 "Delegated permissions (user sign-in)" type APIs or 2.2 "Application permissions (non-user sign-in)" type APIs.

2.1 Selecting APIs of type "Delegated permissions (user sign-in)"
2.1.1 Automatically request API permissions using the program

  1. Click "Add Account", select "Login call" for the API call method, correctly fill in "MS365 E5 Account" and "Application (client) ID", and then click "Start automatic authorization".

  2. Enter your administrator account name and password in the pop-up login page (this account must be a global administrator account and have control permissions for this client ID). When you successfully log in, a "Request for consent" page will appear. Scroll to the bottom of the page and check "Consent on behalf of your organization", and finally click "Accept".

  3. Check if the API permissions have been successfully added: First, the program will prompt that the authorization is successful, and then log in to Azure with the administrator account to view the application's API permissions. If all the required permissions have been added or can be successfully called, it is considered as added successfully.
    ng)

2.1.2 Manually configure API permissions

  1. Click "API permissions"-"Add a permission"-"Microsoft Graph"

  2. Select "Delegated permissions"

  3. Check the corresponding API permissions according to the API permission requirement table listed below, and click "Add permissions" after selecting all of them.

BookingsAppointment.ReadWrite.All; Calendars.Read; Contacts.Read; Directory.Read.All;
Files.Read.All; Files.ReadWrite.All; Group.Read.All; Mail.Read; Mail.Send; MailboxSettings.Read;
Notes.Read.All; People.Read.All; Presence.Read.All; Sites.Read.All; Tasks.ReadWrite; User.Read.All;

The effect after adding is shown in the figure
If there is no "Grant admin consent for XXX" button, it means that the account is not an administrator account. Switch to an administrator account to create the application.

  1. Finally, click "Grant admin consent for XXX", and select "Yes" in the dialog box (this image includes all the API permissions required by the current program's "Delegated permissions (user sign-in)" type APIs).

2.2 Selecting APIs of type "Application permissions (non-user sign-in)"
2.2.1 Manually configure API permissions

  1. Click "API permissions"-"Add a permission"-"Microsoft Graph"

  2. Select "Application permissions"

  3. Check the corresponding API permissions according to the API permission requirement table listed in the program, and click "Add permissions" after selecting all of them.
    Calendars.Read; Contacts.Read; Directory.Read.All; Files.Read.All; Files.ReadWrite.All; Mail.Read;
    Mail.Send; MailboxSettings.Read; Notes.Read.All; Sites.Read.All; User.Read.All;

The effect after adding is shown in the figure

If there is no "Grant admin consent for XXX" button, it means that the account is not an administrator account. Switch to an administrator account to create the application.

  1. Finally, click "Grant admin consent for XXX", and select "Yes" in the dialog box (this image includes all the API permissions required by the current program's "Application permissions (non-user sign-in)" type APIs).

2.2.2 Creating a client secret

  1. Click "Certificates & secrets"-"New client secret"-"24 months"-"Add"

  2. Click "Copy" in the "Value" column (do not copy the value in the "ID" column), and immediately save this password to your computer. The saved value is the "Client Secret". Note: This value must be saved immediately, as it cannot be viewed once you exit this page.

  3. Use the program to make API calls
    Create a new E5 sub-account (optional step)
    Log in to the E5 administrator account and enter the administrator interface to create a new sub-account. Use this sub-account to log in to the program and make API calls.
    Why is this recommended: Some APIs in Microsoft 365 E5 Renew Plus include write operations, such as APIs for OneDrive. These APIs will generate a large number of junk emails and files in random mode (although they are placed in a separate folder). Some people may be very concerned about this behavior, and frequent read and write operations may affect your normal use of the account. Therefore, it is not recommended to use the administrator account to log in.

3.1 Add an account
Click "Start Running"-"Add Account"

You can switch the API call method here, but you also need to change the corresponding fill-in content.

Fill in for login call method

Fill in for non-login call method

Finally, click OK

3.2 Start running
Click "Start Running"

Closing remarks
Disable dual authentication for E5 account login
Click to enter Office 365 E5 account multi-factor authentication management, and configure as shown in the figure to disable dual authentication for E5 account login.

Disable dual authentication for API calls in Azure
Click to enter the Azure Active Directory management center, and configure as shown in the figure to disable dual authentication for API calls in Azure.

Check remaining days for renewal
Click to check remaining days for renewal (log in with the account used to apply for the E5 account)

About renewal
E5 renewal is a unified renewal with a certain time period by Microsoft. If the remaining days of your E5 subscription are less than or equal to 30 days, and you receive a warning email indicating no development activity detected and the dashboard displays red text "This subscription is inactive and about to expire", please do not panic. According to the official statement from Microsoft customer service: "The subscription will only be renewed on the last day." However, based on the renewal status of many E5 accounts, most accounts are renewed within 30 days, and very few Europeans renew after more than 30 days.

My E5 account has received two warnings of inactivity. The Microsoft customer service explained that these warning emails are automatically sent by the system (the email will be sent when there are 30 days remaining), and there is no need to pay attention to them. As for the red text "This subscription is inactive and about to expire", it is also an automatic prompt from the system. As long as the text on the dashboard indicates "Renewable E5 subscription", it is fine. Even if it really expires and is not renewed, you can appeal from the dashboard.

Dashboard changes

Renewal email
First renewal

Second renewal

Warning email

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.