Meraki

Community

New Org appeared overnight in our MSP Portal

Solved
RJones
Here to help
‎Sep 26 2022 12:37 PM
‎Sep 26 2022 12:37 PM

New Org appeared overnight in our MSP Portal

I noticed this morning when looking at one of the networks in our Organization that 2 more Orgs had appeared in our MSP Portal. I have a case open for this, but this is the 3rd time we've had this happen. Anyone else have this happen?

0 Kudos
1 Accepted Solution
RJones
Here to help
‎Sep 28 2022 11:51 AM
‎Sep 28 2022 11:51 AM

It looks like someone (possibly a former employee) of one of our vendors was accessing Meraki via SAML SSO for the vendor and used the link for that in order to clone our Org. I disabled the SAML access until they can get new keys generated so this doesn't happen again. Thanks everyone!

View solution in original post

0 Kudos
9 Replies 9
alemabrahao
Kind of a big deal
Kind of a big deal
‎Sep 26 2022 12:48 PM
‎Sep 26 2022 12:48 PM

Are you sure you don't have admin access on organizations?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
RJones
Here to help
‎Sep 27 2022 8:46 AM
‎Sep 27 2022 8:46 AM

The Administrators list shows the same for my original Org, but when I try to delete any one of the accounts under the other org, I get an error that I do not have permissions.

0 Kudos
BrandonS
Kind of a big deal
‎Sep 26 2022 2:56 PM
‎Sep 26 2022 2:56 PM

Strange. Maybe your email is easily mistaken for another and someone is adding you in error?

It’s not happened to me. 

- Ex community all-star (⌐⊙_⊙)
In response to BrandonS
RJones
Here to help
‎Sep 27 2022 8:47 AM
‎Sep 27 2022 8:47 AM

Nope, it looks like a completely separate company.

0 Kudos
In response to RJones
alemabrahao
Kind of a big deal
Kind of a big deal
‎Sep 27 2022 8:53 AM
‎Sep 27 2022 8:53 AM

Yeah, but when you have permission on another organization (even read-only) it will show on MSP portal, maybe someone added your email by mistake.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
RJones
Here to help
‎Sep 27 2022 9:35 AM
‎Sep 27 2022 9:35 AM

That's what Support said, however, all Admins in our Org were in the new Org with the same permissions and API keys. No one received an email for account creation.

0 Kudos
alemabrahao
Kind of a big deal
Kind of a big deal
‎Sep 27 2022 9:45 AM
‎Sep 27 2022 9:45 AM

@RJones,

 

It's not a new account creation, look, for example If you add my e-mail as an administrator in your organization It will be showed on my MSP portal, but my e-mail is an existent account on Meraki dashboard, so maybe someone did It using your e-mail, but maybe It was a mistake.

 

You got It?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
RJones
Here to help
‎Sep 27 2022 10:55 AM
‎Sep 27 2022 10:55 AM

Yes, I understand that, but it wasn't just me, it was others as well. It appears like the Administrator page was cloned for a new org, but someone not in the administrator list was making changes in the new Org.

0 Kudos
RJones
Here to help
‎Sep 28 2022 11:51 AM
‎Sep 28 2022 11:51 AM

It looks like someone (possibly a former employee) of one of our vendors was accessing Meraki via SAML SSO for the vendor and used the link for that in order to clone our Org. I disabled the SAML access until they can get new keys generated so this doesn't happen again. Thanks everyone!

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.