![]() While we are discussing on the licensing part, let me also tell you that for Azure AD roles, only a global administrator or the user who has the role of a Privileged Role Administrator can manage role assignments for other users.įor Azure Resource roles, it is only a subscription Administrator, resource owner, or a resource user access administrator can manage access for other administrators.īy the way, just to let you know, Privileged Role Administrators, can manage role assignments in Azure AD and all aspects of Azure AD PIM. In such a situation, we need to have 6 Azure AD Premium P2 licenses. ![]() Out of the remaining 10 employees there are 2 employees who are assigned as approver for role activation requests and 4 administrators are managed through Privileged Identity Management. Assume there are 11 employees in an organization out of which there is 1 Global Administrator. Users who approve or reject role activation requests in PIMĪnother thing to keep in mind is that the Azure AD Premium P2 license is not needed for users who set up and configure PIM, access policies, receive alerts, and set up access reviews for the role assignments. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |