INFO: Administrator roles by admin task in Azure Active Directory: | Kurt Shintaku's Blog

Posted by: kurtsh | October 28, 2019

INFO: Administrator roles by admin task in Azure Active Directory:

Corporations with 100,000+ users can operate with just 3 Global Admins.

One of the best documents Microsoft has shows the minimum permissions needed to perform a task in Azure Active Directory.

Here’s some interesting roles & their permissions requirements:

Multi-factor authentication
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/roles-delegate-by-task#multi-factor-authentication
Authentication Administrator permissions
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#authentication-administrator-permissions
Compliance Administrator
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#compliance-administrator
Conditional Access Administrator
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#conditional-access-administrator
Desktop Analytics Administrator
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#desktop-analytics-administrator
Emergency Options
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-resilient-controls#emergency-options

Posted in Uncategorized

Categories

%d bloggers like this: