Forum Discussion
Hamsterray
Jul 21, 2023Copper Contributor
Admin Roles restrict for IT branch in Office 365 admin centre
i may need some advise regarding the Office 365 admin role can assign the IT Helpdesk admin for branch without see the HQ email users?
Example:
1 HQ
A Branch
B Branch
C branch
Each branch have internal IT team. however those 3 branch all are using same domain like abchotels.com
Would like to know can assign the A Branch with HelpDesk Admin role only manage to branch A Email Users ?
B Branch Assign the help desk admin role only manage to B branch Email Users
HQ IT Team manage to see everything ( using global admin )
Question:
B Branch is not allow to see Branch A \ Branch C or HQ Email users in office 365 admin center.
Thank you
Ray
Seems only Administrative units at the moment:
Administrative units in Azure Active Directory - Microsoft Entra | Microsoft Learn
- Best you can do is leverage administrative units: https://learn.microsoft.com/en-us/azure/active-directory/roles/administrative-units
As for restricting visibility to users in other branches, there is no perfect solution. Some UI bits will honor the admin units restrictions and not show users from other branches, but some other admin tools will, and so will clients, as by default everyone has read-only access to the directory.- HamsterrayCopper ContributorHi , thank for your hinks and after i explored the administrative-Unit at Office 365 admin center which is under Assign administrative unit-scoped administrators is unable to like ( Create new User \ Reset MFA ) not tally with the documents link explained.