Forum Discussion

rybo3000's avatar
rybo3000
Brass Contributor
Aug 25, 2020

Pre-Built Azure AD Groups based on the SPA Roadmap

Since new GCC High deployments begin with no production users or data: is there some way we could receive guidance from MFST on a preferred Azure AD structure that maps to the https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/securing-privileged-access roadmap phases?

2 Replies

  • dmcwee's avatar
    dmcwee
    Icon for Microsoft rankMicrosoft
    Aug 25, 2020

    rybo3000 can you clarify what you are looking for?  Are you looking for recommendations on separating accounts (User vs. Admin), ways to organize accounts in various security groups, or something else?

    • rybo3000's avatar
      rybo3000
      Brass Contributor
      Aug 25, 2020

      dmcweeboth of those clarifications would be great. Many orgs are looking for suggestions on how to name their accounts, how to construct the security groups behind those accounts (dynamic vs assigned, etc.), and a "starter set" of admin role assignments and permissions to layer over top of the recommendations in the Securing Privileged Access roadmap.

Resources