Forum Discussion
Azure Active Directory Global Reader role
Microsoft introduced a new Azure AD built-in role called Global Reader. Global reader is the read-only counterpart to Global admin. Users in this role can read all settings and administrative inform...
Safeer khan I agree, its a great role!
It can be very useful to set up with PIM/PAM and let your IT department for example troubleshoot authentication, ConditionalAccess, logs etc in Azure and then send their results and recommended action to a Global Admin that can then implement the changes
I think this role will make it possible to lower the number of Global Administrators in many customers tenants. And make those users Global Readers instead and just let a handfull of people keep using the Global Admin role
oliwer_sundgren Exactly, I have reduced so many access levels on tenants where there is no PIM-PAM to reader role. Its great feature to be honest.
