Forum Discussion
New role recommendation: Read Only Exchange Admin
To fully leverage PIM, we are transitioning to Entra roles wherever possible. We wish we could get off of customized Exchange RBAC roles, but the Exchange Recipient Admin role, lacks access to infor...
VasilMichev Thanks for the quick reply. Global Reader is a bit broad for this use case and we'd like to limit the viewer access just to the Exchange service. From my research I don't see a way to customize an Entra role to hook into specific Exchange roles. Is that correct? The other solution might be to use PIM group access to time box access to EXO RBAC roles, but that's not ideal.
Security Reader should also work. You cannot go more granular than that with Entra roles.