Forum Discussion
PIM: Assignment of custom roles (e.g. Intune custom roles)
Hi folks, i wonder if it's possible to assign custom roles with the privileged identity management. At the moment i would like to assign our custom intune roles. Is this possible? Thank yyou...
Hi Patrick,
What I did to assign custom roles was to go the route of creating an access package with the roles assigned and then have access requested via that. This article also has another method to do it. https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/azure-ad-custom-roles-assign I hope that helps.
What I did to assign custom roles was to go the route of creating an access package with the roles assigned and then have access requested via that. This article also has another method to do it. https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/azure-ad-custom-roles-assign I hope that helps.
Hi ChonoN
Thank you for your kind reply.
Unfortunatelly in my PIM console there is no menu item called "Azure AD custom roles (Preview)" as mentioned in the MS docs article. 😕 Is this an option in your tenant?
Could you describe your alternate approach a little more?
PatrickF11 Yes it's an option in mine and what I did was create a group with the appropriate permissions and access levels and then created an access package via PIM so that when someone needed to perform those task they will activate the role via PIM and be added to group and then upon expiration be automatically removed.
- As the Intune roles aren't created through AAD, but through Intune
It's not possible to assign them through PIM.
Assigning custom roles is in preview indeed, but now it only support application permissions
