Forum Discussion
Kem_Mal
Dec 02, 2021Copper Contributor
Seperate Intune administrators for smartphones and laptops devices?
I have 1 O365/Azure tenant. We have implemented intune for the Windows laptops by MicrosoftPartnerA. Now we would like to implement intune for smartphones by MicrosoftPartnerB (specialised in mobile devices). How can I seperate the administrators permissions of these 2 companies? They don't like it to have access in each other settings. RBAC? Another Azure tenant wit a sync with AAD? Please help.
- You can use RBAC and Scope Tags, don't know if that would fit your needs? https://docs.microsoft.com/en-us/mem/intune/fundamentals/scope-tags / https://blog.thinformatics.com/2020/03/role-based-access-control-in-microsoft-endpoint-manager/
- Kem_MalCopper Contributor
Harm_Veenstra thank you. Where can I find all RBAC roles?
- You can assign a built-in or custom role to an Intune user.
To create, edit, or assign roles, your account must have one of the following permissions in Azure AD:
Global Administrator
Intune Service Administrator
In the Microsoft Endpoint Manager admin center, choose Tenant administration > Roles > All roles.