Forum Discussion
Permission clarification for O365 Group expiration policy setup
I'm not sure if this is our tenant or if something else might be going on... I have the user administration AAD role applied to an account, and when I attempt to use that account to create an expiration policy on an O365 Group, the form is completely disabled for that user. I verified that a Global Admin account was able to setup a policy. So, looking to verify if there is something in the documentation that is incorrect or misleading? Am I missing something else altogether?
This the article I'm referencing for the permissions needed (under Who can configure...):
Here's a secondary article that states and OR between Global Admin and User Admin:
https://techcommunity.microsoft.com/t5/Premier-Field-Engineering/O365-Groups-Tidbit-Expiration-Policy-for-O365-Groups/ba-p/571924
Thanks
Does the user have an AAD Premium license assigned? I haven't tried using a User admin for this task, but generally speaking they do have limited set of group-related permissions/tasks assigned, compared to GAs.
VasilMichev I don't believe I have an AAD Premium License assigned to that account - I will see if our GA can set that up temporarily... well now that I think of it though user admin will have that ability. I'll just make sure he's OK with me making that change before going forward.
Still wondering if this might be a license problem. I got an AAD Premium license assigned to the account and the fields were still disabled. Also wonder if GA access might completely override and grant the access level needed.
