Forum Discussion
Solved
role needed to view devices inventory in Defender
Hello, I'm a global admin for my organization and was recently asked to provide read only access to a manager in Defender. He is mainly interested in viewing the devices inventory in the security...
- Are you using the MDE RBAC in your environment?
If so, read-only roles are no longer valid for MDE, so you will need to give him a role in MDE as well.
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/rbac?view=o365-worldwide
Also check if device groups have security groups assigned for user access.
If a device group has a security groups assigned, only users that are part of these security groups will be able to see those devices.
Are you using the MDE RBAC in your environment?
If so, read-only roles are no longer valid for MDE, so you will need to give him a role in MDE as well.
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/rbac?view=o365-worldwide
Also check if device groups have security groups assigned for user access.
If a device group has a security groups assigned, only users that are part of these security groups will be able to see those devices.
If so, read-only roles are no longer valid for MDE, so you will need to give him a role in MDE as well.
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/rbac?view=o365-worldwide
Also check if device groups have security groups assigned for user access.
If a device group has a security groups assigned, only users that are part of these security groups will be able to see those devices.