Forum Discussion
Help with custom role for Service desk staff
I've been tasked with granting members of our Service desk the ability to perform 2 specific actions against user accounts within the Defender portal. Please see attached screenshot. Suspend user ...
Hi, for response actions on EntraID, you need an EntraID role outside the RBAC of Defender XDR.
Suspend User in Entra ID:
To suspend a user in Entra ID, you need to have the appropriate permissions in Microsoft Entra ID.
This action typically requires the User Administrator or Identity Governance Administrator role.
Require User to Sign In Again:
This action can be performed by users with the Security Administrator or Global Administrator role in Microsoft Entra.
This role allows you to manage security settings and enforce sign-in policies.
Suspend User in Entra ID:
To suspend a user in Entra ID, you need to have the appropriate permissions in Microsoft Entra ID.
This action typically requires the User Administrator or Identity Governance Administrator role.
Require User to Sign In Again:
This action can be performed by users with the Security Administrator or Global Administrator role in Microsoft Entra.
This role allows you to manage security settings and enforce sign-in policies.
- Thank you, I will give that a go!
- I hope I was helpful.
Maybe in the future you can have more granular controls on these operations.
If the answer was satisfactory mark it as the best.micheleariis Having assigned the below roles to a test account, I unfortunately still do not have access to 'Suspend user in Entra ID' or ‘Require user to sign in again’. Please see attached screenshot. I of course cannot assign the Global Administrator role to these helpdesk account.
- Security Administrator
- Identity Governance Administrator
- User Administrator
