Event banner
Event details
12 Comments
Explore specialized content about Microsoft Entra ID through Microsoft Learn’s Security Tech Accelerator Collection.
- Trevor_Rusher
Community Manager
That concludes this session of the Security Tech Accelerator. Thanks for joining! Up next: AMA: Defender for Cloud .
Note: The Comments section will be open up to questions until Friday (12/8) and we'll reply as promptly as possible.
- Making the TAP automation seems very advanced, and how would it help for a new employee if they do not yeat have enrolled the devices? (they cant read the email or sms).
Jairo CadenaMicrosoft
Yes, and this is a good example on how an advanced task like this can be made easy with Lifecycle Workflows (LCW). For a new hire you can create a workflow where the TAP goes to the hiring manager/hiring coordinator for them to provide it out of band. In some cases, we've seen some customers sending the TAP to the new hire personal email address.
- When did Access Review licensing change? AFAIK, only Reviewer required Entra ID P2 license. However, now https://learn.microsoft.com/en-us/entra/id-governance/licensing-fundamentals defines P2 license as required for each member of the group as well.
- Mark_Wahl
Thanks for reaching out. The licensing fundamentals article is intended to help organizations estimate requirements for scenarios with the new Microsoft Entra ID Governance SKUs. For questions on Entra ID (formerly Azure AD Premium) P2 SKUs, you will need to contact your Microsoft account team for an authoritative answer on how ensuring your organization has the right number of seats.
- Access packages: If you add group membership resource role to an access package it always creates an active membership and has no option to create eligible one. How can I add eligible group memberships in access packages? pre-creating them is also not helping.
- so, the business case behind is we have multiple orgs in the same tenant managed by different IT teams. We created RBAC based on eligible group membership. But some IT members manage multiple companies in the same role. We just want to make their lives easier, so they don't have to PIM for the role for every single company and bundle the request in an access package. But with access package they are always in the role and nit JIT
- Jef_KazimerToday you can assign access to groups as either Member or Owner role which are active assignments. I think this is a great enhancement to be able to assign eligible to take advantage of PIM for groups for JIT activation for membership of those groups, and we'll take that feedback for the future.
- Trevor_RusherWelcome to today's deep dive on Improving your security posture with Microsoft Entra ID Governance. Let's get started! Post your questions in the Comments. We'll be answering them in the chat!
- Trevor_RusherThe Tech Accelerator starts soon! We're so excited to bring you all the Security deep dive content over the next 5 hours, starting with this session! Get your questions ready and the team will be ready to answer them during the live events.
