cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Just in time access - time for effective access?

Mattias Frykstrand
Copper Contributor

‎Sep 06 2018 04:59 AM

‎Sep 06 2018 04:59 AM

Just in time access - time for effective access?

Hi,

 

We are evaluating Privileged Identity Management and just in time access. I've been trying to find information on how long it takes for the permission to become active after it has been approved but haven't found anything.

 

Right now it takes approximately 15-20 minutes before the permissions seems to be active when using powershell, but another 10-15 before I have all options in say Exchange Admin Center. Is this the expected behavior or is it something we have missed?

 

Br

Mattias 

1,957 Views
0 Likes
3 Replies
Reply
3 Replies
Vasil Michev

‎Sep 06 2018 11:37 AM

‎Sep 06 2018 11:37 AM

Re: Just in time access - time for effective access?

In my experience it's way faster than that. Remember that for Exchange, generally you have to create a new session to either the EAC or PowerShell for any permission changes to be reflected.

0 Likes
Reply
Mattias Frykstrand

‎Sep 10 2018 04:19 AM

‎Sep 10 2018 04:19 AM

Re: Just in time access - time for effective access?

Have you seen any documentation on what to expect? I activated 2 two roles 20 minutes ago, and EAC was ok after ca 5 minutes and a new session. But neither ECP or Security And Compliance center is  working. I like the idea of PIM, but if one has to wait 20-30 minutes for it to work then it's quite hard to use.

0 Likes
Reply
best response confirmed by Mattias Frykstrand (Copper Contributor)
Peter Stapf

‎Sep 12 2018 11:10 AM

‎Sep 12 2018 11:10 AM

Solution

Re: Just in time access - time for effective access?

Hi,

General AAD role like Global Admin or User Admin should work directly after elevation, I also tested it and it works like charm.

 

There is one issue currently with the Exchange Admin role that can take up to 30 mins to be active, there is already a feedback on Azure Feedback page:

https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/19243510-pim-to-work-cor...

 

As you can see work on that issue has already started and is in development.

 

/Peter

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Mattias Frykstrand (Copper Contributor)
Peter Stapf

‎Sep 12 2018 11:10 AM

‎Sep 12 2018 11:10 AM

Solution

Re: Just in time access - time for effective access?

Hi,

General AAD role like Global Admin or User Admin should work directly after elevation, I also tested it and it works like charm.

 

There is one issue currently with the Exchange Admin role that can take up to 30 mins to be active, there is already a feedback on Azure Feedback page:

https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/19243510-pim-to-work-cor...

 

As you can see work on that issue has already started and is in development.

 

/Peter

View solution in original post

0 Likes
Reply