Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

MDI Roles/Permissions - where art thou now ?

Brass Contributor

It used to be simple. In ATP (now MDI), there used to be 3 groups used for administration/viewing (Azure ATP [workspace] Admin, Azure ATP [workspace] Users and Azure ATP [workspace] Viewers).

Having gone round and round in Role groups - Microsoft Defender for Identity | Microsoft Learn - I am now lost on whether this is still the case, as I have recently heard a few of my MDI "admins" (with the ATP User group) can no longer manage alerts. They used to be able to, and now it is greyed out and if you hover over the button it says "You don't have permissions to perform this action".  Has RBAC gone up the wazzoo since the forced transition to the new portal ?  There is no menu/config for Identity permissions...so I don't even know where those groups are shown any more.  Anyone know ?

20 Replies
Thank you for your response. I've opened the support ticket with Microsoft.