Total Number of Global Administrators

Joshua Bines · ‎May 14 2020

Evening All,

I'm trying to confirm how many PIM eligible global administrators can you have in a tenant? Is it still 4 or is that recommendation only for accounts with a perm GA role? Under what conditions could that be relaxed?

The current guidance seems a little vague and getting various opinions on the topic.

Thanks in advance.

B
Josh

PeterRising · ‎May 14 2020

@Joshua Bines

The recommendation from Microsoft is to have no more than 4 dedicated GA accounts. However, as far as I know, there are no such guidelines for PIM eligible GA's. This would make sense as they only have the role on a just in time basis, and are therefore less vulnerable.

This article may be of help - https://docs.microsoft.com/en-us/office365/enterprise/protect-your-global-administrator-accounts

Joshua Bines · ‎May 15 2020

I haven't found any guidance for this either but it really depends on how you view the term 'dedicated' for me it appears open to interpretation. PIM eligible GA accounts can also be enabled for self approval and if you have a large number of PIM eligible GA approvers might get into the habit of approving requests without a whole lot of thought. Their are some risks here that orgs really need to work through... setting a limit for PIM eligible GA's I think might help reduce this threat.

PeterRising · ‎May 15 2020

@Joshua Bines

Agreed. I would say that if you are going to have a significant number of PIM eligible GA's, then requiring an approval process is really going to be essential.

Total Number of Global Administrators

Total Number of Global Administrators

Re: Total Number of Global Administrators

Re: Total Number of Global Administrators

Re: Total Number of Global Administrators

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Total Number of Global Administrators