Role Based Access Control (RBAC) has been a favorite feature of the System Center Configuration Manager community since its introduction, and now it’s available in Intune. RBAC in Intune enables you to easily define who can perform various Intune tasks within your organization, and who those tasks apply to. RBAC gives you greater flexibility and control while ensuring your IT administrators have the necessary permissions to perform their job.
The newIntune admin experienceon Azure delivers deeper levels of integration with Azure Active Directory, which includes Azure AD Groups as well as integration with Azure AD Directory Roles. This integration provides the underpinnings of Intune’s RBAC capabilities and our overall permissions management story. RBAC for Intune starts by leveraging four Azure AD Directory Roles that define high level administrative access to Intune workstreams and tasks.