cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Quarantine Administrator - more rights needed?

Stephan G
Brass Contributor

‎Jan 13 2020 07:01 AM

‎Jan 13 2020 07:01 AM

Quarantine Administrator - more rights needed?

Hi everyone,

 

i tried to deploy the new Quarantine Admin to the Admin users of our Office 365 admins.

After mail enabling the user object in Exchange on prem (which is needed btw) the user can access the quarantine without error message.

But no mail is shown. Logging in as a global admin (myself) i can see many mails.

 

I followed this doc: https://docs.microsoft.com/de-de/microsoft-365/security/office-365-security/manage-quarantined-messa...

 

Can anyone please advise.

 

Thanks

 

27.8K Views
0 Likes
4 Replies
Reply
4 Replies
Stephan G

‎Jan 13 2020 10:26 PM

‎Jan 13 2020 10:26 PM

Re: Quarantine Administrator - more rights needed?

Got this mail today stating

"On February 10, 2020, we are updating the roles required to access and manage Quarantine"

 

If you use Exchange Online RBAC roles to manage Quarantine then you will need to assign the Security and Compliance Center Security Administrator or Quarantine Administrator role to the user(s) that require access to Quarantine.

You do not need to modify the existing Exchange Online roles.

 

Does it mean i have to set the Exchange Quarantine Role additional?

 

 

0 Likes
Reply
best response confirmed by Stephan G (Brass Contributor)
Stephan G

‎Feb 17 2020 01:06 AM

‎Feb 17 2020 01:06 AM

Solution

Re: Quarantine Administrator - more rights needed?

Issue resolved - the role has been deployed. After that - Exchange Admins could no longer access the quarantine mails. I had to add them to "Quarantine Administrator" so that they can proceed.
0 Likes
Reply
Anonymous2115

‎Jan 11 2023 01:04 AM

‎Jan 11 2023 01:04 AM

Re: Quarantine Administrator - more rights needed?

How can I assign the quarantine admin role to a user? I can't find that role in admin center.
0 Likes
Reply
Kevin Crouch

‎Apr 18 2023 08:02 AM - edited ‎Apr 18 2023 08:03 AM

‎Apr 18 2023 08:02 AM - edited ‎Apr 18 2023 08:03 AM

Re: Quarantine Administrator - more rights needed?

@Anonymous2115 

If you have the newer Defender Unified RBAC/"Microsoft 365 Defender" roles (which I believe requires certain levels of Defender licensing, possibly Defender for Office 365 P2, but I am not certain) - you should probably use this https://security.microsoft.com/mtp_roles (you may have to migrate/import existing permissions from Endpoint/Email and Collaboration permissions, such as Security Administrator or Security Operator, or Quarantine Administrator)

 

If not, you may still be using Email and Collaboration Roles - which you should be able to check and access here to set Quarantine Administrator https://security.microsoft.com/emailandcollabpermissions

Not directly related to your issue, but may be related to IMPORTING any permissions to Defender Unified RBAC are:
Defender Endpoint Permissions: https://security.microsoft.com/preferences2/user_roles
Azure AD Roles: https://security.microsoft.com/aadpermissions
Cloud App Security Roles: https://security.microsoft.com/cloudapps/permissions/roles
Email and Collaboration Roles: https://security.microsoft.com/emailandcollabpermissions


But, again, I would highly encourage you to move to Defender Unified RBAC if it is available to you to simplify things. This article should walk through enabling RBAC if you can: Activate Microsoft 365 Defender role-based access control (RBAC) | Microsoft Learn

 

And then you should be able to access/migrate to the RBAC Roles here: https://security.microsoft.com/mtp_roles 

 

You may have all of these, you may have two of these, you may just have one of them. I have tenants that have been around for various points as they created the Defender Endpoint roles and started centralizing/combining role permissions to all the Defender products, so I think I have all of them, or nearly all. Best advice is just try each one of the portal links mentioned above and you may be able to see them in your own environment here https://security.microsoft.com/securitypermissions 

Where possible, use the newer style of permissions to avoid having to migrate later. 

KevinCrouch_0-1681830106351.png

 

2 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Stephan G (Brass Contributor)
Stephan G

‎Feb 17 2020 01:06 AM

‎Feb 17 2020 01:06 AM

Solution

Re: Quarantine Administrator - more rights needed?

Issue resolved - the role has been deployed. After that - Exchange Admins could no longer access the quarantine mails. I had to add them to "Quarantine Administrator" so that they can proceed.

View solution in original post

0 Likes
Reply