Exchange Online access via PIM
Hi, We are looking to grant more granular access to the Exchange Online portal for our support teams instead of the Exchange Admin Entra role. The idea is to set up cloud security groups, onboard them to PIM and grant the users eligible assignments. The groups would be then assigned to the Exchange Online role groups (RBAC) in the Exchange Portal. It appears though that Exchange Portal requires mail-enabled security groups and mail-enabled security groups cannot be onboarded to PIM. Does anyone know if this is by design? What is the alternative solution to grant JIT access to the Exchange Portal instead of the Entra role or the standing access of the users assigned directly to the RBAC roles on the Exchange Portal? Many thanks.
PIM - activate rol
Hi, I am trying to activate a rol in PIM. I am following the steps of microsoft guide to do it: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-activate-role Before I assigned Azure AD (Teams Administrator role) role in PIM to a member (Eligible - Permanent) without any problem. When I try to activate the role in PIM: - Azure AD Privileged Identity Management > My Roles > Azure AD Roles: is not listed any eligible AD rol Any idea about the issue?
Add assigment for azure ressource group only
I can see in different videos that you can assign assignments for a specific ressource group in Azure: I cant find this any where in the new UI. Anyone has a guide how to do this? In the movie I pasted above they click my roles and activate. However mine looks like this:
