Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Administrative Units (Preview) - Device Management?

Steel Contributor

Use Case: Global Company with separate business units around the world operate autonomous helpdesk organizations. They want to segment IT Administrative authority over Azure AD Devices.

Currently Administrative Units appears to not include Devices. Is this planned, or is there another way to limit the devices that an Azure Administrator has authority to manage?

https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-administrative-...

8 Replies

It's on the Roadmap afaik.

@Vasil Michev I would love to see it on a roadmap. Anyone has some link? 

This is something i am looking for too. Given the age of this initial question, i'm guessing we shouldn't hold our breath.
Nice pickup Harald but unfortunately that's for MSTeams admin center. We're looking to apply to Azure AD Devices. It's promising though if they litmus test it in MSTeams.
Did you read the linked article OR did you judge just by looking on the URL?
The article links to https://docs.microsoft.com/en-us/azure/active-directory/roles/admin-units-manage#add-an-administrati...
Which clearly shows that this is to be done in Azure AD and Teams only picks up the administrative units done in Azure AD.
But maybe I misinterpret your posting.
I did read the entire article :grinning_face:
But as per Joe's original post, i can tell you that i can't create device-based admin units in AAD. Options are only users or groups.
I did try referencing a group of devices without success.

My take on the Teams article you referenced is that Teams admin portal maybe/can leverage admin unit groups that have devices in them. Dunno. A question i might run by MS maybe.