Nov 04 2020
07:53 AM
- last edited on
Jan 14 2022
04:28 PM
by
TechCommunityAP
Nov 04 2020
07:53 AM
- last edited on
Jan 14 2022
04:28 PM
by
TechCommunityAP
I have a question about what role internal support needs to unlock a user account that was locked bu ID Protection due to a risk blocked sign-in or for a user that rejected MFA.
Currently, it looks like only a GA is able to do this but I obviously do not want to elevate all the support staff with this role. But, I have not seen a PIM eligible role that successfully allows this so I have to assume I am missing something.
Have asked my MSFT rep about this and that was no help :(
Nov 05 2020 01:42 AM
@alex3920 Hi, the permissions options are described here https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protec...