PIM: Assignment of custom roles (e.g. Intune custom roles)

Question

Hi folks,&nbsp;i wonder if it's possible to assign custom roles with the privileged identity management.At the moment i would like to assign our custom intune roles. Is this possible?&nbsp;Thank yyou in advance.Patrick 🙂

chonon · Answer

Hi Patrick,What I did to assign custom roles was to go the route of creating an access package with the roles assigned and then have access requested via that. This article also has another method to do it. https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/azure-ad-custom-roles-assign I hope that helps.

patrickf11 · Answer

Hi&nbsp;ChonoN&nbsp;&nbsp;Thank you for your kind reply.Unfortunatelly in my PIM console there is no menu item called "Azure AD custom roles (Preview)"&nbsp;as mentioned in the MS docs article. 😕 Is this an option in your tenant?&nbsp;Could you describe your alternate approach a little more?

thijs lecomte · Answer

As the Intune roles aren't created through AAD, but through Intune

It's not possible to assign them through PIM.

Assigning custom roles is in preview indeed, but now it only support application permissions

chonon · Answer

PatrickF11&nbsp;Yes it's an option in mine and what I did was create a group with the appropriate permissions and access levels and then created an access package via PIM so that when someone needed to perform those task they will activate the role via PIM and be added to group and then upon expiration be automatically removed.

Forum Discussion

PIM: Assignment of custom roles (e.g. Intune custom roles)

Share

Resources