Admin Role

Azure AD – New administration role available to delegate Windows Updates settings

Leave a Comment / Azure Active Directory, Endpoint Configuration Manager, Microsoft Intune / By / / , , , ,

A new Azure Active Directory administration role is available – called Windows update deployment administrator – to delegate Windows Updates deployments through Windows Update for Business. This role allows you to delegate Windows Update for Business settings like when and how updates are deployed to devices. This will help you delegate Windows Update for Business …

Azure AD – New administration role available to delegate Windows Updates settings Read More »

Azure AD – New administration role available to delegate administration of Microsoft Cloud App Security (MCAS)

Leave a Comment / Azure Active Directory / By / / , , , ,

As you know, Azure AD comes with administration roles to allow you delegate administration tasks with the least privilege. Well, until now if you wanted to delegate Microsoft Cloud App Security (MCAS) administration tasks you had to use either the Security Administrator or Global Administrator roles. Both granting much more permissions than required for MCAS. …

Azure AD – New administration role available to delegate administration of Microsoft Cloud App Security (MCAS) Read More »

Azure AD – New administration roles to delegate administration tasks and reduce the need to grant global administrator

Leave a Comment / Azure Active Directory / By / / , , , ,

As you know, Azure Active Directory provides a large list of administration roles to allow delegating administration tasks and reduce the need to grant the more powerful global administrator role. Well, 2 new roles are now available: Authentication policy administrator to delegate the permissions to manage the authentication methods enabled on Azure AD and associated …

Azure AD – New administration roles to delegate administration tasks and reduce the need to grant global administrator Read More »

Azure AD – New administration roles for managing domain name and authentication methods

Leave a Comment / Azure Active Directory / By / / , , , , , ,

Good news, you don’t need to be a global administrator to manage Multi Factor Authentication (MFA) or authentication methods. A new role called Authentication Policy Admin allows you to delegate authentication methods management, covering MFA or password protection policies. NOTE the legacy MFA setting is not available for the authentication policy admin role Below is …

Azure AD – New administration roles for managing domain name and authentication methods Read More »

Azure AD – You can now enable cloud groups for administration role assignment (preview)

Leave a Comment / Azure Active Directory, Beta / Preview / By / / , , , ,

As you know, all administrative permissions to manage any service or capability should be granted by assigning Azure AD administration roles. Well, until now, it was not possible to grant such administration role to a group of users. Good news, this capability is now available in preview. To start using group to grant administration role, …

Azure AD – You can now enable cloud groups for administration role assignment (preview) Read More »

Azure AD / Office 365 – 3 new administration roles available

Leave a Comment / Azure Active Directory, Office 365 / By / / , , , , , ,

In the way to limit the need and use of the global administrator role, 3 new administration roles have been made available: Groups administrator to delegate groups (Azure AD security groups, Office 365 Groups, Teams or Yammer) management, covering naming convention, expiration policy or even AAD security group restoration Office apps administrator allows you delegating …

Azure AD / Office 365 – 3 new administration roles available Read More »

Office 365 – A new administration role is available to delegate administration of Kaizala

Leave a Comment / Office 365 / By / / , , , ,

You may know Kaizala has been the youngest and latest service added to Office 365, providing phone-based collaboration capabilities. Until then, to manage Kaizala you had to be an Office 365 Global Administrator; well, not anymore, a new administration role is now available to delegate administration of Kaizala without granting global administration: Kaizala admin

Office 365 – You can define Favorites administration roles

Leave a Comment / Office 365 / By / / , , , , , , , ,

As you already know, the Roles page on Office 365 administration portal (https://admin.microsoft.com/) allows you to manage Office 365 roles assigned to your users. Well, you can now define your favorites administration roles (aka the one you use/manage the most) to filter the available roles to only those ones. To set an administration role as …

Office 365 – You can define Favorites administration roles Read More »

Exchange Online – A new administration role is being deployed: Quarantine Administrator

Leave a Comment / Exchange, Office 365, Security / By / / , , , , , , , ,

This was a missing role since the beginning of Office 365 and Exchange Online to allow the delegation of the administration of the quarantine. Before you had to create your very own Exchange Role with the correct permissions – Mail Recipient, Message Tracking, Transport Hygiene and View-Only Configuration (which was not easy to find as …

Exchange Online – A new administration role is being deployed: Quarantine Administrator Read More »

Azure AD / Office 365 – New Global Reader built-in role is coming

Leave a Comment / Azure Active Directory, Office 365 / By / / , , , , , ,

It has been a long awaited capability: being able to give a complete read-access only to Azure AD/Office 365 administration. Well good news, a read-only administrative access role is coming – called Global Reader. The deployment will start on September 24 and scheduled to be completed by October. It worth noting that few limitations will …

Azure AD / Office 365 – New Global Reader built-in role is coming Read More »