Azure Active Directory (Azure AD) Role Settings - Configuring Privileged Identity Management (PIM)

 

A privileged role administrator can customize Azure Active Directory (Azure AD) Privileged Identity Management (PIM) in their association, including changing the experience for a client who is activating an eligible role assignment.

 

 

Sign in to the Azure portal.

 

Open Azure AD Privileged Identity Management. Then, click Azure AD roles, click Settings >> Roles.

 

 

 

After that, click the role whose settings you want to configure.

 

On the settings page for every role, there are a few settings you can design. These settings just influence clients who are qualified assignments, not permanent assignments.

 

 

 

Utilize the Activations slider to set the most extreme time, in hours, that a role remains active before it terminates. This worth can be between the range of 1 and 72 hours.

 

 

Before it, set the "Require approval" switch to Disable.

 

 

First, set the Require approval switch to Enabled. Then, expand with options to select approvers.

 

 

After that, to specify approvers, click Select approvers you want.

 

 

Select one or more approvers and then click Select. You can select users or groups. At least 2 approvers are recommended. Self-approval is not allowed.

 

Your selections will appear in the list of selected approvers. Once you have specified your all your role settings, click Save to save your changes.

 

 

 

That is it. In this article, we learned the Azure Active Directory role settings to configure Privileged Identity Management. I will continue with more advanced topics in Azure AD in my next article.