Learn how to use the PIM wizard to find the permanent roles that have been assigned to your users. Explore how the PIM wizard suggests which users and permanent roles should be reduced to eligible and then performs this action.
- [Narrator] As you saw in a previous lesson,…assigning permanent roles to your users is very easy.…It might almost be too easy.…You may be assigning permanent roles to users…that really should only have eligible roles,…and what if it's not just you who are assigning these roles,…but other administrators as well?…Luckily, PIM comes with a wizard that will convert…these permanent roles to eligible roles,…reducing our security risk.…From within the PIM blade, you'll need to scroll down…to undermanage and then click on wizard.…
And this is a simple, three-step process.…Our first step is to discover…the privileged roles that are in our environment,…and as you can see here, we do have a few.…We have two permanent global administrator roles,…one service administrator, one security administrator,…a privileged role administrator,…and a CRM service administrator.…If we wanted to, we could further…drill into one of these accounts to see who has access,…whether it be permanent or if it's eligible,…and in this case we have my account…
- Configuring Azure Multi-Factor Authentication
- Configuring conditional access
- Managing roles in Privileged Identity Management
- Using Azure Information Protection to protect Word documents
- Tracking and revoking documents
- Configuring mobile apps
- Configuring device compliance policies
- Reviewing device settings in Intune
Skill Level Intermediate
Windows 10: Intune Device Managementwith Ryan Spence1h 39m Intermediate
Microsoft Azure: Implement Azure Active Directorywith Sharon Bennett1h 21m Intermediate
Microsoft Azure Rights Management: Protecting Datawith Brian Culp1h 16m Intermediate
1. Enterprise Mobility + Security
EMS overview4m 39s
2. Identity and Access Management with Azure Active Directory Premium
3. Information Security and Data Protection Using Azure Information Protection
4. Mobile Device and Application Management with Intune
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.