The course is part of these learning paths
At a time when security breaches seem to be an everyday occurrence, it’s become more and more important to protect resources with more than just a username and password. It’s even more important to protect resources from INTERNAL threats. By implementing Azure AD Privileged Identity Management, organizations can protect their resources with improved security features, and even keep an eye on what legitimate administrators are doing.
In this course, you’ll learn how to implement Azure AD Privileged Identity Management. We’ll start the course by touching on an overview of what Azure AD Privileged Identity Management is and what it offers. We will then work through the deployment of PIM and how it works with multi-factor authentication. As we work through some demos, you will learn how to enable PIM and how to navigate tasks in PIM.
We’ll then cover the activation of roles and the assignment of those roles, including permanent roles and just-in-time roles. We’ll also cover the concepts of updating and removing role assignments, reinforcing these concepts through demonstrations.
We’ll round out the course with supported management scenarios, configuring PIM management access, and how to process requests.
- Enable PIM
- Activate a PIM role
- Configure just-in-time resource access
- Configure permanent access to resources
- Configure PIM management access
- Configure time-bound resource access
- Create a Delegated Approver account
- Process pending approval requests
- People who want to become Azure cloud architects
- People who are preparing to take Microsoft’s AZ-101 exam
- Moderate knowledge of Azure Active Directory
To see the full range of Microsoft Azure Content, visit the Azure Training Library.
There will be times when you need to grant access to someone so they can manage PIM. To do this, sign into the Azure portal and open the Azure AD Privileged Identity Management dashboard. Click Azure AD directory roles and then click Roles. Click on the privileged role administrator role to view the member's page. Open the add managed members pane by clicking Add member. And then click Select members. Choose a member, and then click Select. From here, you make the member eligible for the privileged role administrator role by clicking OK. It's important to note that when you assign a new role to someone in PIM, that person is automatically configured as eligible to activate the role. You can make the member permanent by clicking the user in the privileged role administrator member list, then clicking More, and then Make permanent. Doing so makes the assignment permanent. Removing access to manage PIM is an easy process. However, before removing someone from the privileged role administrator role, ensure that there will still be at least two users assigned to the role. To remove access, add a check mark next to the user you want to remove, and then click Remove member. You will typically see a message asking for confirmation. Click Yes, and with that, you have removed access from the user for managing PIM.
About the Author
Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.
In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.
In his spare time, Tom enjoys camping, fishing, and playing poker.