Implementing Entitlement Packages in Microsoft 365
The course is part of this learning path
Entitlement packages in Microsoft 365 are a way to streamline and grant access to users more easily. An entitlement package encapsulates user groups, Teams, applications, and SharePoint sites into a catalog. The resources in the catalog are each assigned an access role that dictates the permissions a user will have when using the resource. An approval process and a hyperlink added to the resources and roles are the basic ingredients of an entitlement package. This course will explore entitlement packages and their use cases more thoroughly, including implementation through the Azure portal.
- Overview of Entitlement access packages
- How to use Entitlement access packages
- How to create an Entitlement access package in the Azure portal
This course is intended for students who want to learn about Entitlement access packages, their use cases, and how to implement them. Students who intend to take the MS-100 exam: Microsoft 365 Identity and Services.
Have used the Azure portal, know what Azure Active Directory is, and optionally, have an Azure Active Directory Premium P2 or Enterprise Mobility plus Security E5.
Entitlement management in the context of identity governance uses access packages to bundle role-based permissions for user group and Teams membership, and access to applications and SharePoint sites. An access package is a catalogue of user groups, Teams, applications and/or SharePoint sites. For each resource in a package’s catalogue an access role is set. An access package can be granted a limited lifetime, using a period of time or an end date. You can configure a package to have its access reviewed on a periodic basis. Unlike a user group, an access package doesn’t have any users assigned to it.
The access package is a means for users to request access to the resources in the package. An approval process is built into the access package’s functionality. This process can involve one-step approval, or you can have multiple approval steps with multiple approvers. Users request access to resources in a package with a hyperlink to a URL unique to the package. When an access package expires, due to elapsed time or the end date has been reached, access to the resources in the package are revoked. When someone not in the active directory associated with the entitlement access package is granted access they will be joined to the AD for the duration of the package’s lifetime.
My name is Hallam Webber and I hope you’ve found this course on Entitlement Access packages informative and enjoyable. Until next time be safe and secure.
Hallam is a software architect with over 20 years experience across a wide range of industries. He began his software career as a Delphi/Interbase disciple but changed his allegiance to Microsoft with its deep and broad ecosystem. While Hallam has designed and crafted custom software utilizing web, mobile and desktop technologies, good quality reliable data is the key to a successful solution. The challenge of quickly turning data into useful information for digestion by humans and machines has led Hallam to specialize in database design and process automation. Showing customers how leverage new technology to change and improve their business processes is one of the key drivers keeping Hallam coming back to the keyboard.