Microsoft Technical Bulletins

The latest updates for all the Microsoft Products you use every day.

Written by admin

Categories: Azure AD | Identity Service

August 3, 2021

Blog Home

Ability to assign roles to Azure AD groups is now generally available!

QuixTec provides technical bulletins ‘unaltered’ from Microsoft. As an authorized Microsoft Partner, experienced SharePoint development group and Office 365 expert, QuixTec’s’ custom online or on premises solutions include the latest Microsoft updates throughout initiatives that we custom develop for you.

From Microsoft Corporation
Technical Bulletin:  
MC274516 · Published Jul 31, 2021

Message Summary

Note: If you do not have the Azure Active Directory (AAD) Premium P1 or the Azure Active Directory (AAD) Premium P2 license, you can safely ignore this message.

Ability to assign roles to Azure Active Directory groups is now generally available. Assigning roles to groups can simplify the management of role assignments in Azure Active Directory in two ways:

  • Instead of multiple roles assignments to individual users, Privileged Role Administrator or Global Administrator can assign the role to a group. Your existing governance workflow can then take care of the approval process and auditing of the group’s membership to ensure that only legitimate users are members of the group.
  • An owner can be assigned to a group assigned to role. The owner of the group can then manage group memberships and control who can get the role, allowing you to effectively delegate the administration of Azure Active Directory roles and reduce the dependency on Privileged Role Administrator or Global Administrator.

When this will happen:

Currently this is generally available for Azure Active Directory groups, and we’ll be extending this in the future to on-premises groups.

  • Assigning roles to Azure Active Directory groups requires an Azure Active Directory Premium P1 license.
  • Privileged Identity Management requires Azure Active Directory Premium P2 license.

How this will affect your organization:

You can now target Azure AD groups for role assignments. Assigning roles to groups can simplify the management of role assignments in Azure AD with minimal effort from Global Administrators and Privileged Role Administrators.

What you need to do to prepare:

Learn more:

Use Azure AD groups to manage role assignments.

Additional information

ABOUT US: QuixTec, LLC is a U.S. certified Veteran Owned, modern DevOps organization and Microsoft Partner that specializes in Microsoft SharePoint, Office 365 expertise & HTML5 technologies for small to enterprise-sized organizations. The founder, Richard, has 30 years of experience working with several notable companies that include World Vision, Expedia, Microsoft, Levi Strauss, NASA, Boeing Aerospace, Los Alamos National Laboratory, and the U.S. Air Force, to name a few.  QuixTec is in the Seattle area. Phone today for a free consultation and project estimate: (425) 367-9025    SHAREPOINT DEVELOPMENTCUSTOM SOLUTION DEVELOPMENTOFFICE 365 EXPERTSSHAREPOINT DOCUMENT LIBRARIESSHAREPOINT CONSULTANCYSPECIAL NGO RATES

You May Also Like…

14 + 11 =

Call Now

(425) 367-9025

17939 95th Place NE

Bothell, WA 98011