{"id":40693,"date":"2021-05-14T09:45:58","date_gmt":"2021-05-14T09:45:58","guid":{"rendered":"https:\/\/www.testpreptraining.com\/tutorial\/?page_id=40693"},"modified":"2021-05-14T09:46:00","modified_gmt":"2021-05-14T09:46:00","slug":"azure-ad-privileged-identity-management-capabilities","status":"publish","type":"page","link":"https:\/\/www.testpreptraining.ai\/tutorial\/azure-ad-privileged-identity-management-capabilities\/","title":{"rendered":"Azure AD Privileged Identity Management Capabilities"},"content":{"rendered":"\n<p><strong><a href=\"https:\/\/www.testpreptraining.ai\/tutorial\/exam-sc-900-microsoft-security-compliance-and-identity-fundamentals\/\" target=\"_blank\" rel=\"noreferrer noopener\">Go back to Tutorial<\/a><\/strong><\/p>\n\n\n\n<p>In this tutorial, we will learn about Azure AD Privileged Identity Management Capabilities.<\/p>\n\n\n\n<p>Privileged Identity Management (PIM) is a service in Azure Active Directory (Azure AD) that enables you to manage, control, and monitor access to important resources in your organization. These resources include resources in Azure AD, Azure, and other Microsoft Online Services such as Microsoft 365 or Microsoft Intune. <\/p>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>Reasons to use<\/strong><\/h5>\n\n\n\n<p>Organizations want to minimize the number of people who have access to secure information or resources. This is because that reduces the chance of a malicious actor getting that access, or an authorized user inadvertently impacting a sensitive resource. However, users still need to carry out privileged operations in Azure AD, Azure, Microsoft 365, or SaaS apps. Organizations can give users just-in-time privileged access to Azure resources and Azure AD. <\/p>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>What does it do?<\/strong><\/h5>\n\n\n\n<p>Some key features of Privileged Identity Management:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, provide just-in-time privileged access to Azure AD and Azure resources<\/li><li>Secondly, assign time-bound access to resources using start and end dates<\/li><li>Thirdly, require approval to activate privileged roles<\/li><li>Then, enforce multi-factor authentication to activate any role<\/li><li>Next, use justification to understand why users activate<\/li><li>Lastly, get notifications when privileged roles are activated<\/li><\/ul>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><a href=\"https:\/\/www.testpreptraining.ai\/exam-sc-900-microsoft-security-compliance-identity-fundamentals-free-practice-test\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc-900-tests.png\" alt=\"Practice tests Azure AD Privileged Identity Management Capabilities\"\/><\/a><\/figure><\/div>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>Who can do what?<\/strong><\/h5>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, for Azure AD roles in Privileged Identity Management, only a user who is in the Privileged role administrator or Global administrator role can manage assignments for other administrators. You can grant access to other administrators to manage Privileged Identity Management. However, Global Administrators, Security Administrators, Global readers, and Security Readers can also view assignments to Azure AD roles in Privileged Identity Management.<\/li><li>Secondly, for Azure resource roles in Privileged Identity Management, only a subscription administrator, a resource Owner, or a resource User Access administrator can manage assignments for other administrators. Users who are Privileged Role Administrators, Security Administrators, or Security Readers do not by default have access to view assignments to Azure resource roles in Privileged Identity Management.<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Scenarios<\/strong><\/h4>\n\n\n\n<p>Privileged Identity Management supports the following scenarios:<\/p>\n\n\n\n<p><strong>1. Privileged Role administrator permissions<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, enable approval for specific roles<\/li><li>Secondly, specify approver users or groups to approve requests<\/li><li>Lastly, view request and approval history for all privileged roles<\/li><\/ul>\n\n\n\n<p><strong>2. Approver permissions<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, view pending approvals (requests)<\/li><li>Secondly, approve or reject requests for role elevation (single and bulk)<\/li><li>Lastly, provide justification for my approval or rejection<\/li><\/ul>\n\n\n\n<p><strong>3. Eligible role user permissions<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, request activation of a role that requires approval<\/li><li>Then, view the status of your request to activate<\/li><li>Lastly, complete your task in Azure AD if activation was approved<\/li><\/ul>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><a href=\"https:\/\/www.testpreptraining.ai\/exam-sc-900-microsoft-security-compliance-identity-fundamentals-practice-exam\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc-900-course.png\" alt=\"sc-900 online course\"\/><\/a><\/figure><\/div>\n\n\n\n<p><strong>Reference:<\/strong> <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/privileged-identity-management\/pim-configure\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Documentation<\/a><\/p>\n\n\n\n<p><strong><a href=\"https:\/\/www.testpreptraining.ai\/tutorial\/exam-sc-900-microsoft-security-compliance-and-identity-fundamentals\/\" target=\"_blank\" rel=\"noreferrer noopener\">Go back to Tutorial<\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Go back to Tutorial In this tutorial, we will learn about Azure AD Privileged Identity Management Capabilities. Privileged Identity Management (PIM) is a service in Azure Active Directory (Azure AD) that enables you to manage, control, and monitor access to important resources in your organization. These resources include resources in Azure AD, Azure, and other&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[],"tags":[],"class_list":["post-40693","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Azure AD Privileged Identity Management Capabilities<\/title>\n<meta name=\"description\" content=\"Upgrade your knowledge by learning Azure AD Privileged Identity Management Capabilities. Prepare and pass the Microsoft SC-900 Exam Now!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.testpreptraining.ai\/tutorial\/azure-ad-privileged-identity-management-capabilities\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Azure AD Privileged Identity Management Capabilities\" \/>\n<meta property=\"og:description\" content=\"Upgrade your knowledge by learning Azure AD Privileged Identity Management Capabilities. Prepare and pass the Microsoft SC-900 Exam Now!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/azure-ad-privileged-identity-management-capabilities\/\" \/>\n<meta property=\"og:site_name\" content=\"Testprep Training Tutorials\" \/>\n<meta property=\"article:modified_time\" content=\"2021-05-14T09:46:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc-900-tests.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/azure-ad-privileged-identity-management-capabilities\/\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/azure-ad-privileged-identity-management-capabilities\/\",\"name\":\"Azure AD Privileged Identity Management Capabilities\",\"isPartOf\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\"},\"datePublished\":\"2021-05-14T09:45:58+00:00\",\"dateModified\":\"2021-05-14T09:46:00+00:00\",\"description\":\"Upgrade your knowledge by learning Azure AD Privileged Identity Management Capabilities. Prepare and pass the Microsoft SC-900 Exam Now!\",\"breadcrumb\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/azure-ad-privileged-identity-management-capabilities\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.testpreptraining.ai\/tutorial\/azure-ad-privileged-identity-management-capabilities\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/azure-ad-privileged-identity-management-capabilities\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Azure AD Privileged Identity Management Capabilities\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"name\":\"Testprep Training Tutorials\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\",\"name\":\"Testprep Training\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"contentUrl\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"width\":583,\"height\":153,\"caption\":\"Testprep Training\"},\"image\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Azure AD Privileged Identity Management Capabilities","description":"Upgrade your knowledge by learning Azure AD Privileged Identity Management Capabilities. Prepare and pass the Microsoft SC-900 Exam Now!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.testpreptraining.ai\/tutorial\/azure-ad-privileged-identity-management-capabilities\/","og_locale":"en_US","og_type":"article","og_title":"Azure AD Privileged Identity Management Capabilities","og_description":"Upgrade your knowledge by learning Azure AD Privileged Identity Management Capabilities. Prepare and pass the Microsoft SC-900 Exam Now!","og_url":"https:\/\/www.testpreptraining.ai\/tutorial\/azure-ad-privileged-identity-management-capabilities\/","og_site_name":"Testprep Training Tutorials","article_modified_time":"2021-05-14T09:46:00+00:00","og_image":[{"url":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc-900-tests.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/azure-ad-privileged-identity-management-capabilities\/","url":"https:\/\/www.testpreptraining.ai\/tutorial\/azure-ad-privileged-identity-management-capabilities\/","name":"Azure AD Privileged Identity Management Capabilities","isPartOf":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website"},"datePublished":"2021-05-14T09:45:58+00:00","dateModified":"2021-05-14T09:46:00+00:00","description":"Upgrade your knowledge by learning Azure AD Privileged Identity Management Capabilities. Prepare and pass the Microsoft SC-900 Exam Now!","breadcrumb":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/azure-ad-privileged-identity-management-capabilities\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.testpreptraining.ai\/tutorial\/azure-ad-privileged-identity-management-capabilities\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/azure-ad-privileged-identity-management-capabilities\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.testpreptraining.ai\/tutorial\/"},{"@type":"ListItem","position":2,"name":"Azure AD Privileged Identity Management Capabilities"}]},{"@type":"WebSite","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","name":"Testprep Training Tutorials","description":"","publisher":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization","name":"Testprep Training","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/","url":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","contentUrl":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","width":583,"height":153,"caption":"Testprep Training"},"image":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/40693","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/comments?post=40693"}],"version-history":[{"count":5,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/40693\/revisions"}],"predecessor-version":[{"id":40820,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/40693\/revisions\/40820"}],"wp:attachment":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/media?parent=40693"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/categories?post=40693"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/tags?post=40693"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}