Assign Role in Azure AD through PIM

Created by Aranjit Kuanr, Modified on Thu, 14 Jan, 2021 at 3:45 PM by Aranjit Kuanr

Assign Azure AD Roles In PIM 


With Azure Active Directory (Azure AD), a Global administrator can make permanent Azure AD admin role assignments. These role assignments can be created using the Azure portal.

The Azure AD Privileged Identity Management (PIM) service also allows Privileged Role Administrators to make permanent admin role assignments. Additionally, Privileged Role Administrators can make users eligible for Azure AD admin roles. An eligible administrator can activate the role when they need it, and then their permissions expire once they're done. 


How To Make A User Eligible For A Role 


Follow these steps to make a user eligible for an Azure AD admin role. 

  1. Sign in to Azure Portal with a user that is a member of the Privileged Role Administrator role. 
  2. Open Azure AD Privileged Identity Management. 
  3. Click Azure AD roles. 

 

  1. d. Click Roles or Members. Click Add member to open Add managed members. 

 

  1. e. Click Select a role, click a role you want to manage, and then click Select. 

 

  1. f. Click Select members, select the users you want to assign to the role, and then click Select. In Add managed members, click OK to add the user to the role. 

 

 

 

  1. h. In the list of roles, click the role you just assigned to see the list of members. 

 

 

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article