Assigning roles and administrative units

Top delegate tasks are used to create administrative units and assign roles for specific tasks. In this configuration, we will generate an HR and we will assign the role of managing user accounts to manager of the HR department.

Connecting to Azure Active Directory

First of all, we need to connect to our Azure AD with the PowerShell cmdlet Connect-MsolServicewith the admin@domain.onmicrosoft.com user.

Creating an administrative unit

Type New-MsolAdministrativeUnit- DisplayName'HR' -Description'HumanResourcesUsers' to create the HR.

Adding users to an administrative unit

Next, we need to add the users of the ...

Get Mastering Identity and Access Management with Microsoft Azure now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Mastering Identity and Access Management with Microsoft Azure by Jochen Nickel

Assigning roles and administrative units

Connecting to Azure Active Directory

Creating an administrative unit

Adding users to an administrative unit

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly