Azure Entra ID User and Role Management Assignment
Introduction
In this assignment, I performed user and role management tasks in Azure Entra ID. The tasks included:
- Creating a new user
- Signing in with the new user account
- Assigning Global Administrator privileges
- Creating another user using the promoted account
- Revoking administrative privileges
This practical helped me understand identity and access management in Microsoft Azure.
Requirements
Before starting, ensure you have:
- An active Microsoft Azure account
- Access to Azure Portal
- Permission to manage users and roles
Azure Portal: https://portal.azure.com
Step 1: Sign in to Azure Portal
Open the Azure Portal and sign in with your administrator account.
Step 2: Open Azure Entra ID
In the search bar, type Entra ID and click on Microsoft Entra ID.
Step 3: Create a New User
Navigate to:
Users → All Users → + New User → Create new user
Fill in:
- Username
- Name
- Password settings
Click:
- Review + Create
- Create
Explanation
This step creates a new identity within Azure Entra ID that can later be assigned permissions and roles.
Step 4: Sign In with the Newly Created User
Open an incognito/private browser and sign in using the new account credentials.
Explanation
This confirms the user account was successfully created and can authenticate into Azure.
Step 5: Assign Global Administrator Role
Return to the administrator account and navigate:
Entra ID → Users → Select user → Assigned Roles → Add assignments
Select:
- Global Administrator
Explanation
The Global Administrator role provides full control over Azure Entra ID resources and identity management.
Step 6: Sign In Using the Promoted Account
Open another incognito window and sign in using the promoted account.
Step 7: Create Another User with the Promoted Account
Using the promoted Global Administrator account:
Go to Entra ID → Users → New User
Create a second user account.
Explanation
This confirms that the elevated account has permission to manage users.
Step 8: Revoke Global Administrator Access
Return to:
Entra ID → Users → Select first user → Assigned Roles
Remove:
- Global Administrator
Explanation
Revoking admin access enforces the principle of least privilege and improves security.
Observation
During this exercise, I observed that newly created users did not receive email notifications automatically. However, the accounts were still successfully created and accessible using the provided credentials.
Conclusion
This assignment demonstrated:
- User creation in Azure Entra ID
- Role assignment and privilege management
- Administrative access control
- Role revocation and security enforcement
Overall, it strengthened my practical understanding of identity and access management in Microsoft Azure.
Top comments (0)