Suppose your organization plan to use Azure AD and you are responsible to manage the user profiles and access to users. In this article, we will have an overview of basic user management tasks like- Managing user profile, assigned roles, licenses, MFA, etc. Now let's start one by one.
Suppose a new person (Ram Mohan) joined my organization's sales team and I am responsible to add him to Azure AD and provide relevant access.
Now let's add him to Azure AD. To do so I will go to Azure AD>Users> and Add New User.
Now as a user joined my organization I will create a user. Either if someone joins for a short term from outside my organization I can invite them as well.
For now, I will just fill in basic details only- Name, User Name, Designation, Department, and manager. Will assign a relevant role later.
Now let's assign the user Insight Administrator role. To do that we will click on that particular user and then will click on Role assignment. Now we will select the Insight administrator role from the list and on the next page select an assignment type. In case of eligible user need to activate it from their own end. Once done we will click on assign.
Now let's add users to the sales group-
To do so we will click on user profile and then will go to groups. Now click on add memberships and select the relevant group.
Now let's user assign a P2 license. To do that we will go to the user profile and will click on licenses.
In the devices section, we can see all the devices and user login activity. We can detect stale devices and remove access as well.
Now let's secure Ram Mohan with multi-factor authentication. We will force Ram Mohan to register for MFA and perform MFA according to organizations policy,
Now we will put user mobile and email to perform MFA or can create a policy to apply for all or specific users to perform MFA.
Which this I am done with the processes of adding Ram Mohan to my organization. Let's login into Ram Mohan's account to see how it forms.
When Ram Mohan login to his account he will be first asked to update his password.
After that Ram Mohan will be asked to register for MFAor he can skip for 14 days.
Now let's go to PIM and activate Ram Mohan's role as an Insight administrator-
We just need to click on activate and it will be activated or a report will be sent to the manager based on your PIM policy.
Hopefully, you found this write-up helpful. Please follow for more such content.
Top comments (0)