Secure Azure Infra – 7.2: Test PIM Access

1) In a separate browser browse to the following URL: https://outlook.office365.com/ to view Isaiah Langer’s email.

2) Sign in as isaiah.langer@<Tenant>.onmicrosoft.com. The password is “M1crosoft123”

3) Open the email from Microsoft Azure AD Notification Service for Activating Global Administrator access, as shown in Figure 22.

PIM Notification

Figure 22: PIM Notification Email

4) Click on the Azure Portal link in the email.

5) In the Azure Portal, click All Services > then search for priv and select Azure AD Privileged Identity Management.

6) Click My roles.

7) Click Global Administrator.

8) Click Verify your identity before proceeding.

9) Click Verify my identity.

10) Respond to the phone verification.

11) You will be returned to the Global Administrator Role Activation Details blade. If not, follow these steps:

  • In the left navigation, click All Services, and then select Azure AD Privileged Identity Management.
  • Click My roles.
  • Click Global Administrator.

12) In the top navigation, click Activate.

In the Reason for role activation text box, type User administration.

14) Click OK.

15) On the Global Administrator blade, look at the Expiration field – it will be +4 hours from activation time.

16) Verify this change, click Azure Active Directory >Users and groups > All users > Isaiah Langer > Directory role, Isaiah is now a Global Administrator and no longer a user.

17) In the left navigation, click All Services, and then select Azure AD Privileged Identity Management.

18) Click on Azure AD Directory Roles.

19) Under ACTIVITY, click Directory Roles Audit History.

20) Note the business justification entered above (User administration), which is displayed in the Reasoning column.

21) Close all browsers

About engsoon

Eng Soon is a 4-time Microsoft MVP and has nearly 5 years of experience building enterprise system in the cloud.He is also a Certified Microsoft Azure.Eng Soon also have strong technical skills and analytic skill. As a developer, Besides the development task, he also involved in Project Management, Consulting, and Marketing. He has a passion for technology and sharing what he learns with others to help enable them to learn faster and be more productive. He also took part as speaker in many nationwide technical events, such as Conference, Meetup and Workshop. Currently, looking for opportunity in Cyber Security which include Cloud Security and Application Security.

View all posts by engsoon →

Leave a Reply

Your email address will not be published. Required fields are marked *