Microsoft Entra Admin Units: New Features!!

von HubSite 365 über Peter Rising [MVP]

Microsoft MVP | Author | Speaker | YouTuber

AdministratorMicrosoft EntraLearning SelectionM365 Admin

Microsoft Entra is big news at the moment and in this video we take a look at one of the brand new features of Administrative Units, specifically

Microsoft Entra, currently a popular topic, has released new features related to Administrative Units, particularly the Restricted Management Administrative Units. This update includes:

A detailed review of Administrative Units
A look at the Restricted Management Administrative Units
Additional pertinent insights

Users can further understand these changes by exploring the following resources:

Administrative units in Microsoft Entra: Click Here
Restricted Management: Click Here
Introducing Restricted Management Administrative Units in Microsoft Entra: Click Here

Administrative Units are resources that can contain other Azure AD resources such as users, groups, or devices. groups, or devices. They are used to define scopes within an organization and restrict permissions accordingly. This is particularly useful for larger organizations with independent divisions, enabling the delegation of certain roles to regional or division-specific support specialists.

Key Features Users can be members of multiple Administrative Units. Administrative Units can't be nested. Currently, Administrative Units are not available in Azure AD Identity Governance.

Use Cases Consider a large university with many independent schools, each managed by its own IT team. A central administrator could create an Administrative Unit for each school, populate it with the school's students and staff, create a role with administrative permissions over that unit, and assign the school's IT team to that role.

Constraints Adding a group to an Administrative Unit only allows management of the group itself, not its members. To manage user properties or authentication methods, the users must be added directly to the Administrative Unit.

Licensing Use of Administrative Units requires an Azure AD Premium P1 license for each administrator and an Azure AD Free license for each member. Dynamic membership rules require a Premium P1 license for each member.

Management Administrative Units can be managed via the Azure portal, PowerShell cmdlets and scripts, or Microsoft Graph API. This includes creating or deleting units, adding users, groups, or devices to a unit, and assigning roles with unit scope.

Planning and Implementation The creation of Administrative Units usually goes through three stages: initial adoption, pruning, and stabilization. The unique requirements of an organization guide the criteria for creating Administrative Units.

Currently Supported Scenarios A Global Administrator or a Privileged Role Administrator can create Administrative Units, add members, manage users or devices with dynamic membership rules (preview), and assign IT staff to unit-scoped administrator roles using the Azure portal. Administrative unit-scoped admins can manage users in their units using the Microsoft 365 admin center, PowerShell, or Microsoft Graph. Note that Administrative Units only apply to management permissions, not user permissions.

A Deeper Look at Microsoft Entra's New Administrative Units

The latest features of Microsoft Entra provide an improved user experience. Considerably, the Restricted Management Administrative Units offer enhanced control and security. It is through these updates that Microsoft shows its commitment to constantly refining and improving its offerings to meet user's changing needs. The provision of resources assists users in understanding these modifications better, aiding the seamless incorporation of these changes.

Learn about Microsoft Entra Admin Units: New Features!!

Microsoft Entra is a new and exciting feature in Microsoft Admin Units. It provides businesses with greater control and protection over their data and resources within their organization. The Restricted Management Administrative Units allows for a more secure way to manage data and resources. It provides the ability to restrict access to certain areas while still allowing users to access the resources they need. Furthermore, it also provides more granular control over who has access to certain resources. Other features of Administrative Units include: Administrative Units recap, Restricted Management Administrative Units, and more. Useful resources to learn more about Administrative Units and Restricted Management Administrative Units are available on the Microsoft Learn website:

Microsoft Entra Admin Units provides businesses with greater control and security over their data and resources. It allows users to restrict access to certain areas while still allowing them to access the resources they need. It also provides more granular control over who has access to certain resources. Additionally, it provides Administrative Units recap, Restricted Management Administrative Units, and more. Businesses can access useful resources to learn more about Administrative Units and Restricted Management Administrative Units on the Microsoft Learn and Microsoft Tech Community websites.

Keywords

Microsoft Entra, Microsoft Entra Admin Units, Restricted Management Administrative Units, MSENTRA, ENTRA, ENTRAID, SSE, SASE, SECURITY, AZUREAD, AZUERACTIVEDIRECTORY, MICROSOFT365, M365

zurück zu Home gehe zu Nachrichten

Facebook Instagram X LinkedIn

NetForce 365 GmbH
Bobinethöfe 54
54294 Trier
+49 651 49364480
info@netforce365.com

HubSite 365 Apps

Microsoft Entra Admin Units: New Features!!

Microsoft Entra is big news at the moment and in this video we take a look at one of the brand new features of Administrative Units, specifically

A Deeper Look at Microsoft Entra's New Administrative Units

Learn about Microsoft Entra Admin Units: New Features!!

More links on about Microsoft Entra Admin Units: New Features!!

Keywords