Differences

This shows you the differences between two versions of the page.

--- azure:az-500:alt:privileged_identity_management [2023/02/01 00:06] – mmuze
+++ azure:az-500:alt:privileged_identity_management [2023/02/03 15:39] (current) – [Privileged Identity Management] mmuze
@@ Line 14: / Line 14: @@
   * PIM requires a P2 license for Azure AD tenant for all users that use PIM features, except for Global Administrator users (they are exempt from licensing requirement).
   * To initially setup PIM a Global Admin needs to click the //Consent to PIM// option in the portal.
+  * To configure PIM for a user requires the Global Admin role.
   * The activation period can be between 0.5 and 24 hours. Specifies the duration the role can active.
@@ Line 25: / Line 26: @@
   * If a user's assignment type is **Active** then they are not subjected to PIM requirements (e.g. MFA) since they are already assigned the permission.
   * If a user is both **eligible** and **active** they cannot activate the a role because it is already active for them.
+====== Alerts ======
+These are alerts PIM can generate.
+  * Roles don't require multi-factor authentication for activation
+  * Eligible administrators aren't activating their privileged role
+  * Potential stale accounts in a privileged role