Azure AD – New Azure AD built-in roles introduced – Authentication policy administrator and Domain name administrator

Hi All,

Greetings for the day 🙂 LIFE IS BEAUTIFUL 🙂

Going through the Message center from Microsoft 365 admin center. And one news catch my attention – “New Azure AD built-in roles to reduce Global administrator dependency“

This news is really important feature added so thought to share 🙂

News – New Azure AD built-in roles to reduce Global administrator dependency

Details : Two following new Azure AD built-in roles are introduced. These roles are basically introduce to reduce the number of Global administrator roles or to reduce the work load of Global Administrator

• Authentication policy administrator
  • This role is for configuring authentication method policies, configuring tenant-wide multi-factor authentication settings and the password protection policy

• Domain name administrator
  • This role is basically for managing domain names – read, add, verify update and delete.
  • Users with this role can also read directory information about users, groups and applications

Since Global Administrator role is very powerful and security wise also its very important role, Microsoft suggest to have less than 5 global administrator roles.

Thanks for reading 🙂 Feel free to discuss / comment / questions 🙂 SHARING IS CARING 🙂

Share In Teams:

Enjoy the beautiful life 🙂 Have a FUN 🙂 HAVE A SAFE LIFE 🙂 TAKE CARE 🙂