Preparing exam SC – 300 – Identity and Access Administrator – Configure tenant-wide setting – Study material – Part 4

Hi All,

Greetings for the day 🙂 LIFE IS BEAUTIFUL 🙂

As I am preparing for the exam SC – 300, I am keep sharing the study material 🙂

if still didn’t got a chance to went through last three related articles please have a look once. I am trying to keep as simple as possible 🙂

•  Preparing exam SC – 300 – Identity and Access Administrator – Associate Configure and manage Azure Active Directory roles – Study material – Part 1
•  Preparing exam SC – 300 – Identity and Access Administrator – Associate Configure and manage custom Azure Active Directory roles – Study material – Part 2 
• Preparing exam SC – 300 – Identity and Access Administrator – Configure and manage custom domains – Study material – Part 3

In this article we will proceed further and will discuss few default settings/permissions, bit about security defaults and tenant level settings

In Azure AD we have for every user there are some default permissions . These default permissions can be changed only from user settings.

The set of default permission depends on whether user is native user / member user means user within organization or guest user. Guest user means user from other directory or other tenant

Member users default permissions:

• Can register applications
• Manage their own profile – managing profile photo, mobile number, change the password
• Can invite guests

Guest user default permissions:

• Can manage own profile – change the password
• Can retrieve some information about users, groups and apps
• Can not enumerate list of all users, groups and other objects
• Can invite other guests
• Can be assigned to other roles to guest users like Global Administrator

Managing Security Defaults: How to enable security defaults and what are security defaults, I’ll explain in detail in next article

• Requiring all users to register for Azure AD Multi-Factor Authentication.
• Requiring administrators to perform multi-factor authentication.
• Blocking legacy authentication protocols.
• Requiring users to perform multi-factor authentication when necessary.
• Protecting privileged activities like access to the Azure portal.

Tenant wide properties:

• We will have tenant wide properties which Global Administrator have rights to update / Views like
  • Tenant display name – Editable
  • View the Country and Region associated with our Tenant
  • View the Location associated with our Tenant
  • View / Edit Notification Language
  • View the Tenant ID
  • View / Change the Technical contact, add your privacy info, Global privacy contact, and Privacy statement URL

Navigate to Tenant level properties :

• Navigate to Azure Active Directory admin center – https://aad.portal.azure.com/ as

• From left side pane / blade click on “Azure Active Directory“
• We will be navigating to “Azure Active Directory overview page“

• As shown in above fig or from Azure Active Directory overview page, from left side pane please click on “Properties”
• We will be navigating to “Azure Active Directory” properties page as shown in below fig

• On Azure Active Directory properties page we have properties – some of them are editable or some can be viewed only as shown in above fig

I’ll stop here for this article 🙂

Next Article : In next article we will discuss about Security Defaults

Thanks for reading 🙂 If its worth at least reading once, kindly please like and share 🙂 SHARING IS CARING 🙂

Share In Teams:

Enjoy the beautiful life 🙂 Have a FUN 🙂 HAVE A SAFE LIFE 🙂 TAKE CARE 🙂