Preparing exam SC – 300 – Identity and Access Administrator – Configure tenant-wide setting – Study material – Part 4
Greetings for the day 🙂 LIFE IS BEAUTIFUL 🙂
As I am preparing for the exam SC – 300, I am keep sharing the study material 🙂
if still didn’t got a chance to went through last three related articles please have a look once. I am trying to keep as simple as possible 🙂
- Preparing exam SC – 300 – Identity and Access Administrator – Associate Configure and manage Azure Active Directory roles – Study material – Part 1
- Preparing exam SC – 300 – Identity and Access Administrator – Associate Configure and manage custom Azure Active Directory roles – Study material – Part 2
- Preparing exam SC – 300 – Identity and Access Administrator – Configure and manage custom domains – Study material – Part 3
In this article we will proceed further and will discuss few default settings/permissions, bit about security defaults and tenant level settings
In Azure AD we have for every user there are some default permissions . These default permissions can be changed only from user settings.
The set of default permission depends on whether user is native user / member user means user within organization or guest user. Guest user means user from other directory or other tenant
Member users default permissions:
- Can register applications
- Manage their own profile – managing profile photo, mobile number, change the password
- Can invite guests
Guest user default permissions:
- Can manage own profile – change the password
- Can retrieve some information about users, groups and apps
- Can not enumerate list of all users, groups and other objects
- Can invite other guests
- Can be assigned to other roles to guest users like Global Administrator
Managing Security Defaults: How to enable security defaults and what are security defaults, I’ll explain in detail in next article
- Requiring all users to register for Azure AD Multi-Factor Authentication.
- Requiring administrators to perform multi-factor authentication.
- Blocking legacy authentication protocols.
- Requiring users to perform multi-factor authentication when necessary.
- Protecting privileged activities like access to the Azure portal.
Tenant wide properties:
- We will have tenant wide properties which Global Administrator have rights to update / Views like
- Tenant display name – Editable
- View the Country and Region associated with our Tenant
- View the Location associated with our Tenant
- View / Edit Notification Language
- View the Tenant ID
- View / Change the Technical contact, add your privacy info, Global privacy contact, and Privacy statement URL
Navigate to Tenant level properties :
- Navigate to Azure Active Directory admin center – https://aad.portal.azure.com/ as
- From left side pane / blade click on “Azure Active Directory“
- We will be navigating to “Azure Active Directory overview page“
- As shown in above fig or from Azure Active Directory overview page, from left side pane please click on “Properties”
- We will be navigating to “Azure Active Directory” properties page as shown in below fig
- On Azure Active Directory properties page we have properties – some of them are editable or some can be viewed only as shown in above fig
I’ll stop here for this article 🙂
Next Article : In next article we will discuss about Security Defaults
Thanks for reading 🙂 If its worth at least reading once, kindly please like and share 🙂 SHARING IS CARING 🙂Share In Teams:
Enjoy the beautiful life 🙂 Have a FUN 🙂 HAVE A SAFE LIFE 🙂 TAKE CARE 🙂