- Mastering Identity and Access Management with Microsoft Azure
- Jochen Nickel
- 108字
- 2021-07-02 12:57:17
Scoping administrative roles
In the next step, we assign the user account administrator role. Verify available roles with the following cmdlet:
Get-AzureADDirectoryRoleTemplate
Now, we enable the user account administrator role with the following cmdlet:
Enable-AzureADDirectoryRole -RoleTemplateId fe930be7-5e62-47db-91af-98c3a49a38b1
Set variables and assign the user to the role:
$admins = Get-AzureADDirectoryRole
foreach($i in $admins) {
if($i.DisplayName -eq "User Account Administrator") {
$uaAdmin = $i
}
}
$HRUA = Get-AzureADUser -Filter "UserPrincipalName eq 'Don.Hall@$InitialDomain'"
$uaRoleMemberInfo = New-Object -TypeName Microsoft.Open.AzureAD.Model.RoleMemberInfo -Property @{ ObjectId = $HRUA.ObjectId }
Add-AzureADScopedRoleMembership -RoleObjectId $uaAdmin.ObjectId -ObjectId $HRAU.ObjectId -RoleMemberInfo $uaRoleMemberInfo
The output of the preceding command is as follows:
User Account Administrator assignment
Next, we will test our configuration.
推薦閱讀
- Mobile Forensics Cookbook
- 數字身份與元宇宙信任治理
- Learning Python for Forensics
- 可信計算3.0工程初步
- 網絡安全應急管理與技術實踐
- Web安全與攻防入門很輕松(實戰超值版)
- 網絡安全技術及應用(第3版)
- Learning Veeam? Backup & Replication for VMware vSphere
- 數字化轉型浪潮下的數據安全最佳實踐指南
- 硬黑客:智能硬件生死之戰
- 數據要素安全:新技術、新安全激活新質生產力
- 網絡安全態勢感知
- 持續集成:軟件質量改進和風險降低之道
- CTF快速上手:PicoCTF真題解析(Web篇)
- 華為Anti-DDoS技術漫談