Activate My Azure Active Directory (Azure AD) Roles In Privileged Identity Management (PIM)

 

Azure Active Directory (Azure AD) Privileged Identity Management (PIM) streamlines how enterprises oversee privileged access to assets in Azure AD and other Microsoft online administrations, like Office 365 or Microsoft Intune. If you have been made eligible for an administrative role, that means you can activate that role when you must perform privileged actions. This article is for administrators who need to activate their Azure AD role in PIM.

 

 

Sign in to the Azure portal.

 

Open Azure AD Privileged Identity Management.

 

 

After that, click Azure AD roles and then click "My roles".

 

 

Click "My roles" to see a list of your eligible Azure AD roles.

 

 

Then, find a role that you want to activate.

 

 

Click "Activate" to open the "Role activation details" pane.

 

 

Open the Security Operator Role. Then, click the "Activate" button. This role doesn’t ask/require multi-factor authentication (MFA).

 

 

 

Open the "Skype for Business Administrator" Role.

 

If your role requires multi-factor authentication (MFA), click "Verify my identity" before proceeding. You only must authenticate once per session.

 

 

Click "Verify my identity" and follow the instructions to provide additional security verification.

 

 

After the security verification, click on "Verify".

 

 

Click "Activate" to open the Activation pane. If you need, click a custom activation start time and fill it.

 

Click the "Activate" button.

 

 

When you click "Activate", the status will be changed to "processing…".

 

 

Once all the stages are complete, click the "Sign out" link to sign out of the Azure portal. When you sign back into the portal, you can now use the role.

 

 

If the role requires approval to activate, a notification will display.

 

 

After that, just view the change in My role.

 

 

 

Open Azure AD Privileged Identity Management.

 

Click Azure AD roles.

 

Click My requests to see a list of your requests.

 

 

 

Open Azure AD Privileged Identity Management. Click "Azure AD roles".

 

Click "My roles". Click "Active roles" to see your list of active roles.

 

Find the role you're done using and then click "Deactivate".

 

 

Open Azure AD Privileged Identity Management.

 

Click Azure AD roles.

 

Click My requests.

 

For the role that you want to cancel, click the Cancel button.

 

 

When you click Cancel, the request will be canceled. To activate the role again, you will have to submit a new request for activation.

 

 

In this article, we learned how to activate my Azure Active Directory roles in Privileged Identity Management.  In my next article, I will cover a new Azure AD concept in this series.