On August 13th 2020, Alex Simons (Microsoft Identity PM) announced that assigning groups to Azure AD roles in now in public preview. This feature is one of the most requested features to be found in the Azure AD feedback forum. I have been following this feature request for a while now, and up until recently…
Tag: RBAC
Implementing RBAC and Scoping in Microsoft Intune
When you create an Intune tenant within your environment, you execute the creation with an account which is Global Administrator within Azure Active Directory. And in my work as an indendent consultant I see a lot of companies which keep using the account with Global Administator rights to manage their Microsoft Intune environment as well….
SCSM 2012: Failed to execute Submit Operation, event id 26319
At a customer of mine a issue with Incident Requests in System Center 2012 R2 Service Manager was reported. Some users reported that they received the error:”Failed to execute Submit operation. Fix the reported error before… – The user <domain>\<accountname> does not have sufficient permission to perform the operation. Full error in the console was:
Implementing RBAC in System Center 2012 R2 Service Manager
This blogpost will detail my experiences and insights gained from implementing Role Based Access Control (RBAC) in a System Center 2012 R2 Service Manager environment. Overview: After installing Service Manager a couple of so called User Roles are created: Report User End User Read-Only Operator Activity Implementer Change Initiator Incident Resolver Problem Analyst Change Manager…
Role Based Access Control in ConfigMgr 2012: Part 4 Outcome
In the first part of this series I outlined what Microsoft changed in ConfigMgr 2012 in order to introduce Role Based Access Control. In the second part I outlined a possible scenario and started building the scenario. In the third part we mapped the business roles to the ConfigMgr roles and configured them in the…
Role Based Access Control in ConfigMgr 2012: Part 3 Mapping OpCo roles to ConfigMgr roles
In the first part of this series I outlined what Microsoft changed in ConfigMgr 2012 in order to introduce Role Based Access Control. In the second part I outlined a possible scenario and started building the scenario up to the point where the OpCo roles will be mapped to the ConfigMgr roles, this post will…
Role Based Access Control in ConfigMgr 2012: Part 2 Scenario
In the previous post I introduced Role Based Access Control in ConfigMgr 2012 as the new way to delegate administrative access to a ConfigMgr hierarchy. In this post I’m going to walk you through a scenario and show you how we can delegate the access in order to meet the requirements. The Scenario: The Customer…
Role Based Access Control in ConfigMgr 2012: Part 1 – Introduction
One of the reasons to install multiple primary sites in a System Center Configuration Manager 2007 hierarchy often was due to the fact that Administrative access had to be separated between different departments within a company. Within large companies mostly a Central Primary Site would be installed, not servicing any clients, and under that Central…