As an IT admin, there are certain tasks and process that happen almost daily. We’re using customer feedback to identify those common tasks and make them easier and faster to perform with repeatable r...
Updated May 06, 2021
Version 2.0
Blog Post
I would agree with Matt G, there seems to be a disconnect at Microsoft as to how we would like to have separation of duties or principal of least privilege. I also fought with Microsoft about having to make some of my personnel Global admins when all I wanted them to actually do is the MDM solution. Problem is, once that person has to do something across application lines (i.e. Exchange, Free MDM, OneDrive, …) they all of a sudden need to have GA permissions. I also tried only checking the boxes I wanted them to have and they could not get down through the menu system to what they needed to do unless I gave them GA permissions. Not a very secure security system as I see it. How exactly are we supposed to secure our systems from insiders if we have to give them all permissions to everything?
