Last updated on 9. October 2022
Okay in the first part we configured PIM so that your test user can ask for Global Admin permission. The configuration was configured so, that a specific user hsa to accept the request.
At first our test user start a web browser ans navigates to https://portal.azure.com. If the login was successful we search for pim and choose “Azure AD Privileged Identity Management”:
On the left side we choose “My roles”:
On this page we can see all possible roles we can ask for. You also can see the active assignments. But for now we click on “Activate” for our eligible Global Admin assignment:
On the right side opens a window. There you enter why you want to get the permission, how long and if you want when do you need it:
If you clicked on “Activate” we get a message that the request is pending:
So we switch to the user that was assigned the reviewer role and check for our mails:
If we click on the button in the mail we get to the correct site, where we can “Approve” or “Deny” the request. We mark the entry and click on “Approve”:
We have to enter why we think the user needs this permission:
After the admin permitted our request we can see on our user portal, that this assignment is active.
Please be aware, that you need at least two Azure AD Premium P2 licenses for each user in this scenario. One for the requester and one for the reviewer.
[…] PIM user process […]