How to create custom roles with specific permissions in Azure AD

Creating Custom Roles with Specific Permissions in Azure AD

Entra IDCreating custom roles with specific permissions in Azure Active Directory (Azure AD) can be a useful way to grant users the exact level of access they need, without giving them unnecessary privileges. Here’s a step-by-step guide on how to do it:

 

Step 1: Understand Azure AD Roles and Permissions

Azure AD has a set of built-in roles, such as Global Administrator, User Administrator, and Security Administrator. These roles have predefined permissions that you can assign to users. However, if the built-in roles don’t meet your specific needs, you can create custom roles. Continue reading

Posted in Entra ID (Azure) | Leave a comment

What are the key benefits of using DKIM, DMARC, and SPF together

Using DKIM, DMARC, and SPF together provides several key benefits for email security:

 

 

 

  1. Prevents email spoofing: SPF checks the IP address of the sending mail server against a list of authorized IP addresses to verify the sender’s identity and prevent spoofing. DKIM adds a digital signature to the email headers that can be verified by the recipient’s mail server. Continue reading
Posted in Generally | Leave a comment

How do DKIM, DMARC, and SPF work together to secure email

DKIM, DMARC, and SPFDKIM, DMARC, and SPF work together to provide a comprehensive email authentication and security framework:

 

 

 

  1. Sender Policy Framework (SPF):
      • SPF is an email authentication protocol that allows the owner of a domain to specify which mail servers are authorized to send email on behalf of that domain.
      • SPF checks the IP address of the sending mail server against a list of authorized IP addresses published in the domain’s DNS records.
      • SPF helps prevent email spoofing by verifying the sender’s identity.

    Continue reading

Posted in Generally | Leave a comment

How can I automate the revocation of privileged roles in Azure AD

entra-idHere are the key steps to automate the revocation of privileged roles in Azure AD:

 

 

 

  1. Use Azure AD Privileged Identity Management (PIM): PIM provides the ability to create access reviews for Azure AD roles. This allows you to regularly review privileged access and automatically revoke unnecessary permissions.
    Continue reading
Posted in Entra ID (Azure) | Leave a comment

How can I automate the reporting of Azure AD role assignments

entra-idHere are a few ways to automate the reporting of Azure AD role assignments:

 

 

 

  1. Use PowerShell scripts:
    The Get-AzRoleAssignmentReport.ps1 script fetches role assignments and compiles them into a comprehensive report sent via email.
    It requires the managed identity used by the script to have the “Directory Readers” Continue reading
Posted in Entra ID (Azure) | Leave a comment