none
Need help in generating alerts whenever there is role assignment RRS feed

  • Question

  • Hi,

    I am looking for an alert rule which will trigger whener there is any role assignment in my environment for .e.g if somebody has assigned Global ADmin role i should recieve alert with the details.

    JUST FYI:

    I have tried to create with the monitoring alerts i am recieving email but there is no specification that what is the reason behind that email like it is not showing that somebody has assigned GA role or anything.

    I was unable to find alert rule in PIM as well, if you are suggesting any answer kindly request you to share the rule what to select, as my description is simple need alert via email whenever there is any role assignment in my tenant with some description


    Tuesday, July 9, 2019 12:57 PM

Answers

  • If you have PIM, you will receive such alerts automatically, no need to configure anything. They look something like this:

          
       

    The User Administrator role for the     tenant.onmicrosoft.com directory was assigned outside of PIM

       

    Always     use Azure Active Directory (Azure AD) Privileged Identity Management (PIM)     to manage your privileged directory roles.

              
       

    Assignment details:

                                                                                                                    
         

    Settings

         
         

    Value

         
         

    User:

         
         

    user@tenant.onmicrosoft.com

         
         

    Role:

         
         

    User Administrator

         
         

    Assigner:

         
         

    user@domain.com

         
         

    Detected on:

         
         

    June 26, 2019 8:12 UTC

         
       

    Other than that, if you are using Office 365 or MCAS, you can configure an activity alert.

    Tuesday, July 9, 2019 7:04 PM
  • You would have to enable the setting as per the screenshot below if you want notifications whenever a role is activated in side your organization.

    


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    • Marked as answer by Anshika123 Wednesday, September 25, 2019 2:06 AM
    Thursday, September 19, 2019 6:19 AM
    Moderator

All replies

  • If you have PIM, you will receive such alerts automatically, no need to configure anything. They look something like this:

          
       

    The User Administrator role for the     tenant.onmicrosoft.com directory was assigned outside of PIM

       

    Always     use Azure Active Directory (Azure AD) Privileged Identity Management (PIM)     to manage your privileged directory roles.

              
       

    Assignment details:

                                                                                                                    
         

    Settings

         
         

    Value

         
         

    User:

         
         

    user@tenant.onmicrosoft.com

         
         

    Role:

         
         

    User Administrator

         
         

    Assigner:

         
         

    user@domain.com

         
         

    Detected on:

         
         

    June 26, 2019 8:12 UTC

         
       

    Other than that, if you are using Office 365 or MCAS, you can configure an activity alert.

    Tuesday, July 9, 2019 7:04 PM
  • Hi, 

    Thanks alot guys it worked.

    Can you please let me know how to do settings for a person who can receive email and where i can check that settings to configure email or any contact number where this alert will go as of now the admin account from which we are enabling is getting notified


    • Edited by Anshika123 Wednesday, July 10, 2019 3:21 PM
    Wednesday, July 10, 2019 3:08 PM
  • On enabling PIM in production  there will be no charges on subscription, only we need to enable licenses.

    Wednesday, July 10, 2019 3:37 PM
  • If you already have the necessary licenses to use PIM, there are no additional charges. This article explains who receives the notifications: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-email-notifications
    Wednesday, July 10, 2019 6:54 PM
  • Do we get these kinds of alerts for assignment inside PIM also , as i am getting weekly digest email but when i am elevating i am not getting PIM notification.

    Is the PIM notification is for outside PIM assignment role

    Wednesday, September 18, 2019 3:09 PM
  • OR is it like that notification will come when there is a role assignment as permanent but not for the assignment of eligible user getting GA role
    Wednesday, September 18, 2019 3:21 PM
  • You would have to enable the setting as per the screenshot below if you want notifications whenever a role is activated in side your organization.

    


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    • Marked as answer by Anshika123 Wednesday, September 25, 2019 2:06 AM
    Thursday, September 19, 2019 6:19 AM
    Moderator