How can you add the Service Principal to the Exchange Administrator role when you have PIM enabled? I don't see the SP in the list of users when searching for it.
Hello, thanks for your question. Service principals aren't currently supported for PIM. You can read more here: github.com/MicrosoftDocs/azure-docs/issues/49166
@@quadrotech5336 PIM allows permanent role assignment. A colleague of me pointed me today to docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/roles-groups-concept Adding an SP to a cloud group and assign the cloud group permanent PIM Exchange rights may solve the problem. I am going to investigate this further.
hi, can we access multi tenant wide?
Thank you. Works!
You're welcome!
How can you add the Service Principal to the Exchange Administrator role when you have PIM enabled? I don't see the SP in the list of users when searching for it.
Hello, thanks for your question. Service principals aren't currently supported for PIM. You can read more here: github.com/MicrosoftDocs/azure-docs/issues/49166
@@quadrotech5336 So that means that you can have either PIM or CBA but not both?
@@ildjarnisdead Yes. The whole idea of using CBA is to do things automatically, while PIM adds a "manual" approval. Hope that helps!
@@quadrotech5336 PIM allows permanent role assignment.
A colleague of me pointed me today to docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/roles-groups-concept
Adding an SP to a cloud group and assign the cloud group permanent PIM Exchange rights may solve the problem. I am going to investigate this further.