Delegation and Least Privilege in Entra ID, Part 2

May 13, 2024
1 min read

In part 1 of this series, I talked about the main concepts of least privilege in Entra ID. The concepts include administrative units and roles and scopes and comparing them with Active Directory On Premise elements like OU and ACL. If you have not yet watched my series, “Designing a Delegation Model in Active Directory”, make sure to do it (click here) because eventually, by the end of this video, you can mimic the same approach in Entra ID.

In this video I use the main concepts that I discussed to implement a delegation model in Entra ID. This implementation includes Dynamic Groups, Dynamic Administrative Units, Custom Roles and putting them all together to create the model.

Mahdi Tehrani

Mahdi Tehrani

Mahdi Tehrani has been involved with Active Directory and Azure AD for about 10 years. He works as an IAM consultant for “iC Consult” and his fields of expertise are around anything Active Directory, PowerShell, Azure AD and identity solutions including Quest One Identity.