Voltar para roles
Role actions3·Control Plane1·Management Plane2·User Access0·Não classificadas0·CategoriaIdentity·EAM TierControl Plane

Domain Name Administrator

Privilegiada
Control PlaneIdentity3 role actions
Template ID
8329153b-31d0-4727-b945-745eb3bc5f31
Categoria
Identity
EAM Tier
Control Plane (Tier 0)
Enterprise Access Model: Control Plane

Controle total do tenant. Comprometimento leva a takeover completo. Isole de planos inferiores.

Descrição

For on-premises environments, users can configure domain names for federation so that associated users are always authenticated on-premises (these users can then sign into Microsoft Entra based services with their on-premises passwords v...

Permissões completas

Todas as 3 role actions desta role, classificadas por tier do EAM.

Role ActionCategoriaTier
microsoft.directory/domains/allProperties/allTasks
Tenant ManagementTier 0
microsoft.office365.supportTickets/allEntities/allTasks
Microsoft 365 Support OperationsTier 1
microsoft.office365.webPortal/allEntities/standard/read
Microsoft 365 Support OperationsTier 1

3 de 3 role actions

PowerShell

Get-MgRoleManagementDirectoryRoleDefinition `
  -UnifiedRoleDefinitionId "8329153b-31d0-4727-b945-745eb3bc5f31"

Microsoft Graph

GET https://graph.microsoft.com/v1.0/
  roleManagement/directory/
  roleDefinitions/8329153b-31d0-4727-b945-745eb3bc5f31
Ver documentação oficial na Microsoft Learn

Roles relacionadas

Agent ID Administrator
Tier 0Identity
Agent ID Developer
Tier 0Identity
Agent Registry Administrator
Tier 0Identity
Directory Synchronization Accounts
Tier 0Identity
Directory Writers
Tier 0Identity