Search

Azure Active Directory Global Reader role

Microsoft introduced a new Azure AD built-in role called Global Reader. Global reader is the read-only counterpart to Global admin. Users in this role can read all settings and administrative information across Microsoft 365 services, but cannot edit anything. Please note that Global Reader is not supported in SharePoint Admin Center, Privileged Access Management (PAM), customer lockbox requests in M365 Admin Center and sensitivity labels in Security & Compliance Center


I found this role more suitable for someone who wants to audit your tenant and generate a quick report or some wants to review the logs or policies....... Except the sharepoint stufff...


Here is a quick sneak peak of what we can do in reality with this role.






Microsoft 365 compliance View










175 views

©2019 by Safeer Khan. Proudly created with Wix.com