Office 365 roles deployed in organizations ensure that the users have access to the resources according to the assigned roles at all times. Managing the Office 365 roles assigned to licensed users includes assigning appropriate roles to new users and modifying the roles assigned to existing users.
Applying the Office 365 Roles Management policy to a container enables the administrator to manage the Office 365 roles assignment for all the Azure AD users in that container. This ensures that all Azure AD users get the required privileges and access to all the relevant resources assigned as per the roles included immediately upon creation.
When configuring a policy of this category, you can specify the roles that can be assigned to the Azure AD user.
When Azure users are created in Active Directory, Active Roles enables you to assign the required Office 365 roles. The Office 365 Roles Management policy can be configured to assign the required Office 365 roles to new users, select the individual roles while assigning to the users, and configure conditions to assign roles to only the users who satisfy the required conditions. Active Roles relies on this policy to perform the Office 365 roles management automatically when an Azure AD user is created or modified.
On the Policy Conditions page, you can set up policy conditions—criteria the policy uses to determine what objects can be controlled by the policy. If you specify no conditions, the policy affects any objects of the type you have selected on the previous page. Otherwise, it only affects the objects matching the conditions you specify using this page.
To configure a condition, click Add on the Policy Conditions page. This displays the Set Up Condition dialog box.
Figure 72: Set Up Condition page
In the Set Up Condition dialog box you can configure a condition which includes an object property (for example, City or Department), a requirement (for example, equals or begins with) and a value.
Click Property to display the Select Object Property dialog box where you can select the object property you want to include in the condition.
From the Operation list, select the requirement you want to apply to the selected property.
Click Configure Value, to compose the value for which you want to apply the selected requirement. The Configure Value dialog box is displayed, which enables you to set up the value.
To specify multiple conditions, click AND or OR to combine the conditions.
Click OK to save and close the Set Up Condition dialog box.
On the Policy Conditions page, select the required licenses from the Office 365 roles list and click Next. The Enforce Policy Page is displayed.
Figure 73: Enforce Policy page
On the Enforce Policy page, click Add to and use the Select Objects option to locate and select the objects on which you want to enforce the policy.
Click Next and then click Finish.
To configure an Office 365 Roles Management policy
The Enforce Policy dialog box, which enables you to specify the containers to which this policy object is to be applied is displayed.
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback 이용 약관 개인정보 보호정책