Configure Privileged Identity Management
Privileged Identify Management (Zero Trust policy) lets you grant access for operators to access Live Platform portal according to time periods. Once the time period has expired, the operator login permissions are revoked. For example, external contractor access to customer sites for scheduled contractual period. This prevents unauthorized access once the contractual period has expired.
For more information, see Privileged Identity Management.
| ➢ | Do the following: |
| 1. | Login to the Azure portal of the customer tenant with Global Admin permissions (https://portal.azure.com/#home). |
| 2. | Add a new group for Live Platform operators. |
| 3. | Select the group and then in the Navigation pane select Privileged Identity Management. |
| 4. | Click Add assignments. |
| 5. | From the Select role drop-down list, select Member role. |
| 6. | Add the desired operator to authorize privileged access and then click Next. |
| 7. | Set the date ranges for which you wish to grant access to the customer operator and then click Assign. |
The new assignment is added.
| 8. | Navigate to the Enterprise Application for the relevant server of the Live Platform portal and then in the Navigation pane, select Users sand groups. |
| 9. | Click add user/group. |
| 10. | Add the user group that you defined above. |
| 11. | Assign the group 'Operator' permissions. |
| 12. | Click Assign. The new group is assigned. |
| 13. | Select the group. |
| 14. | Add members to the group. |
| 15. | Return to the Home screen for the tenant and then in the search box, type 'Microsoft Entra Privileged Identity Management'. |
| 16. | In the Navigation pane, select My roles. |
| 17. | In the Navigation pane, select Groups. |
| 18. | Select the Live Platform operators group and then click Activate. |
| 19. | Click Activate again. |
The activation process commences.
The PIM is activated (note 'Deactivate' is shown in the Action column).
