add New AAD Roles to the existing AAD Roles #34
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@AlexFilipin change order for better review and remove unnecessary blanks |
szymonbr
reviewed
Apr 18, 2023
There was a problem hiding this comment.
Compared the IDs of new roles here against result of Get-MgDirectoryRoleTemplate -All cmdlet and it looks to be complete.
DisplayName Id
----------- --
Tenant Creator 112ca1a2-15ad-4102-995e-45b0bc479a6a
Microsoft Hardware Warranty Administrator 1501b917-7653-4ff9-a4b5-203eaf33784f
Authentication Extensibility Administrator 25a516ed-2fa0-40ea-a2d0-12923a21473a
Insights Analyst 25df335f-86eb-4119-b717-0ff02de207e9
User Experience Success Manager 27460883-1df1-4691-b032-3b79643e5e63
Microsoft Hardware Warranty Specialist 281fe777-fb20-4fbb-b7a3-ccebce5b0d96
Organizational Messages Writer 507f53e4-4e52-4077-abd3-d2e1558b6ea2
Lifecycle Workflows Administrator 59d46f88-662b-457b-bceb-5c3809e5908f
Yammer Administrator 810a2642-a034-447f-a5e8-41beaa378541
Viva Goals Administrator 92b086b3-e367-4ef2-b869-1de128fb986e
Permissions Management Administrator af78dc32-cf4d-46f9-ba4e-4428526346b5
Virtual Visits Administrator e300d9e7-4a2b-4295-9eff-f1c78b36cc98
Roles returned by the cmdlet but not listed as admin roles
DisplayName Description Id
----------- ----------- --
Device Join Device Join 9c094953-4995-41c8-84c8-3ebb9b32c93f
Device Managers Deprecated - Do Not Use. 2b499bcd-da44-4968-8aec-78e1674fa64d
Device Users Device Users d405c6df-0af8-4e3b-95e4-4d06e542189e
Guest User Default role for guest users. Can read a limited set of directory information. 10dae51f-b6af-4016-8d66-8c2a99b929b3
Partner Tier1 Support Do not use - not intended for general use. 4ba39ca4-527c-499a-b93d-d9b492c50246
Partner Tier2 Support Do not use - not intended for general use. e00e864a-17c5-4a4b-9c06-f5b95a8d5bd8
Restricted Guest User Default role for guest users with restricted access. Can read a limited set of directory information. 2af84b1e-32c8-42b7-82bc-daa82404023b
User Default role for member users. Can read all and write a limited set of directory information. a0b1b346-4d3e-4e8b-98f8-753987be4970
Viva Pulse Administrator Can manage all settings for Microsoft Viva Pulse app 87761b17-1ed2-4af3-9acd-92a150038160
Workplace Device Join Workplace Device Join c34f683f-4d5a-4403-affd-6615e00e3a7f
The only exception is Viva Pulse Administrator but it looks like to be something new not included in the documentation of Viva service.. Not sure if it should be included yet.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Updating "includedRoles" to include all new AAD Roles.
excluded from the list is "Directory Synchronization Accounts" Role