zettelkasten/Activate-roles.md at 4a3ae0ff5d61417a7ca2a97271d418ce7ca4fbec

Ralf Koop 7389e600f9 vault backup: 2023-11-12 11:19:55

Affected files:

2023-11-12 11:19:55 +01:00

1.5 KiB

Raw Blame History


Einzelne Rolle, mehrere Rollen:
 
function pimga

{

  Enable-DCAzureADPIMRole -RolesToActivate "Global Administrator" -UseMaximumTimeAllowed -Reason "Ich werde die Rolle benutzen, daher aktiviere ich sie am $(get-date)"

}
 
 
function pimall

{

  Enable-DCAzureADPIMRole -RolesToActivate "Intune Administrator","Exchange Administrator","Insights Administrator","Compliance Administrator","Power Platform Administrator","Global Administrator","Power BI Administrator","SharePoint Administrator","Dynamics 365 Administrator","Windows 365 Administrator","Security Administrator","Billing Administrator" -UseMaximumTimeAllowed -Reason "Ich werde die Rollen benutzen, daher aktiviere ich sie am $(get-date)" -ErrorAction SilentlyContinue

}
[Gestern 13:40] Schachtschneider, Thomas
Azure:
 
function azrole

{

  $managementgroupID = "bauer-caf" # Tenant Root Group

  $guid = (New-Guid)

  $startTime = Get-Date -Format o

  $userObjectID = "c0ba4f65-286a-4481-97ff-6a1a09fcaeec"

  $RoleDefinitionID = "8e3af657-a8ff-443c-a75c-2fe8c4bcb635" # Owner

  $scope = "/providers/Microsoft.Management/managementGroups/$managementgroupID"

  New-AzRoleAssignmentScheduleRequest -Name $guid -Scope $scope -ExpirationDuration PT8H -ExpirationType AfterDuration -PrincipalId $userObjectID -RequestType SelfActivate -RoleDefinitionId /providersproviders/Microsoft.Management/managementGroups/$managementgroupID/providers/Microsoft.Authorization/roleDefinitions/$roledefinitionId -ScheduleInfoStartDateTime $startTime -Justification get-date
 
}

#TODO

#nochzubearbeiten

1.5 KiB Raw Blame History

1.5 KiB

Raw Blame History