Azure Entra ID User and Role Management Assignment

Introduction

In this assignment, I performed user and role management tasks in Azure Entra ID. The tasks included:

Creating a new user
Signing in with the new user account
Assigning Global Administrator privileges
Creating another user using the promoted account
Revoking administrative privileges

This practical helped me understand identity and access management in Microsoft Azure.

Requirements

Before starting, ensure you have:

An active Microsoft Azure account
Access to Azure Portal
Permission to manage users and roles

Azure Portal: https://portal.azure.com

Step 1: Sign in to Azure Portal

Open the Azure Portal and sign in with your administrator account.

Step 2: Open Azure Entra ID

In the search bar, type Entra ID and click on Microsoft Entra ID.

Step 3: Create a New User

Navigate to:

Users → All Users → + New User → Create new user

Fill in:

Username
Name
Password settings

Click:

Review + Create
Create

Explanation

This step creates a new identity within Azure Entra ID that can later be assigned permissions and roles.

Step 4: Sign In with the Newly Created User

Open an incognito/private browser and sign in using the new account credentials.

Explanation

This confirms the user account was successfully created and can authenticate into Azure.

Step 5: Assign Global Administrator Role

Return to the administrator account and navigate:

Entra ID → Users → Select user → Assigned Roles → Add assignments

Select:

Global Administrator

Explanation

The Global Administrator role provides full control over Azure Entra ID resources and identity management.

Step 6: Sign In Using the Promoted Account

Open another incognito window and sign in using the promoted account.

Step 7: Create Another User with the Promoted Account

Using the promoted Global Administrator account:

Go to Entra ID → Users → New User

Create a second user account.

Explanation

This confirms that the elevated account has permission to manage users.

Step 8: Revoke Global Administrator Access

Return to:

Entra ID → Users → Select first user → Assigned Roles

Remove:

Global Administrator

Explanation

Revoking admin access enforces the principle of least privilege and improves security.

Observation

During this exercise, I observed that newly created users did not receive email notifications automatically. However, the accounts were still successfully created and accessible using the provided credentials.

Conclusion

This assignment demonstrated:

User creation in Azure Entra ID
Role assignment and privilege management
Administrative access control
Role revocation and security enforcement

Overall, it strengthened my practical understanding of identity and access management in Microsoft Azure.

Hands-on Azure Entra ID Lab: User Creation, Role Assignment & Privilege Revocation

Azure Entra ID User and Role Management Assignment

Introduction

Requirements

Step 1: Sign in to Azure Portal

Step 2: Open Azure Entra ID

Step 3: Create a New User

Explanation

Step 4: Sign In with the Newly Created User

Explanation

Step 5: Assign Global Administrator Role

Explanation

Step 6: Sign In Using the Promoted Account

Step 7: Create Another User with the Promoted Account

Explanation

Step 8: Revoke Global Administrator Access

Explanation

Observation

Conclusion

Tags

Author

Stats

Published

You Might Also Like

The Context Window Is RAM — Why Your Agent's SLIs Are Telling You It's Full

Walking through a 5-domain Microsoft 365 audit in 30 seconds

The Live Traffic Intercept: Bringing the Cloud Fortress to Life (Day 8)

What AMQP compatibility means for a local Azure emulator

Azure DevOps Structure Explained: Organizations, Projects, and Repos Without the Mess

Preparing for Migration: Decoupling Your Function Logic