Hello, Siberians. Welcome to this demonstration on a joy 80 Privileged identity management.
This demonstration is part of the second Madu off the is that 500 Microsoft Azure Security technologies costs quick information on the task that will be completing in this demo.
We'll start by reviewing as your Eddie licensing to confirm that we have the right licence to use pain.
We also reviewed the pin console to familiarize ourselves with workspace that will be using
well, then configure on a giant evil in team
who proceeds to assign an eligible user to the conflict role
and finally validates what we've done by activating the eligible as to user.
in the first task. Have reviewing my Joy D tenants to ensure that I have required licensing for pain.
How also reviewed the pin console in the azure pato.
So here I am in the azure Pato.
If I go to the left inside on, if I click on Azure Active Directory
now in a active directory, are growing the licenses on our click, and that's
now in licenses for quiet and select license features. Option
on. If I say for privileged,
I can see privileged identity management here, and I can see that it say's I currently have this feature available to me. That's because I currently have azure Haiti Premium P two.
Now, if I go on the Oprah docks to verify that I've assigned the license to uses, that will be using pain. So if I go ahead and click on Enterprise Mobility on Security Shoots, which also includes Azure Hey DPM,
I have the two users I'll be working with in this demo. Brenda and David on their signs, this license. So that looks good.
I haven't verified. A licensing will go over to the pin Conso to review the workspace. I'll be working him
if I click on the such option here. And if I search for privilege as I'm typing that I can see as you're a deep team option here. If I go ahead and click on that,
so here is the pin console will be spending the rest of our time
now in the first section we have tasks on. This is the area that will be performing the user on behalf of a workflow.
We have the section here called Manage On. This is a section that will be performing the administrative workflow him
in the nest. Ask or configure on a joy devote to be protected by Pim. Here's a visual representation of what will be doing
How become figuring the password administrative oh, to be protected by Pim. Our configure the maximum Activision time to two hours on our require justification on an approval for the vote to be activated.
So, back in the top photo, I have privilege identity managements to hoping
in the manage section how quiet and click on Azure. Hey, DeVos!
And if I go to the manage section out, click on roles here
and I can see a least off the a joy D rose that on board it's 2 p.m.
A. Joy DeVos are embodied automatically if you're using a new subscription. If I scroll down to what I get to pass, what Administrator and I can say the password administrative. Oh, here. So if I go ahead and click on that row
to configure the vote in Team, I just violently concertante
on here is the area where can configure the settings for this role.
Why don't click on edit?
How changed the maximum activation duration to two Howards because that's what we specified in our slide.
I live the options selected to require justification, and I'll select the option to require approval. How wide and configure and approve er on our search for David,
our select David click on Select
and there's nothing house that I really want to configure, but just to show you what the other options I If I go ahead to the assignment section, this is where I can specify if this vote can be permanently eligible or permanently active.
This is also the section work and configured notification
how Go ahead and click on update.
So now I have this vote configured in team.
So in the next ask, I'll be assigning on eligible user for the password administrative role.
Yes, official representation off What I'll Be Dean
have embodied the password administrative oh into a team
on what our bodies are being making Brenda eligible for the vote by having an assignment far.
So back in the azure Pato, I'm still under the privilege identity management console
and I'm under the password administrator option.
Now I have the option to have an assignment. Yes, if I go ahead and click on a hard assignment. I can say the option over here to select members on our click on members
on our click on Brenda Out, click on Select
and if I click on next. This is where I can specify the assignments. Type with illegible or active are lived at us. Eligible on. I'll leave that as permanently eligible
for Go ahead and click on a sign
once that's completed, Brenda has now being assigned as eligible to take on this role
in the next task. RB Validating what I've done so far by activating the password administrator role. Has Brenda
yes, official representation off. What are we? Dean?
I have Brenda already eligible for the passport administrator vote are very fighter. Brenda is not directly assigned to devote how logging is Brenda In another browser session on our attempts toe activates the password Administrative. Oh,
now what I'll do is out completes the justification process.
The approval request will go to David on our use, another browser session to complete that. Once that's completed, they will be assigning the vote Brenda for didja vision that's configured, which is to house
the first will allow dough is verified. The brain that does not have a direct assignment for the past one administrative. Oh,
so if I go, I didn't leak on users.
And if I select Brenda's account here
on, if I click undersigned Rose, I can see that Brenda currently does not have any direct assignments to Devo.
I'm back in the agile Pato logged in his Brenda. If I click on the such option here and such for privileged,
I can see as your Haiti privileged identity management. So if I go, I'd and click on that option
now. I told you earlier that the task area, that's what we completes the user and the approval workflow.
So if I go ahead and click on my roses, Brenda,
now brand, I can see the password Administrative. Oh, and you can see that she has the option to activate the road
if I go ahead and click on the activate option
Now, the configuration requires that Brenda provide a justification.
Having specified the justification,
go ahead and click on activates.
Now you can see the option here that says your request is pending for approval. So now a request has been sent to David to complete the approval process.
If I go back to my browser session logged in as David, if I go back to a privileged identity management under the test section,
I can see the option to approve requests. If I click on that option
on, if I go ahead and refresh the option, I can see that the request as common for password administrator off a Brenda.
Now, if I school for what
I can see information about when that was requested and the reason that Brenda specified,
so what I'll do is I'll click on the request
our enter my own justification for one my prevent this requests
and then I'll click on approve.
Once that's approved,
I should be able to verify that Brenda Now as the role assigned to her
on the left hand side. If I click on Azure 80
on If I click on uses
on In Users free click on Brenda.
And if I go on their assigned Rose, I can see that the password administrator has now been assigned to Brenda.
So here's a somebody off the tax double completed in this demonstration.
We started by Ravine as you hated licensing to confirm that we have the right licence to use team wouldn't configured on a giant devote the password administrator row to be protected in team
we proceeded Star sign a user to be eligible to that role, which is the user, Brenda.
And finally we concluded by validating what we've done by activating devote as Brenda.
Thanks very much for watching on. I'll see you in the next lesson.