Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Microsoft Entra Entitlement Management to Update User Admin Role

Microsoft has announced some important changes coming to its Microsoft Entra Entitlement Management service. Starting on May 3, employees in the user admin role won’t be able to perform identity governance tasks such as managing Entitlement Management catalogs and access packages.

Microsoft Entra Entitlement management is an identity management feature that lets customers manage and control access to applications and resources. It helps to automate access requests, access assignments, reviews, and expiration workflows. Entitlement management makes it easier for IT admins to ensure that only authorized internal and external users have access to groups, applications, and SharePoint Online sites.

Essentially, an access package is a bundle that comprises all the necessary resources that a user requires to carry out their tasks. These access packages are defined within containers called catalogs.

User Admin role updates in Microsoft Entra Entitlement Management

Going forwards, Microsoft says that organizations will need to use the Identity Governance Administrator role for daily management tasks. It’s highly recommended that IT admins should ensure that only those users have permission to manage Entitlement Management catalogs and access packages.

“We want to ensure minimal customer impact when we remove Entitlement Management permissions from the User Administrator role. By assigning admins the Identity Governance Administrator role, they will have the necessary permissions to continue managing catalogs and access packages,” Microsoft explained in a message on the Microsoft 365 admin center.

Microsoft explained that IT admins will be able to manage role assignments through the Azure Active Directory admin center or Graph API. You can find more details on how to update or remove existing role assignments on this support page.