Search

MC600728 – (Updated) Announcing GA of RBAC User Scoping in Microsoft Purview Information Protection and Data Loss Prevention (archived)

cloudscout.one Icon

check before: 2023-07-06

Product:

Azure Active Directory, Defender, Entra, Entra ID, Microsoft 365 Defender, Microsoft 365 suite, Purview Communication Compliance, Purview Data Loss Prevention, Purview Information Protection

Platform:

Online, Web, World tenant

Status:

Launched

Change type:

Admin impact, New feature, Updated message, User impact

Links:

93417
162292

Details:

Updated August 11, 2023: We have updated the rollout timeline below. Thank you for your patience.
We’re rolling out a new capability that enables admins to delegate management and remediation authority for different people in different regions or organization units with role-based access control (RBAC) via Azure Active Directory Administrative Units. For example, German Admin Unit investigators would be able to investigate alerts and audit events for only German users.

The RBAC controls are available in the Microsoft Purview compliance portal for Information Protection and Data Loss Prevention related events.

This message is associated with Microsoft 365 Roadmap ID 93417
[When this will happen:]

Rollout will begin in early August 2023 (previously mid-July) and is expected to be complete end of August (previously early August).

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:
General Availability, Preview

Created:
2023-06-22

updated:
2023-08-12

the free basic plan is required to see all details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.


changes*

DatePropertyoldnew
2023-08-12MC MessagesUpdated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
We’re rolling out a new capability that enables admins to delegate management and remediation authority for different people in different regions or organization units with role-based access control (RBAC). For example, German Admin Unit investigators would be able to investigate alerts and audit events for only German users.

The RBAC controls are available in the Microsoft Purview compliance portal for Information Protection and Data Loss Prevention related events and extend to Microsoft 365 Defender Portal.

This message is associated with Microsoft 365 Roadmap ID 93417
[When this will happen:]

Rollout will begin in early August 2023 (previously mid-July) and is expected to be complete mid-September 2023 (previously early August).
Updated August 11, 2023: We have updated the rollout timeline below. Thank you for your patience.
We’re rolling out a new capability that enables admins to delegate management and remediation authority for different people in different regions or organization units with role-based access control (RBAC) via Azure Active Directory Administrative Units. For example, German Admin Unit investigators would be able to investigate alerts and audit events for only German users.

The RBAC controls are available in the Microsoft Purview compliance portal for Information Protection and Data Loss Prevention related events.

This message is associated with Microsoft 365 Roadmap ID 93417
[When this will happen:]

Rollout will begin in early August 2023 (previously mid-July) and is expected to be complete end of August (previously early August).
2023-08-12MC How AffectIf you choose to not use this RBAC User Scoping feature, there is no impact to your organization. If your organization requires delegations of tasks based on users in specific regions or organization units, please follow the steps to set up RBAC User Scoping:
Set up Administrative Units (AU) in Azure Portal

Ring-fence Purview Admin Permissions to Administrative Unit scopes

Create and manage Admin Unit scoped MIP/DLP policies

Investigate user scoped DLP Alerts, Incidents, and Logs in Purview and M365 Defender
Investigate user scoped Activities and events in Activity Explorer
If you choose to not use this Admin Units feature, there is no impact to your organization. If your organization requires delegations of tasks based on users in specific regions or organization units, please follow the steps to set up this capability:
Set up Administrative Units (AU) in Azure Portal
Ring-fence Purview Admin Permissions to Administrative Unit scopes
Create and manage Admin Unit scoped MIP/DLP policies

Investigate user scoped DLP Alerts, Incidents, and Logs in Purview

Investigate user scoped Activities and events in Activity Explorer


Note- This Admin Units capability will be extended to Data Loss Prevention alerts in the Microsoft 365 Defender portal and can be tracked as part of the roadmap ID here: 162292
2023-08-12MC Last Updated08/02/2023 18:58:252023-08-11T23:51:54Z
2023-08-12MC prepareGet started with Information Protection and Data Loss Prevention in the Microsoft Purview compliance portal.
Learn more: Permissions in the Microsoft Purview compliance portal
https://learn.microsoft.com/microsoft-365/compliance/microsoft-365-compliance-center-permissions?view=o365-worldwide#administrative-units-support-in-microsoft-purview
https://purview.microsoft.com/compliance
https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=93417
]

Get started with Information Protection and Data Loss Prevention in the Microsoft Purview compliance portal.
Learn more: Permissions in the Microsoft Purview compliance portal
https://learn.microsoft.com/microsoft-365/compliance/microsoft-365-compliance-center-permissions?view=o365-worldwide#administrative-units-support-in-microsoft-purview
https://purview.microsoft.com/compliance
https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=93417
https://www.microsoft.com/microsoft-365/roadmap?rtc=1%26filters=&searchterms=162292
2023-08-03MC Last Updated07/14/2023 01:31:252023-08-02T18:58:25Z
2023-08-03MC MessagesUpdated July 13, 2023: We have updated the rollout timeline below. Thank you for your patience.
We’re rolling out a new capability that enables admins to delegate management and remediation authority for different people in different regions or organization units with role-based access control (RBAC). For example, German Admin Unit investigators would be able to investigate alerts and audit events for only German users.

The RBAC controls are available in the Microsoft Purview compliance portal for Information Protection and Data Loss Prevention related events and extend to Microsoft 365 Defender Portal.

This message is associated with Microsoft 365 Roadmap ID 93417
[When this will happen:]

Rollout will begin in mid-July (previously early July) and is expected to be complete early August (previously late July).
Updated August 2, 2023: We have updated the rollout timeline below. Thank you for your patience.
We’re rolling out a new capability that enables admins to delegate management and remediation authority for different people in different regions or organization units with role-based access control (RBAC). For example, German Admin Unit investigators would be able to investigate alerts and audit events for only German users.

The RBAC controls are available in the Microsoft Purview compliance portal for Information Protection and Data Loss Prevention related events and extend to Microsoft 365 Defender Portal.

This message is associated with Microsoft 365 Roadmap ID 93417
[When this will happen:]

Rollout will begin in early August 2023 (previously mid-July) and is expected to be complete mid-September 2023 (previously early August).
2023-08-03MC End Time09/04/2023 09:00:002023-10-23T09:00:00Z
2023-07-15MC MessagesUpdated June 27, 2023: We have updated the rollout timeline below. Thank you for your patience.
We’re rolling out a new capability that enables admins to delegate management and remediation authority for different people in different regions or organization units with role-based access control (RBAC). For example, German Admin Unit investigators would be able to investigate alerts and audit events for only German users.

The RBAC controls are available in the Microsoft Purview compliance portal for Information Protection and Data Loss Prevention related events and extend to Microsoft 365 Defender Portal.

This message is associated with Microsoft 365 Roadmap ID 93417
[When this will happen:]

Rollout will begin in early July (previously late June) and is expected to be complete late July (previously by mid-July).
Updated July 13, 2023: We have updated the rollout timeline below. Thank you for your patience.
We’re rolling out a new capability that enables admins to delegate management and remediation authority for different people in different regions or organization units with role-based access control (RBAC). For example, German Admin Unit investigators would be able to investigate alerts and audit events for only German users.

The RBAC controls are available in the Microsoft Purview compliance portal for Information Protection and Data Loss Prevention related events and extend to Microsoft 365 Defender Portal.

This message is associated with Microsoft 365 Roadmap ID 93417
[When this will happen:]

Rollout will begin in mid-July (previously early July) and is expected to be complete early August (previously late July).
2023-07-15MC Last Updated06/27/2023 20:58:392023-07-14T01:31:25Z
2023-06-28MC MessagesWe’re rolling out a new capability that enables admins to delegate management and remediation authority for different people in different regions or organization units with role-based access control (RBAC). For example, German Admin Unit investigators would be able to investigate alerts and audit events for only German users.

The RBAC controls are available in the Microsoft Purview compliance portal for Information Protection and Data Loss Prevention related events and extend to Microsoft 365 Defender Portal.

This message is associated with Microsoft 365 Roadmap ID 93417
[When this will happen:]

Rollout will begin in late June and is expected to be complete by mid-July.
Updated June 27, 2023: We have updated the rollout timeline below. Thank you for your patience.
We’re rolling out a new capability that enables admins to delegate management and remediation authority for different people in different regions or organization units with role-based access control (RBAC). For example, German Admin Unit investigators would be able to investigate alerts and audit events for only German users.

The RBAC controls are available in the Microsoft Purview compliance portal for Information Protection and Data Loss Prevention related events and extend to Microsoft 365 Defender Portal.

This message is associated with Microsoft 365 Roadmap ID 93417
[When this will happen:]

Rollout will begin in early July (previously late June) and is expected to be complete late July (previously by mid-July).
2023-06-28MC TitleAnnouncing GA of RBAC User Scoping in Microsoft Purview Information Protection and Data Loss Prevention(Updated) Announcing GA of RBAC User Scoping in Microsoft Purview Information Protection and Data Loss Prevention
2023-06-28MC Last Updated06/22/2023 01:25:442023-06-27T20:58:39Z
2023-06-28MC MessageTagNamesNew feature, User impact, Admin impactUpdated message, New feature, User impact, Admin impact
2023-06-28MC End Time08/30/2023 09:00:002023-09-04T09:00:00Z

*starting April 2022

Last updated 7 months ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!