Using Adaxes, you can delegate Microsoft 365 management tasks to users. For example, you can allow users to activate and deactivate accounts in Microsoft 365, assign and revoke Microsoft 365 licenses, etc. The rights to perform Microsoft 365 management tasks, like any other rights in Adaxes, are granted with the help of Security Roles.
In this tutorial, you will learn how to add permissions to perform various Microsoft 365 tasks to an existing Security Role.
Launch Adaxes Administration Console.
Expand Adaxes service \ Configuration \ Security Roles and select the Security Role you want to modify.
In the Permissions section located to the right, click Add.
Select User in the list of object types on the left.
In the right part of the dialog, select the permissions you want to delegate:
To delegate full control over Microsoft 365 accounts, select the Write Microsoft 365 Properties permission in the Allow column.
To restrict users to perform specific operations only, you need to grant them the permission to modify the Microsoft 365 property that corresponds to the operation you need. The following table shows which operation corresponds to which permission:
|Activate account, set location||Write 'Microsoft 365 Location' property|
|Assign/revoke licenses||Write 'Microsoft 365 Licenses' property|
|Allow/block access to Microsoft 365||Write 'Microsoft 365 Sign-In Blocked' property|
In the Property-specific permissions list:
Check the desired property in the Allow column. For example, to delegate the right to assign and revoke Microsoft 365 licenses, check the Write Microsoft 365 Licenses permission in the Allow column.
When done, click OK.
Click Save changes.