We have Azure AD and the Global Admin added these roles to my user:
Password Manager
Service Administrator
User Manager
Exchange Admin
When I go into Azure AD, and click on the User or Group tab it says I don't have the correct permissions to access that resource.
Is there something I'm missing here? To be able to add/delete/modify users and groups in Azure AD, the correct role to assign is User Manager, correct? I shouldn't need to be a Global Admin to make these changes as that is way too much power to give someone who is in charge of creating AD accounts.
I am attempting to delete a device that is stuck in Intune and the steps require me to access Azure AD and delete the item.
Can anyone comment on this? It seems like roles in Azure are either far too powerful or don't give enough access and there is no granular control over what things the user can do in the role.