You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: intune/intune-service/fundamentals/quickstart-create-custom-role.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,20 +2,20 @@
2
2
title: Create and assign a custom role in Intune
3
3
description: Create and assign a custom role for a remote device manager.
4
4
services: microsoft-intune
5
-
author: BrenDuns
5
+
author: brenduns
6
6
ms.author: brenduns
7
7
ms.topic: how-to
8
-
ms.date: 03/26/2019
8
+
ms.date: 10/16/2025
9
9
10
10
ms.collection:
11
11
- M365-identity-device-management
12
12
---
13
13
14
14
# Step 10: Create and assign a custom role
15
15
16
-
This article guides you through creating a custom role for Intune role-based access control (RBAC) that has specific permissions for a security operations department, and assign the role to a group of such operators. When you assign Intune RBAC roles and follow the principles of least privilege access, your admins can perform tasks on only those users and devices that they should are empowered to manage.
16
+
This article guides you through creating a custom role for Intune role-based access control (RBAC) that has specific permissions for a security operations department and assign the role to a group of such operators. When you assign Intune RBAC roles and follow the principles of least privilege access, your admins can perform tasks on only those users and devices that they should are empowered to manage.
17
17
18
-
Although Intune includes several built-in RBAC roles that you can use right away, we recommend use of a least-privileged role that can complete the task an administrator is expected to manage. This approach minimizes security risks and operational errors by avoiding over-privileged accounts like Global Administrator or Intune Administrator for routine work.
18
+
Although Intune includes several built-in RBAC roles that you can use right away, we recommend using the least-privileged role that can complete the task an administrator is expected to manage. This approach minimizes security risks and operational errors by avoiding over-privileged accounts like Global Administrator or Intune Administrator for routine work.
@@ -29,7 +29,7 @@ To complete this evaluation step, you must have a group with at least one user.
29
29
30
30
Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431) using an account that is assigned the Microsoft Entra role of **[Intune Administrator](/entra/identity/role-based-access-control/permissions-reference#intune-administrator)**.
31
31
32
-
However, if this is a new trial subscription, sign in with the account that crated the subscription, which is a Microsoft Entra [Global Administrator](/entra/identity/role-based-access-control/permissions-reference#global-administrator).
32
+
However, if this is a new trial subscription, sign in with the account that created the subscription, which is a Microsoft Entra [Global Administrator](/entra/identity/role-based-access-control/permissions-reference#global-administrator).
0 commit comments