In AdminDroid Microsoft 365 auditing tool, admins can get various admin role change reports with crystal clear details and graphs. It includes administrative users, admin role removals, role assignments, role scope changes, custom role creations, modifications, and removals. Using these detailed reports, admins can avoid unnecessary privilege assignments in the organization.
Audit the users who are being added to admin roles such as Company Administrator, SharePoint Administrator, etc.
-
All the events triggered when any of the Office 365 admin roles get assigned to an Office 365 user account are listed here.
-
This audit report shows the username who gets added as an Office 365 admin and the user who assigned the roles to the respective users.
-
Admins can monitor the delegated admin accesses by analyzing the Office 365 admins report.
Audit the users who are being removed from admin roles such as Company Administrator, SharePoint Administrator, etc.
-
When an Office 365 admin access gets removed from the Office 365 user, you can track all the events using this report. It gives detailed info about who removed the Office 365 admin access for whom.
-
So, admins can track the removed Office 365 admin access in your tenant, and you can reassign the admin access to them if needed.
Audit the role member additions and removals.
-
If a Microsoft 365 user gets assigned or removed from the Microsoft 365 admin roles in Azure AD, you can audit the corresponding events listed here.
-
It shows the user who performed the respective activity along with time. By viewing this report, admins can audit all the Microsoft 365 role change activities.
-
So, they can add or remove delegated admin permissions in Microsoft 365.
Audit the role assignment operations.
-
This report categorizes all the events when a Microsoft 365 role assignment gets added or removed for granting access.
-
In this report, admins can track the list of Microsoft 365 role assignments (Azure authorization) gets assigned to the user, group, service principal, etc., using Microsoft 365 default role assignment policy, Azure RBAC, and Azure portal.
-
So, admins don't need to run any PowerShell cmdlets like Get-ManagementRoleAssignment to audit the role assignments.
Audit the role scope changes.
-
If a role scope for a Microsoft 365 role gets added or removed like write scope, recipient scope, etc., the respective events are listed here.
-
Admins need to identify the role scope before assigning any roles to a Microsoft 365 user. By analyzing the role scope changes report, admins can monitor the user who changed the role scope.
-
Export Microsoft 365 role scope changes audit report for future role assignments.
Audit the custom roles added in Azure AD admin center.
-
In this report, all the events when a role definition or a role from the template gets added. It shows detailed info about the Office 365 roles added in Azure AD.
-
Also, you can create custom RBAC roles in exchange and Office 365 based on the requirements. Analyzing this report helps to audit the newly created custom roles in the Office 365 environment.
Audit the changes updated in the custom roles added.
-
This report lists all the events when an Office 365 role gets changed or its definition gets updated. It shows the corresponding Office 365 role name, which gets updated, and the respective Office 365 user.
-
It helps admins to track the modifications made in custom roles in the organization. To further refer to the edited custom roles, export the Office 365 updated roles report.
Audit the deleted custom roles.
-
If any roles in the Exchange get deleted, you can monitor the respective events listed here. This report shows the Office 365 user who deleted the role and the deleted role name.
-
By viewing this report, admins can track the deleted roles and restore a deleted Office 365 role if required. Export Office 365 deleted role audit report to recover the roles.
Audit the operations performed on roles.
-
All the operations related to Microsoft 365 admin roles in Azure AD, such as addition and removal of admin access, added or removed roles, etc., are available here.
-
This report helps admins to easily monitor all the admin role change activities happened in Azure AD.