Microsoft hat neue Admin Rollen für Knowledge Management, Exchange Online und Azure AD Identity Governance bereitgestellt.
Neu gibt es die 4 zusätzlichen Rollen Knowledge Administrator, Knowledge Manager, Exchange Recipient Administrator und Identity Governance Administrator. Setzt jemand die Rollen in PowerShell Scripts ein sollten wie immer die IDs statt der Namen genutzt werden. In der Rollenübersicht listet Microsoft alle IDs, die Berechtigungen und den Einsatzzweck.
| Knowledge Administrator | Users in this role have full access to all knowledge, learning and intelligent features settings in the Microsoft 365 admin center. They have a general understanding of the suite of products, licensing details and has responsibility to control access. Knowledge administrator can create and manage content, like topics, acronyms and learning resources. Additionally, these users can create content centers, monitor service health, and create service requests. |
| Knowledge Manager | Users in this role can create and manage content, like topics, acronyms and learning content. These users are primarily responsible for the quality and structure of knowledge. This user has full rights to topic management actions to confirm a topic, approve edits, or delete a topic. This role can also manage taxonomies as part of the term store management tool and create content centers. |
| Exchange Recipient Administrator | Users with this role have read access to recipients and write access to the attributes of those recipients in Exchange Online. |
| Identity Governance Administrator | Users with this role can manage Azure AD identity governance configuration, including access packages, access reviews, catalogs and policies, ensuring access is approved and reviewed and guest users who no longer need access are removed. |
