Where can I deactivate E-Mail notifications for a specific PIM role?

Emre 1 Reputation point
2022-11-25T14:21:12.84+00:00

Hi!

You get an email from Microsoft Azure when someone has assigned themselves to a role, now my question is:

How can I disable these emails for a specific user, even if there are other users in the group who want to receive these emails.

I have also read through all the Microsoft articles but have not come to a solution.
I would really appreciate it if someone here can assist me with this problem.

https://learn.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-change-default-settings
https://learn.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-email-notifications

Since he is in the 'Security Administrator' role, he gets all the emails from Microsoft Azure that someone has activated his role, he doesn't need that.

Microsoft Entra

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. JamesTran-MSFT 36,366 Reputation points Microsoft Employee
    2022-11-29T18:29:37.483+00:00

    @Emre
    Thank you for your post and I apologize for the delayed response!

    Adding onto what was mentioned by @Andy David - MVP , you can modify the PIM notifications for Azure AD roles within the Role itself under the Role Settings. For more info - Configure Azure AD role settings in Privileged Identity Management.

    Open role settings:

    1. Sign in to Azure portal with a user in the Privileged Role Administrator role.
    2. Open Azure AD Privileged Identity Management > Azure AD roles > Role settings.
    3. Select the role whose settings you want to configure.
    4. Select Edit to open the Role settings page.
    5. On the Role setting pane, open the Notifications tab to edit/update the PIM notification(s) for the Azure AD role.

    265354-image.png
    Note: Referencing the below table, since the user you're trying to remove notifications for is a Security Administrator, you'll just have to update the notifications for - Send notifications when members are assigned as active to this role and Send notifications when eligible members activate this role.

    Notifications for Azure AD roles
    Note: As shared by AndyDavid, the Default Recipients for the Role Activation Alert are Admins - Privileged Role Administrator, Security Administrator, and Global Administrator.
    265289-image.png

    Additional Link:
    Outlook Create a rule on a message - I'm sharing this in case your Security Administrator wants to create an Outlook rule to automatically move PIM notification emails to another folder.

    I hope this helps!

    If you have any other questions, please let me know.
    Thank you for your time and patience throughout this issue.

    ----------

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    1 person found this answer helpful.
  2. Andy David - MVP 141.5K Reputation points MVP
    2022-11-25T14:50:33.25+00:00

    Can you disable the default notifications and assign the users who want to get notified as additional recipients?

    264286-image.png