restrict local account creation in azure tenant

techazure 0 Reputation points
2024-06-06T07:00:21.41+00:00

can we restrict local account creation in azure tenant? I just want the feature to invite guest account .

and disable local account creation ability.

Please suggest can it be done and how?

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,715 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,139 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Givary-MSFT 29,351 Reputation points Microsoft Employee
    2024-06-06T12:42:46.0166667+00:00

    @Neha Bameta Thank you for reaching out to us, As I understand you want to restrict member account creation within Entra id and only have privilege to create/invite guest account.

    Review this RBAC role - https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/permissions-reference#guest-inviter:~:text=365%20admin%20center-,Guest%20Inviter,-Users%20in%20this

    Users in this role can manage Microsoft Entra B2B guest user invitations when the Members can invite user setting is set to No.

    Also, review this section Also, review this https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/delegate-by-task#:~:text=Billing%20Administrator-,Users,-Expand%20table which help to achieve your ask.

    Let me know if you have any further questions, feel free to post back.

    0 comments No comments