2,127 questions
PIM Not alerting when Roles assigned outside of PIM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 25%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETY%3C/text%3E%3C/svg%3E)
TJ Young
0
Reputation points
Hello, I'm currently trying to set up PIM so that it will send a notification to the Global admin account anytime an account is assigned an escalated permission from outside of PIM. There is an alert for it, but I don't receive any notifications from it. Example: I give the Helpdesk Administrator role to an account upon creating the user in the Microsoft Admin center (admin.microsoft.com), but I don't get a notification sent to my global admin account (which is licensed Business Premium). Going to the Alerts page in PIM doesn't even show that its finding that account, even though the Alert is not disabled and Risk level is High.
But if I add a user to Helpdesk Administrator from within PIM, the global admin account gets a notification.
Any help would be appreciated! Edit: I should include that the tenant does have Entra ID P2 assigned as well
{count} votes
-
Andy David - MVP 145K Reputation points MVP2024-07-10T19:11:29.0533333+00:00 Prob wouldnt hurt to disable and re-enable the alert.
-
TJ Young 0 Reputation points
2024-07-15T14:17:44.9933333+00:00 Tried it over the weekend and no dice unfortunately.
-
TJ Young 0 Reputation points
2024-07-15T14:18:45.38+00:00 Whoops, duplicate comment
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 27%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
Raja Pothuraju 1,600 Reputation points Microsoft Vendor2024-07-17T13:51:35.6233333+00:00 Hello @TJ Young,
Thank you for posting your query on Microsoft Q&A.
Regarding your concern, I have observed that when roles are assigned outside of PIM, the Global Administrator does not receive email alerts. However, when roles are assigned via PIM, the global admin account does receive notifications.
I conducted a test in my own tenant where I assigned roles to users outside of PIM and confirmed that the global administrator received email notifications. In your scenario, however, you mentioned that the global administrator did not receive email notifications when roles were assigned outside of PIM.
I would like to discuss this offline with you to understand the scenario better and determine why this behavior is occurring. Please email us at azcommunity@microsoft.com with reference to this issue and use "ATTN: pothurajur" in the subject line, including a link to the current thread.
Looking forward to your response.
Thanks,
Raja Pothuraju.
Sign in to comment