![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 70%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
25,253 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hello @Maxime Tremblay ,
I understand that you are looking to give admin rights to an admin to manage a specific group of users.
The best solution for this in Azure AD is Administrative Units. Administrative Units provide a way to delegate administration using role-based access control to a subset of Azure AD users or groups. You can, for example, use administrative units to delegate the Helpdesk Administrator role to support regional specialists so they can manage users only in the region they support.
The full list of supported administrative unit scenarios is documented in Administrative units in Azure Active Directory. You can also use My Staff, which is based on administrative units and enables you to delegate permissions to a figure of authority, such as a store manager or a team lead.
Note that you do need an Azure AD Premium P1 or P2 license for each administrative unit administrator.
Resources:
Create or delete administrative units
Manage your users with My Staff
Delegate app registration permissions in Azure Active Directory