Elligible EntraId PIM Assignment only Valid for 1 minute

Question

Elligible EntraId PIM Assignment only Valid for 1 minute

Cole Duprey 0

In trying to schedule a PIM assignment for Security Admin EntraIa role (which is privileged) it doesnt allow me to set a schedule, say 2 weeks for this role. Any Idea why? Is there some sort of PIM config that would restrict this?

1 answer

Your answer

Answer 1

Hello @Cole Duprey

When you're trying to schedule a PIM assignment for Security Admin EntraIa role (which is privileged) it doesn't allow you to set a schedule for 2weeks.

Yes, there are configurations within Microsoft Entra Privileged Identity Management (PIM) that can restrict your ability to schedule assignments for privileged roles like Security Administrator. The issue you're facing—being unable to set a schedule for a two-week assignment—likely stems from PIM policy settings or role eligibility constraints. Role settings of one role are independent from role settings of another role.

Sign in to the Microsoft Entra admin center as at least a Privileged Role Administrator.

Browse to ID Governance > Privileged Identity Management > Microsoft Entra roles > Roles.

On this page, you see a list of Microsoft Entra roles available in the tenant, including built-in and custom roles.

Select the role whose settings you want to configure.

Select Role settings. On the Role settings page, you can view current PIM role settings for the selected role.

User's image

Screenshot that shows the Edit role settings Attestation Reader page.

Reference: what is Assignment duration
Configure Microsoft Entra role settings in Privileged Identity Management

Hope this helps.

If this answers your query, do click `Accept Answer` and `Yes`

Share via

Elligible EntraId PIM Assignment only Valid for 1 minute

1 answer

Your answer