在 Azure Active Directory 中查看和分配管理员角色View and assign administrator roles in Azure Active Directory

现在,可在 Azure Active Directory 门户中查看和管理管理员角色的所有成员。You can now see and manage all the members of the administrator roles in the Azure Active Directory portal. 如果你经常需要管理角色分配,也许更乐意使用此体验。If you frequently manage role assignments, you will probably prefer this experience. 如果曾经有过“这些角色究竟有什么用?”这样的疑问,可查看每个 Azure AD 管理员角色的详细权限列表。And if you ever wondered “What the heck do these roles really do?”, you can see a detailed list of permissions for each of the Azure AD administrator roles.

查看所有角色View all roles

搜索并选择“Azure Active Directory” 。Search for and select Azure Active Directory. 选择“角色和管理员”以查看所有可用角色列表 。Select Roles and administrators to see the list of all available roles.

单击每行右侧的省略号会打开角色的详细说明。Click the ellipsis on the right of each row to open the detailed description of the role.

Azure AD 门户中的角色列表

查看我的角色View my roles

也可轻松查看自己的权限。It's easy to view your own permissions as well. 在“角色和管理员” 页上选择“你的角色” ,可查看当前分配给你的角色。Select Your Role on the Roles and administrators page to see the roles that are currently assigned to you.

查看角色分配View assignments for a role

单击某个角色可查看分配给该角色的用户。Click a role to view the users assigned to the role. 可选择“在 PIM 中管理”以查看其他管理功能 。You can select Manage in PIM for additional management capabilities. 特权角色管理员可将“永久”(始终充当该角色)分配更改为“符合条件”(仅当提升了权限时才充当该角色)。Privileged Role Administrators can change “Permanent” (always active in the role) assignments to “Eligible” (in the role only when elevated). 如果没有 PIM,仍可以选择“在 PIM 中管理”来注册试用版 。If you don't have PIM, you can still select Manage in PIM to sign up for a trial. Privileged Identity Management 需要 Azure AD Premium P2 许可证计划Privileged Identity Management requires an Azure AD Premium P2 license plan.

管理员角色的成员列表

全局管理员或特权角色管理员可以轻松添加或删除成员、筛选列表,或选择某个成员以查看为其分配的有效角色。If you are a Global Administrator or a Privileged Role Administrator, you can easily add or remove members, filter the list, or select a member to see their active assigned roles.

查看用户的角色权限View a user's role permissions

查看某个角色的成员时,选择“说明”可以查看角色分配授予的权限的完整列表 。When you're viewing a role's members, select Description to see the complete list of permissions granted by the role assignment. 该页包含相关文档的链接,引导你对目录角色进行管理。The page includes links to relevant documentation to help guide you through managing directory roles.

管理员角色的权限列表

后续步骤Next steps