Intune – New administration role available

A new administration role for Intune has been made available – Endpoint Security Manager.

This new role is an extension of the the Security Administrator role, to allow you

The associated permissions with this new Endpoint Security Manager are:

  1. Read, Create, Update, Delete, and Assign Device Compliance Policies
  2. Read, Delete, and Update Managed devices
  3. Read, Create, Update, Delete, and Assign Security baselines
  4. Read and Update Security tasks

You can start using this new role by assigning to the groups/users you need using either the Azure portal by then going to the Intune service ( or the Endpoint/Device Manager portal ( and then going to Roles\All Roles configuration blade

image_thumb[2]  image_thumb[3]


Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies