Assign Users to an Admin Role
Assign Users to an Admin Role can be done by:
- With Microsoft 365 admin center
- With PowerShell
With Microsoft 365 admin center
Follow these steps t assign users to an Admin Role:
- In the Microsoft 365 admin center, select Users>Active Users.
- Select the user that you want to assign the role to and under Roles, select manage roles.
- Expand Show all by category, then select power BI admin or power platform admin.
Assign users to the admin role with PowerShell
Follow these steps t assign users to an Admin Role:
- Connect to Azure AD: PS “C:\Windows\system32>Connect-AzureAD”
- Get the ObjectID for the Power BI admin role. You can run “Get-AzureADDirectoryRole” to get the ObjectID
- Next, get the user’s ObjectID. You can find that by “Get-AzureADUser”.
- To add the member to the role, run “Add-AzureADDirectoryRoleMember”.
To learn more about using PowerShell to assign admin roles, see AzureAD Directory Roles. https://learn.microsoft.com/en-us/powershell/module/azuread/?view=azureadps-2.0#directory-roles. After, assigning the admin role, you’ll get the admin portal by clicking on Settings>Admin portal, which looks like this.
Power BI – Administration Role
The Administration role allows users to manage and administer the Power BI service. Users with this role have access to administrative features such as managing users, workspaces, and data sources, setting up security policies, and monitoring usage and performance. To administrate Power BI for you, your organization should either Power BI Admin or Power Platform Admin, or Microsoft 365 Global Admin.
Limitations and Considerations
- Ability to modify users and licenses within the Microsoft 365 admin center. Depending on the admin role assigned, there may be limitations on the level of access to certain areas of the Power BI service.
- Access to audit logs.
- Admin roles in Power BI have significant control over the service, including user accounts and data. It’s important to ensure that appropriate security measures are in place to prevent unauthorized access or misuse of the service.