Merge pull request #109792 from curtand/shaun0331

PRMerger14 · web-flow · commit 02d2146a5dfa · 2020-04-02T07:32:51.000-07:00
[Azure AD PIM] Restating support for EXCH and SHPT roles
diff --git a/articles/active-directory/privileged-identity-management/pim-roles.md b/articles/active-directory/privileged-identity-management/pim-roles.md
@@ -11,15 +11,15 @@ ms.service: active-directory
 ms.topic: conceptual
 ms.workload: identity
 ms.subservice: pim
-ms.date: 10/23/2019
+ms.date: 03/31/2020
 ms.author: curtand
 ms.custom: pim ; H1Hack27Feb2017;oldportal;it-pro;
 ms.collection: M365-identity-device-management
 ---
 
 # Roles you can't manage in Privileged Identity Management
 
-Azure Active Directory (Azure AD) Privileged Identity Management (PIM) enables you to manage all [Azure AD roles](../users-groups-roles/directory-assign-admin-roles.md) and all [Azure resource roles](../../role-based-access-control/built-in-roles.md). These roles also include your custom roles attached to your management groups, subscriptions, resource groups, and resources. However, there are few roles that you cannot manage. This article describes the roles you cannot manage in Privileged Identity Management.
+Azure Active Directory (Azure AD) Privileged Identity Management (PIM) enables you to manage all [Azure AD roles](../users-groups-roles/directory-assign-admin-roles.md) and all [Azure roles](../../role-based-access-control/built-in-roles.md). Azure roles can also include your custom roles attached to your management groups, subscriptions, resource groups, and resources. However, there are few roles that you cannot manage. This article describes the roles you can't manage in Privileged Identity Management.
 
 ## Classic subscription administrator roles
 
@@ -33,10 +33,10 @@ For more information about the classic subscription administrator roles, see [Cl
 
 ## What about Office 365 admin roles?
 
-Roles within Exchange Online or SharePoint Online, except for Exchange Administrator and SharePoint Administrator, are not represented in Azure AD and so cannot be managed in Privileged Identity Management. For more information about these Office 365 services, see [Office 365 admin roles](https://docs.microsoft.com/office365/admin/add-users/about-admin-roles).
+We support all Office365 roles in the Azure AD Roles and Administrators portal experience, such as Exchange Administrator and SharePoint Administrator, but we don't support specific roles within Exchange RBAC or SharePoint RBAC. For more information about these Office 365 services, see [Office 365 admin roles](https://docs.microsoft.com/office365/admin/add-users/about-admin-roles).
 
 > [!NOTE]
-> SharePoint Administrator has administrative access to SharePoint Online through the SharePoint Online admin center, and can perform almost any task in SharePoint Online. Eligible users may experience delays using this role within SharePoint after activating in Privileged Identity Management.
+> Eligible users for SharePoint Administrator role as well as any roles trying to access the Microsoft Security and Compliance Center might experience delays of up to a few hours after activating their role. We are working with those teams to fix the issues.
 
 ## Next steps
 
