PIM solution

Author: rolyon

articles/role-based-access-control/troubleshooting.md

@@ -271,6 +271,10 @@ If you want to cancel your subscription, see [Cancel your Azure subscription](..
 
 You're allowed to remove the last Owner (or User Access Administrator) role assignment at subscription scope, if you're a Global Administrator for the tenant. In this case, there's no constraint for deletion. However, if the call comes from some other principal, then you won't be able to remove the last Owner role assignment at subscription scope. To override this default behavior, enable the "Allow removal of the last subscription Owner role assignment" feature in the Azure portal.
 
+**Solution 3**
+
+If you use [Microsoft Entra Privileged Identity Management (PIM)](/entra/id-governance/privileged-identity-management/pim-configure) and you are eligible for the Owner (or User Access Administrator) role, you can [activate](/entra/id-governance/privileged-identity-management/pim-resource-roles-activate-your-roles) your Owner (or User Access Administrator) role assignment temporarily, remove the last Owner role assignment, and then deactivate or let your role assignment expire.
+
 ### Symptom - Role assignment isn't moved after moving a resource
 
 **Cause**