You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/roles/permissions-reference.md
+2-3Lines changed: 2 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -34,7 +34,7 @@ This article lists the Azure AD built-in roles you can assign to allow managemen
34
34
> |[Authentication Administrator](#authentication-administrator)| Can access to view, set and reset authentication method information for any non-admin user. | c4e39bd9-1100-46d3-8c65-fb160da0071f |
35
35
> |[Authentication Policy Administrator](#authentication-policy-administrator)| Can create and manage the authentication methods policy, tenant-wide MFA settings, password protection policy, and verifiable credentials. | 0526716b-113d-4c15-b2c8-68e3c22b9f80 |
36
36
> |[Azure AD Joined Device Local Administrator](#azure-ad-joined-device-local-administrator)| Users assigned to this role are added to the local administrators group on Azure AD-joined devices. | 9f06204d-73c1-4d4c-880a-6edb90606fd8 |
37
-
> |[Azure DevOps Administrator](#azure-devops-administrator)| Can manage Azure DevOps organization policy and settings. | e3973bdf-4987-49ae-837a-ba8e231c7286 |
37
+
> |[Azure DevOps Administrator](#azure-devops-administrator)| Can manage Azure DevOps policies and settings. | e3973bdf-4987-49ae-837a-ba8e231c7286 |
38
38
> |[Azure Information Protection Administrator](#azure-information-protection-administrator)| Can manage all aspects of the Azure Information Protection product. | 7495fdc4-34c4-4d15-a289-98788ce399fd |
39
39
> |[B2C IEF Keyset Administrator](#b2c-ief-keyset-administrator)| Can manage secrets for federation and encryption in the Identity Experience Framework (IEF). | aaf43236-0c0d-4d5f-883a-6955382ac081 |
40
40
> |[B2C IEF Policy Administrator](#b2c-ief-policy-administrator)| Can create and manage trust framework policies in the Identity Experience Framework (IEF). | 3edaf663-341e-4475-9f94-5c398ef6c070 |
@@ -309,9 +309,8 @@ This role is available for assignment only as an additional local administrator
309
309
310
310
## Azure DevOps Administrator
311
311
312
-
Users with this role can manage the Azure DevOps policy to restrict new Azure DevOps organization creation to a set of configurable users or groups. Users in this role can manage this policy through any Azure DevOps organization that is backed by the company's Azure AD organization. This role grants no other Azure DevOps-specific permissions (for example, Project Collection Administrators) inside any of the Azure DevOps organizations backed by the company's Azure AD organization.
312
+
Users with this role can manage all enterprise Azure DevOps policies, applicable to all Azure DevOps organizations backed by the Azure AD. Users in this role can manage these policies by navigating to any Azure DevOps organization that is backed by the company's Azure AD. Additionally, users in this role can claim ownership of orphaned Azure DevOps organizations. This role grants no other Azure DevOps-specific permissions (for example, Project Collection Administrators) inside any of the Azure DevOps organizations backed by the company's Azure AD organization.
313
313
314
-
All enterprise Azure DevOps policies can be managed by users in this role.
0 commit comments