These roles can access, modify, or share your critical Microsoft 365 data, leaving your tenant vulnerable to unauthorized data exposure, insider threats, and targeted phishing attacks. Prevent security gaps by reducing overprivileged admins in Microsoft 365.
Take control of your Microsoft 365 environment with the Admin Permissions Reporting Tool, designed to identify and address overprivileged roles fast.
This free PowerShell tool, developed by Microsoft MVP Vasil Michev and CTO Ivan Fioravanti using advanced AI, swiftly analyzes your admin roles. In just minutes, you'll receive a tailored report with actionable steps to remove unnecessary admin roles and secure your Microsoft 365 environment.
Download Admin_Roles_Insights.ps1. The script is not packaged, allowing you to review it before running it.
In a PowerShell session, run the Admin_Roles_Insights.ps1 script.
The script will retrieve all admin role assignments in your Microsoft 365 tenant, including permanent and eligible (PIM) assignments. It will then score each role based on access level, level of control, and potential impact on security.
The script outputs a report (in HTML, CSV, or Excel) that includes the roles assigned to each admin and their corresponding scores. This will help identify highly privileged accounts in your tenant and guide actions to enforce least-privileged access.
If you need help understanding the report, contact our experts.