Hey everyone, welcome to another video! Please make sure to read the description for the chapters and key information about this video and others. ⚠ P L E A S E N O T E ⚠ 🔎 If you are looking for content on a particular topic search the channel. If I have something it will be there! 🕰 I don't discuss future content nor take requests for future content so please don't ask 😇 🤔 Due to the channel growth and number of people wanting help I no longer can answer or even read questions and they will just stay in the moderation queue never to be seen so please post questions to other sites like Reddit, Microsoft Community Hub etc. 👂 Translate the captions to your native language via the auto-translate feature in settings! kzbin.info/www/bejne/rGbFZmZjhcx4o6s for a demo of using this feature. Thanks for watching! 🤙

Great information. I'm struggling to think of a genuine use case right now, but it's good to have this knowledge in my back pocket. Thanks John.

I've been waiting for this for years! This is great to protect groups that provide high access levels or sensitive data that you don't necessarily want any helpdesk person to manage.

Hey John, Great explanation! I was looking for such cool feature, I got clarity now. Thank you for detailed explanation.

Thanks John for covering this one, I've seen this on plenty of enough projects, where this would have been ace if it had been deployed, to protect VIPs or high value users eg data scientists, devs, or power users - from not so much as rogue changes or mistakes, though more to encourage correct processes to be followed). I'd guess you might think of eg protect the AD recycle bin, or lock settings from being changed, if you encourage a correct and valid training program, then enforce specific process per request, hardening sensitive objects via Entra - must count towards your overall security posture. If an org is wondering why they might need this, be an idea to maybe go through "lessons learned" or negative incidents (ie. bad config or mistakes - then turn it into a postive action), another top one is where some users or groups need extra TLC before something is done... it's a balance (would try to say this is extra security for those who need it), for those who deploy & manage this, increase the effort on training (from user to IT / cloud & security teams). Top run through on this John! Thanks

Thanks John!

thanks John

like, subscribe, comment, & share. hit the bell icon and stop letting those pesky admins fiddle with your Entra objects!

How many clones do you own? 😀