Skip to main content

Introduction to the PIM-IT Project: Version 0.0.1

Hey everyone! It’s been a while since my last update, but I’m back this Easter weekend to share some exciting work happening behind the scenes. One of my latest projects is PIM-IT, an open-source tool designed to simplify Privileged Identity Management (PIM) in Microsoft Entra.


What is PIM?

Privileged Identity Management (PIM) helps manage access to roles within Microsoft Entra, ensuring just-in-time access to privileged roles like User Administrator. PIM enhances security by granting access only when needed, for a limited time, under admin-defined conditions. It also helps prevent unauthorized privilege escalation and provides a valuable audit trail. When used correctly, PIM is a powerful tool for managing roles and permissions efficiently.


Why PIM-IT?

While PIM strengthens security, the process of assigning roles can be tedious—logging into the Azure portal, finding eligible roles, assigning hours, providing justification, and waiting for activation. Now, imagine doing this daily for multiple roles! The complexity only increases when users with varying technical expertise need access.

PIM-IT was born out of this challenge. It simplifies PIM role assignments while adhering to least privilege principles, ensuring users get only the access they need, when they need it—without unnecessary overhead.


How PIM-IT Works

PIM-IT is a PowerShell tool that makes role assignments more efficient. Instead of manually navigating the Azure portal, users can:

  1. Load the script

  2. Sign in

  3. Select an eligible role

  4. Provide necessary justification

  5. Activate the role with a single command

This streamlines role management while offering a user-friendly approach to Privileged Identity Management. Future iterations will introduce a CLI, a PowerShell GUI, and integration with SPFx & TeamsFx for even more functionality.


What’s Next?

Currently, PIM-IT connects to Microsoft Graph’s Identity Governance Beta APIs to pull eligible roles. Looking ahead, I plan to integrate App Registrations to allow admins to grant consent without intervention, making role activation even smoother.

To use PIM-IT, you’ll need Microsoft Entra ID P2 or Microsoft Entra ID Governance. Once licensed and admin consent is given, users can assign roles effortlessly. In my next update, I’ll explore Entitlement Packages—stay tuned!

Until next time, Happy Easter and may God bless you and your family!


Access PIM-IT via GitHub

Labels:

test

Making a SharePoint Knowledge Base Part One: Getting Our Ducks in a Row

Howdy everyone, it's great to be back again for another post! As a matter of fact, this is our very first post on this blog. Amazing! For this post, I am going to help you create an intuitive Knowledge Base in SharePoint that your department or company can use as a whole. We'll also use Power Automate to notify us when our team adds to our Knowledge Base. So with this in mind, let's get started! Why a Knowledge Base? This idea comes from a recent SharePoint migration I did in my own workplace. I wanted to create a centralized resource for our team to find knowledge articles, troubleshooting steps, and guides. This helps us share knowledge across our team as well as with our end-users. For those of you who do not know what a Knowledge Base is, it is as simple as this: A centralized resource to share knowledge and provide self-help to users.  Now that you're privy to what it is, we can begin to build ourselves a Knowledge Base! We'll start with our foundational assets...
Read more

SharePoint Hackathon 2025: Developing an Emergency Management Portal - Part One

Howdy everyone! It's that time of year again folks! It is time for SharePoint Hackathon 2025. This year's challenge will incorporate SharePoint portals, SharePoint Agents, and SPFx extensibility. It is certainly looking like a great lineup this year, and it is also the first time I will be competing in this lovely competition. With this in mind, I want to take you all on my journey, documenting what I will be developing and the successes as well as lessons learned along the way. We'll be building a beautiful portal, integrating with Power BI and Power Automate, and expanding on our understanding of lists. My hope is that with this short series you'll gain some inspiration to make your own portal similar to what I have done. SharePoint is a versatile tool that really is limited by your imagination. This contest allows for your creativity and skill to soar, which we will be putting to the test over the next couple of weeks. Enough chit-chat, let's get into what we...
Read more

Responsible AI and Academia

Hello everyone, hope you are all well on this cold Winter's day! I wanted to talk about something that has been brought up in conversation and is a concern not only for IT professionals working in Education but a concern for all in Education: Artificial Intelligence. Oftentimes when we put these two things together, you get a mixed reaction of both favour and disagreement. However, I think that it is important to discuss this in further detail and explain my opinions and views on the whole matter. In this post, I'll be talking about my views on AI in the Education sector, and how AI such as Copilot can be used responsibly to promote education and trust amongst instructors and students. So what is Responsible AI exactly? Well, the meaning is in the title itself. It is the concept of using Artificial Intelligence responsibly and in a fashion that protects business concerns, employees, and the organization as a whole. In Education however, this definition changes slightly- not onl...
Read more