office365azure-synapsepam

"Couldn't update Privileged Access request" error when I try to approve "Privileged access requests" from M365 Admin Portal


I'm running a Azure synapse pipeline to get Data Sets by using "Information Oversharing Template". I followed this article.

I'm working on Azure synapse analytics workspace and trying to run "Unlock advanced analytics and insights using Microsoft 365 SharePoint datasets" Pipeline which is already available. After configuring the pipeline, when I try to run, The status shows "Pending consent". After configuring the required setting as mentioned here .

From Admin center, when I try to approve the consent, It fails with an error “Couldn’t update privileged access request”. I have "Microsoft 365 E3 subscription +Microsoft 365 E5 Insider Risk Management add-on” License.Privileged Access Management

Kindly help me to resolve this issue and let me know what I'm missing here.. Thank you.

I followed this article to Configure PAM. PAM and Added one of my colleague as approver.


Solution

  • To Approve PAM requests, We need to create mail enabled security group and add this group for PAM approvers. very important thing is add users as members of this group who will be approving the requests. Adding them as owners will lead to the above PAM error. Found this through Exchange management scripts as to what privilege's should user have in order to approve the PAM requests.

    enter image description here