Coming soon in Microsoft Defender for Identity (MDI): The public preview of Active Directory domain-based scoping. This capability is a foundational step in extending role-based access control (RBAC) as part of the broader XDR unified role-based access control (URBAC) initiative.

This new capability enables organizations to define and refine the scope of Microsoft Defender for Identity monitoring, providing more granular control over which entities and resources are included in security analysis.

Many organizations using Defender for Identity operate across multiple Active Directory domains and need a way to delegate access based on responsibility or ownership. As organizations grow and manage complex identity environments, the ability to control who can access what (and where) is critical. Customers have this capability for Microsoft Defender for Endpoint with device groups and are expecting a similar capability for Defender for Identity.