diff --git a/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md b/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md
index fed2ad3911..730e666b20 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md
@@ -13,7 +13,7 @@ author: mjcaparas
ms.localizationpriority: medium
manager: dansimp
audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: M365-security-compliance
ms.topic: article
---
@@ -26,28 +26,30 @@ ms.topic: article
- Azure Active Directory
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
->Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-basicaccess-abovefoldlink)
+> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-basicaccess-abovefoldlink)
-Refer to the instructions below to use basic permissions management.
+Refer to the instructions below to use basic permissions management.
You can use either of the following solutions:
- Azure PowerShell
-- Azure portal
+- Azure portal
For granular control over permissions, [switch to role-based access control](rbac.md).
## Assign user access using Azure PowerShell
+
You can assign users with one of the following levels of permissions:
- Full access (Read and Write)
- Read-only access
### Before you begin
+
- Install Azure PowerShell. For more information, see, [How to install and configure Azure PowerShell](https://azure.microsoft.com/documentation/articles/powershell-install-configure/).
> [!NOTE]
> You need to run the PowerShell cmdlets in an elevated command-line.
-- Connect to your Azure Active Directory. For more information, see, [Connect-MsolService](https://msdn.microsoft.com/library/dn194123.aspx).
+- Connect to your Azure Active Directory. For more information, see, [Connect-MsolService](https://docs.microsoft.com/powershell/module/msonline/connect-msolservice).
**Full access**
Users with full access can log in, view all system information and resolve alerts, submit files for deep analysis, and download the onboarding package.
@@ -61,19 +63,20 @@ Assigning read-only access rights requires adding the users to the "Security Rea
Use the following steps to assign security roles:
- For **read and write** access, assign users to the security administrator role by using the following command:
- ```text
+ ```PowerShell
Add-MsolRoleMember -RoleName "Security Administrator" -RoleMemberEmailAddress "secadmin@Contoso.onmicrosoft.com"
```
- For **read-only** access, assign users to the security reader role by using the following command:
- ```text
+ ```PowerShell
Add-MsolRoleMember -RoleName "Security Reader" -RoleMemberEmailAddress "reader@Contoso.onmicrosoft.com"
```
-For more information, see, [Add, or remove group memberships](https://technet.microsoft.com/library/321d532e-407d-4e29-a00a-8afbe23008dd#BKMK_ManageGroups).
+For more information, see [Add or remove group members using Azure Active Directory](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-members-azure-portal).
## Assign user access using the Azure portal
-For more information, see [Assign administrator and non-administrator roles to uses with Azure Active Directory](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-users-assign-role-azure-portal).
+For more information, see [Assign administrator and non-administrator roles to users with Azure Active Directory](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-users-assign-role-azure-portal).
## Related topic
+
- [Manage portal access using RBAC](rbac.md)