Skip to main content
DAP to GDAP

GDAP actions to secure the partner ecosystem

In the ever-evolving landscape of cloud computing, Microsoft continues to refine its offerings to provide a more secure and efficient experience for both partners and customers. One such transition is the shift from Delegated Admin Privileges (DAP) to Granular Delegated Admin Privileges (GDAP) roles. This transition has reached a significant milestone, and it’s essential for all Microsoft partners to stay informed about the changes and prepare for what lies ahead.

Understanding the Transition

Microsoft has been actively working on transitioning DAP relationships to GDAP roles. This transition is part of Microsoft’s commitment to improving security and providing more fine-grained control over administrative privileges.

  • Transitioning delegated admin privileges (DAP) relationships to granular delegated admin privileges (GDAP) roles: Microsoft has completed the creation of GDAP relationships as part of Microsoft-led DAP to GDAP transition and has begun DAP removal.
    • Review the frequently asked questions related to this milestone.
    • Validate the newly created GDAP relationship and create a new GDAP relationship with the necessary Azure Active Directory (AAD) roles in case you require extra AAD roles to manage customers.
  • Creating new customers: Default GDAP will be available in Sandbox starting September 25 and in production starting October 9. Partners must explicitly grant granular permissions to security groups in the Default GDAP.
  • On October 9, 2023, DAP will no longer be available with reseller relationships. The updated Request Reseller Relationship link remains available in Partner Center UI and the API contract “/v1/customers/relationship requests” property URL still returns the invitation URL sent to the admin of the customer tenant.
  • The bulk migration tool is available through the end of November 2023. You can continue to create and apply GDAP templates in Microsoft 365 Lighthouse beyond this date, and a consent link is generated to provide to customers.
GDAP

The transition from DAP to GDAP is a significant step toward enhancing security and efficiency in Microsoft’s partner ecosystem. Partners should take proactive steps to adapt to these changes, stay informed about new features and updates, and continue providing the best possible service to their customers. With the right preparation, this transition can lead to a more secure and productive future for all involved.

For more questions, please contact microsoft.be@tdsynnex.com.

Best regards,

The Microsoft team at TD SYNNEX

Do you have more questions?

Contact us