News alert: Microsoft is transitioning partners from DAP to GDAP starting 22 May 2023.
Security Manager is on the forefront of making this transition easy and seamless for partners – and now supports GDAP.
In response to demand for a more granular level of partner access and control, Microsoft will change their current Delegated Admin Privileges (DAP) program in favor of more secure Granular Delegated Admin Privileges (GDAP); see announcement.
Beginning May 22, 2023, Microsoft will begin automatically transitioning partners’ DAP access to Granular Delegated Admin Privileges (GDAP) with limited Azure Active Directory roles. To learn more about GDAP, click here.
What’s GDAP and how does it impact Partners globally?
This transition is part of Microsoft’s “Zero Trust” approach. They are following the three principles of:
- Use least privileged access
- Verify explicitly
- Assume breach
With GDAP, each partner holds only “keys” to relevant workloads, through so-called “relationships”. GDAP capabilities allow partners to control access to their customers’ workloads in order to better address their security concerns.
This change can benefit partners because they can offer more services to customers who may be uncomfortable with the current levels of partner access. They can also offer services to customers who have regulatory needs that require least-privileged access to partners.
How Security Manager Helps Make the transition to GDAP Easy
SkyKick Security Manager is on the forefront of making this transition easy and seamless for partners. Security Manager now supports GDAP and will continue to build features to benefit Partners.
In more detail:
- For those partners who have configured PCI through DAP, you can simply rerun PCI for GDAP to prevent Security Manager access disruption when Microsoft begins removing DAP access. Security Manager requires Global Admin privileges to create connectors, Azure Active Directory Applications, and authentication tokens.
- Partner Center Integration (PCI) is a piece of proprietary technology to help partners connect, manage and onboard customers en masse. This is a technology purpose built for MSPs and loved by partners. To enable partners’ transition from DAP to GDAP, PCI now supports GDAP in Security Manager.
- Support for GDAP requires that a partner grant their authenticating user a GDAP global admin role for their GDAP customers in Microsoft Partner Center.
Visit the SkyKick Security Manager for M365 Overview page to learn more. Or check out the Quick Guides to see short product videos about how Security Manager helps Partners tackle things like Anti-Phishing, Safe Links, and more
For more information including error message and configuration steps, check out the GDAP section in the Microsoft Partner Center Integration Help Center .
We’re committed to MSPs and will continue to provide updates surrounding GDAP support as Microsoft provides more information around their strategy and deadlines.