Microsoft Delays Deadlines In GDAP Security Roll Out

Calling the delays ‘a business decision,’ Microsoft expects the deadlines to get pushed back ‘one to three months,’ according to a post online.


Microsoft has delayed some of the deadlines around its rollout of granular delegated administrator privileges, billed by the tech giant as a more secure model for administering customer tenants.

Calling the delays “a business decision,” Microsoft expects the deadlines to get pushed back “one to three months,” according to a post online. The Redmond, Wash.-based tech giant will announce the new timelines – which affect members of the Cloud Solution Provider (CSP) partner program – early next month.

“Partners in the CSP program are responsible for their customers’ consumption of Microsoft cloud services,” according to the post. “It’s important that you’re aware of – and take steps to mitigate and remediate – security issues that affect you and your customers.”

Sponsored post

[RELATED: Microsoft Ignite 2022: 16 Partner Program Changes Announced Before The Conference]

CRN has reached out to Microsoft for comment.

As part of the shift to granular delegated administrator privileges (GDAP), Microsoft will stop creating DAPs when new customer or reseller relationships are created, remove inactive DAPs and transition active DAPs to GDAP roles.

Microsoft bills GDAP as “a more secure model for administering customer tenants” that “adheres to the Microsoft zero trust principle of least-privileged access.”

Partners can request specific Azure Active Directory (AD) roles for performing administrative activities on behalf of the customer, if the customer approves.

Lane Shelton, director of licensing for Core BTS – an Indianapolis-based Microsoft partner and member of CRN’s 2022 Solution Provider 500 – told CRN in a recent interview that the addition of GDAP was a good move from Microsoft.

In fact, Microsoft’s security stack has proven popular with customers lately wanting fewer vendors for IT set ups, Shelton said.

“Microsoft seems to have reached some kind of critical mass with the way that all of their security features are starting to integrate and collaborate,” he said. “They‘ve been going that direction for a long time. But we seem to have reached a tipping point, in my opinion, because we’re getting customers that are really wanting to dive deep into Microsoft‘s security stack. And they want to consolidate … we’re not hearing, ‘Oh, we don‘t want to put all of our eggs in the Microsoft basket.’ Nobody’s saying that.”

Microsoft encourages partners to remove unrequired DAP relationships and use Microsoft’s bulk migration tool to move to GDAP, according to the company’s post.