Microsoft has delayed some of the deadlines around its rollout of granular delegated administrator (GDAP) privileges, billed by the tech giant as a more secure model for administering customer tenants.
Calling the delays “a business decision,” Microsoft expects the deadlines to get pushed back “one to three months.”
The tech giant will announce the new timelines – which affect members of the Cloud Solution Provider (CSP) partner programme – early next month.
Originally, the GDAP changes were scheduled for October 31.
“Partners in the CSP program are responsible for their customers’ consumption of Microsoft cloud services,” Microsoft said.
“It’s important that you’re aware of – and take steps to mitigate and remediate – security issues that affect you and your customers.”
CRN has reached out to Microsoft for comment.
As part of the shift to granular delegated administrator privileges (GDAP), Microsoft will stop creating DAPs when new customer or reseller relationships are created, remove inactive DAPs and transition active DAPs to GDAP roles.
Microsoft bills GDAP as “a more secure model for administering customer tenants” that “adheres to the Microsoft zero trust principle of least-privileged access.”
Partners can request specific Azure Active Directory (AD) roles for performing administrative activities on behalf of the customer, if the customer approves.
Microsoft encourages partners to remove unrequired DAP relationships and use Microsoft’s bulk migration tool to move to GDAP, company said.