The SecOps report supports the transition under Microsoft guidelines from DAP (Delegated Administrative Privileges) to GDAP (Granular Delegated Admin Privileges) for Microsoft 365, Dynamics 365, Power Platform, and Azure.


You can find the SecOps Report page by clicking the Settings page (triple-bar menu in the upper right corner). After clicking on Settings, click on SecOps.





The report table lists the customers associated with your Microsoft MPN ID.  The data shows the access TD SYNNEX has, not permissions provided to you by your clients.


In this article you will learn...

  • General navigation of the report
  • Report Field Definitions
  • How to send communications to your customer to take an action



The fields in this report are defined as follows:


Field NameDescription
Customer NameName of the tenant
Customer IDPlatform ID associated with a customer profile
DAPStatus of current DAP permissions:  Active or Not Active
Permission LevelShows the permission level granted to TD SYNNEX
Low - Read Only
Medium - Administrator/Reader
DurationDisplays duration of permissions granted at time of relationship approval.  

Permissions will auto-expire if not renewed.

You can select a GDAP relationship duration of between 1 and 730 days
Expiration DateDate when delegated permissions will expire
Relationship StatusSee table below for definitions of relationship status.
Auto-NotifySetting used to contact customer with relationship access rights are due to expire
Manage (active link)Click Managed to see options for customer actions.

 GDAP Details

- Relationship IDTenant GUID as displayed in the invitation link combined with TD SYNNEX PAC Microsoft ID
- Relationship NameAdmin relationship request ID
- StatusDisplays current state of the relationship privileges
- Customer NameEnd User as seen in Partner Center
- Last Modified DateTime stamp of when request was sent
- Activated DateTime stamp of when end customer accepted relationship link
- RolesThere are two permissions levels.  Hoover over the role name to see permissions granted for the tenant




Relationship Status options:

  • Active: The system completed provisioning the relationship
  • Approval Pending: A request for approval was sent and awaits customer action
  • Approved: The customer approved the relationship
  • Created:
  • Expired: The relationship is expired. system deprovisioned the relationship
  • Expiring: The Relationship has passed its expiration date
  • Lock for Approval: 
  • Termination Requested: 
  • Terminating:
  • Terminated: there is no longer an authorized relationship with the tenant 


DAP vs. GDAP


The report table has two sections:

(1) DAP

(2) GDAP


For each Microsoft Domain listed in this report, there are actionable options. The high-level report layout shows the status for DAP.  Expanding the customer view (using the arrow) displays details for GDAP.


What happens when you click "Manage"?

To initiate an update to permissions, click the [Managed] link.  The following screen displays:



Click [Initiate GDAP Request]

You have the option to change the default setting for auto notifications for access rights expiration.

Toggle 'Off' if you do not want the customer to be automatically notified.


The next screen displays two roles with defined privileges the customer is approving for TD SYNNEX.  To manage Azure Plan, the Recommended Access is required.


Select the permission set and click [Next]



Once a GDAP request has been initiated, the expanded portion of the customer data provides two management features:

  • Mail icon: re-send an email in follow up to the initial request
  • Copy icon: copy the relationship request URL link and send a custom email to your client




To submit a support request, in StreamOne Ion, click the "?" icon in the upper right menu bar or click Submit a ticket in the Knowledge Base. Fill out all mandatory fields or read How to Use StreamOne Freshdesk to Submit and View Support Tickets for more information.