The SecOps report supports the transition under Microsoft guidelines from DAP (Delegated Administrative Privileges) to GDAP (Granular Delegated Admin Privileges) for Microsoft 365, Dynamics 365, Power Platform, and Azure.
You can find the SecOps Report page by clicking the Settings page (triple-bar menu in the upper right corner). After clicking on Settings, click on SecOps.
The report table lists the customers associated with your Microsoft MPN ID. The data shows the access TD SYNNEX has, not permissions provided to you by your clients.
In this article you will learn...
- General navigation of the report
- Report Field Definitions
- How to send communications to your customer to take an action
The fields in this report are defined as follows:
Field Name | Description |
---|---|
Customer Name | Name of the tenant |
Customer ID | Platform ID associated with a customer profile |
DAP | Status of current DAP permissions: Active or Not Active |
Permission Level | Shows the permission level granted to TD SYNNEX Low - Read Only Medium - Administrator/Reader |
Duration | Displays duration of permissions granted at time of relationship approval. Permissions will auto-expire if not renewed. You can select a GDAP relationship duration of between 1 and 730 days |
Expiration Date | Date when delegated permissions will expire |
Relationship Status | See table below for definitions of relationship status. |
Auto-Notify | Setting used to contact customer with relationship access rights are due to expire |
Manage (active link) | Click Managed to see options for customer actions. |
GDAP Details | |
- Relationship ID | Tenant GUID as displayed in the invitation link combined with TD SYNNEX PAC Microsoft ID |
- Relationship Name | Admin relationship request ID |
- Status | Displays current state of the relationship privileges |
- Customer Name | End User as seen in Partner Center |
- Last Modified Date | Time stamp of when request was sent |
- Activated Date | Time stamp of when end customer accepted relationship link |
- Roles | There are two permissions levels. Hoover over the role name to see permissions granted for the tenant |
Relationship Status options:
- Active: The system completed provisioning the relationship
- Approval Pending: A request for approval was sent and awaits customer action
- Approved: The customer approved the relationship
- Created:
- Expired: The relationship is expired. system deprovisioned the relationship
- Expiring: The Relationship has passed its expiration date
- Lock for Approval:
- Termination Requested:
- Terminating:
- Terminated: there is no longer an authorized relationship with the tenant
DAP vs. GDAP
The report table has two sections:
(1) DAP
(2) GDAP
For each Microsoft Domain listed in this report, there are actionable options. The high-level report layout shows the status for DAP. Expanding the customer view (using the arrow) displays details for GDAP.
What happens when you click "Manage"?
To initiate an update to permissions, click the [Managed] link. The following screen displays:
Click [Initiate GDAP Request]
You have the option to change the default setting for auto notifications for access rights expiration.
Toggle 'Off' if you do not want the customer to be automatically notified.
The next screen displays two roles with defined privileges the customer is approving for TD SYNNEX. To manage Azure Plan, the Recommended Access is required.
Select the permission set and click [Next]
Once a GDAP request has been initiated, the expanded portion of the customer data provides two management features:
- Mail icon: re-send an email in follow up to the initial request
- Copy icon: copy the relationship request URL link and send a custom email to your client
To submit a support request, in StreamOne Ion, click the "?" icon in the upper right menu bar or click Submit a ticket in the Knowledge Base. Fill out all mandatory fields or read How to Use StreamOne Freshdesk to Submit and View Support Tickets for more information.