GDAP - Read before transition!
Introduction
This article will cover the recommended setup of roles that need to be applied in order for GDAP to take precedence over DAP with permissions to will conform with CSP requirements from Microsoft and what is the correct sequence of operations that will have to be carried out from your side.
In this article:
Basic CSP Template Roles
The list of roles in the table below are based on operations that are used most frequently in common CSP Support related cases that either require light or more advanced approach. The list may vary from partner to partner, however the roles marked in RED are the ones that ensure proper precedence for GDAP over DAP.
| Role Name | Role Id |
Office apps administrator |
2b745bdf-0803-4d80-aa65-822c4493daac |
Exchange administrator |
29232cdf-9323-42fd-ade2-1d097af3e4de |
Teams administrator |
69091246-20e8-4a56-aa4d-066075b2a7a8 |
Dynamics 365 administrator |
44367163-eba1-44c3-98af-f5787879f96a |
Teams devices administrator |
3d762c5a-1b6c-493f-843e-55a3b42923d4 |
Helpdesk administrator |
729827e3-9c14-49f7-bb1b-9608f156bbb8 |
Cloud device administrator |
7698a772-787b-4ac8-901f-60d6b08affd2 |
Global reader |
f2ef992c-3afb-46b9-b7cf-a126ee74c451 |
Directory readers |
88d8e3e3-8f55-4a1e-953a-9b9898b8876b |
Password administrator |
966707d0-3269-4727-9be2-8c3a10f19b9d |
Application administrator |
9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3 |
User administrator |
fe930be7-5e62-47db-91af-98c3a49a38b1 |
License administrator |
4d6ac14f-3453-41d0-bef9-a3e0c569773a |
Service support administrator |
f023fd81-a637-4b56-95fd-791ac0226033 |
Instructions and Sequence of Operations
1. You will need to create a template that includes a list of previously specified roles.
2. You will need to ensure that the roles in RED are present on the template.
3. You will need to provision the security groups based on the data prior to the transition flow.
- Following Instructions here: CSP Roles and Template Management
4. You can now transition your customers.
- Following Instructions here: CSP Customer Transition
Summary
The recommended GDAP setup requires specific CSP template roles to ensure GDAP takes precedence over DAP while conforming to Microsoft CSP requirements. The basic CSP template includes 14 essential roles for common support operations: Office apps administrator, Exchange administrator, Teams administrator, Dynamics 365 administrator, Teams devices administrator, Helpdesk administrator, Cloud device administrator, Global reader, Directory readers, Password administrator, Application administrator, User administrator, License administrator, and Service support administrator. Critical roles for proper GDAP precedence are highlighted and must be included in the template. The implementation sequence requires creating a template with specified roles, ensuring critical roles are present, provisioning security groups based on template data following CSP Roles and Template Management instructions, and finally transitioning customers following CSP Customer Transition instructions. Each role is identified by its specific Role ID for accurate configuration.
Was this article helpful?
Articles in this section
- FAQ – AppXite GDAP and CSP Microsoft Cloud Solutions
- Introduction to AppXite GDAP and CSP Microsoft Cloud Solutions
- GDAP - Read before transition!
- GDAP - Customer Transition and Synchronization
- GDAP - CSP Roles / Template Management / Security Group Provisioning
- GDAP - User Account Registration & Activation
- GDAP software client setup
Add comment
Please sign in to leave a comment.