To establish a GDAP relationship with a customer, you must generate a GDAP invitation. In this invitation, you can specify the required administrative roles as well as the duration of the relationship, which can be a maximum of two years. After creating the invitation, a URL is automatically generated, which can then be shared with the customer.
When the customer opens the invitation, they will see an overview of the requested roles and the organization requesting access.
Once the customer accepts, the requested administrative roles are assigned in their tenant.
To make these assigned roles functional, they must be linked to security groups in your own environment. For Attic, the Global Administrator role must be assigned to the AdminAgents security group.
Quick navigation:
Create GDAP-Relationship
Go to the Microsoft Partner Center (Direct link) en select Customers:
In the menu, click Administer:
For a new customer, click Request admin relationship. For an existing customer, select the customer from the list.
For an existing customer, click Request for new relationship.
Give the relationship a name and a duration
The duration can be a maximum of 2 years, or 730 days. The name can be chosen freely.
Then click Select Microsoft Entra Roles.
Select Global administrator en click save
Then click finalize request
The invitation is now ready, it can be sent to the customer or accepted on their behalf.
When the customer opens the URL, they will see the following screen.
Once the invitation has been accepted, the roles can be assigned to the Security Groups in your organization. You will receive an email notification once the relationship has been established.
Adding roles to Security Groups
Go to Administer and select the customer
Now select Admin relationships
Click the new relationship
Select Add security groups
Select AdminAgents and click next:
Select Global Administrator and click Save
The relationship is now successfully established.