Hi all,

The relationships we created two years ago are quickly approaching their expiration date, and I’m interested in how other people are handling the creation of new relationships.

With the introduction of relationships that auto renew, have you found this to be a viable path? We are a Managed Service Provider and our customers expect us to turn ALL the knobs for them in the Microsoft portals.

I want to have the flexibility of techs only enabling the roles they need, but there are a LOT of roles. Creating a relationship with 34 roles is a bit extreme. Plus, it looks like we need 43 built-in roles to have the same level as access as Global Admin, and some of those roles are not available via GDAP today.

The role that stands out the most is “Organizational Branding Administrator.” Am I missing something, or is the only way to change sign-in branding to use the Global Administrator role (which prevents auto-renewal) or use a local tenant admin account?

What would partners think if Microsoft allowed the Global Admin role to auto-renew until Microsoft adds all the built in roles to GDAP roles needed to replace Global Admin? Maybe put some sort of extra warning on the role acceptance side advising the client this is not recommended and let the client make that informed choice themselves?

What do you think customers opinion of this move would be?

From my conversations with different people, I am under the impression that customers didn’t want Microsoft to allow partners the option of letting the Global Admin role auto-renew. Since I have never met a customer that shared this view, I can’t comment on the accuracy of that statement, but that what I’ve heard.

​Hi all,The relationships we created two years ago are quickly approaching their expiration date, and I’m interested in how other people are handling the creation of new relationships. With the introduction of relationships that auto renew, have you found this to be a viable path? We are a Managed Service Provider and our customers expect us to turn ALL the knobs for them in the Microsoft portals. I want to have the flexibility of techs only enabling the roles they need, but there are a LOT of roles. Creating a relationship with 34 roles is a bit extreme. Plus, it looks like we need 43 built-in roles to have the same level as access as Global Admin, and some of those roles are not available via GDAP today. The role that stands out the most is “Organizational Branding Administrator.” Am I missing something, or is the only way to change sign-in branding to use the Global Administrator role (which prevents auto-renewal) or use a local tenant admin account? What would partners think if Microsoft allowed the Global Admin role to auto-renew until Microsoft adds all the built in roles to GDAP roles needed to replace Global Admin? Maybe put some sort of extra warning on the role acceptance side advising the client this is not recommended and let the client make that informed choice themselves? What do you think customers opinion of this move would be? From my conversations with different people, I am under the impression that customers didn’t want Microsoft to allow partners the option of letting the Global Admin role auto-renew. Since I have never met a customer that shared this view, I can’t comment on the accuracy of that statement, but that what I’ve heard.  Read More

​