Auto-assigning the Admin Agents Security Group
Once the GDAP relationship is accepted by a customer, it is necessary to add security groups to the admin relationship, including all the accepted roles.
Providers who have configured custom GDAP roles in the multi-account extension can automatically assign the Admin-Agents security group to the relationship once it is accepted by their customers, including all the corresponding roles.
To do this, complete the following steps:
-
Go to the Integrations module in the CloudBlue Connect Distributor portal.
-
If the Microsoft Management Settings extension is not installed yet, click on the Microsoft Management Settings service and then click Open Settings > GDAP.
Note: You can also find it in your account settings (Settings > Microsoft Management Settings).
-
Click the Custom GDAP roles tab.
-
Select the Auto-assignment Enabled checkbox to assign the Admin-Agents security group to admin relationships once they are accepted by the customers. This option is turned off by default.
A scheduled task will be in charge of subscribing Microsoft partners to a webhook event to receive a notification when a customer approves a GDAP relationship. Then, if the Auto-assign Security Group option is turned on, the service will assign the Admin-Agents security group to the GDAP relationship
Important: If you are already registered to receive another webhook event from the Partner Center, the Security group Auto-assignment will not work, since Microsoft only allows subscriptions to one webhook event. For additional information, refer to the Microsoft documentation on Partner Center webhooks.