MS Teams - OC Implementation GDAP Invites
In an effort to improve security practices, we no longer request service accounts from our OC customers to help them provision their services. Instead, we will send them a GDAP invite and a link to add an Azure app registration to their tenant.
This article describes the process for sending a GDAP invite to a customer that will be implemented on Operator Connect and require provisioning/support from CallTower. If the OC customer does not require assistance from CallTower (such as professional services), then this process is not required.
This process applies to both customers that we do and do not provide licenses to.
Prerequisites:
- IPM sends customer reseller link (if we are providing licenses)
- The customer adds CT as OC provider (if applicable). Click here for instructions on this.
Steps to send GDAP invite:
- Case sent to engineering to add licensing / send GDAP. Only a single ticket is needed to add licenses and add GDAP.
- The case should include:
- License name(s) & quantity (if applicable)
- Whether the customer is OC or DR
- Whether or not the customer requires custom GDAP roles.
- Custom GDAP roles include:
- Compliance Administrator
- Domain Name Administrator
- Exchange Administrator
- Global Administrator
- Global Reader
- License Administrator
- Security Administrator
- Security Reader
- SharePoint Administrator
- Skype Administrator
- Teams Administrator
- Teams Communication Administrator
- User Administrator
- Custom GDAP roles include:
- If there are professional services to provision users, extensions or resource accounts.
- Engineering will add license(s), send GDAP, and add admin roles to groups.