Forum Discussion
Monitoring partner relationship activity
Hi everybody,
We need to authorise Office 365 tenant access to a partner so that they can implement a Dynamics-based system.
Relationship: Reseller
Admin roles: Global administrator, Helpdesk administrator
The fact that this partner needs global administrator access to the entire tenant is concerning.
From a security viewpoint, is there any way to monitor activity on the tenant by this partner? Maybe under Security & Compliance > Audit Log?
Thanks
Ash
They are still performing those admin actions in the context of a user, so just search from events corresponding to said user.
The unified audit log is your best bet here. You can also use PIM and grant an "eligible" GA role, so that every time they need to perform some admin action with said account, someone on your end has to approve the elevation request.
- ashmelburnianBrass ContributorThanks for your help. I don't think the "eligible" GA role and PIM will work as the partner needs full admin access to the tenant ongoing to allow Dynamics to function.
In regards to the audit log, do you know how to specifically see logged activity by the partner?They are still performing those admin actions in the context of a user, so just search from events corresponding to said user.
- Office365BuddyBrass Contributor
Feedback link :
https://feedbackportal.microsoft.com/feedback/idea/cceef87a-858e-ec11-a81b-0022484c51ef
Delegated administration privileges (DAP) FAQ
https://docs.microsoft.com/en-us/partner-center/dap-faq#:~:text=Delegated%20administration%20privileges%20%28DAP%29%20provides%20the%20capability%20to,a%20Request%20a%20reseller%20relationship%20with%20a%20customer.