Mar 05 2020
08:19 PM
- last edited on
Feb 19 2021
05:05 AM
by
TechCommunityAP
Mar 05 2020
08:19 PM
- last edited on
Feb 19 2021
05:05 AM
by
TechCommunityAP
Partners haven't been able to access the Security and Compliance center on behalf of their clients for almost 18 months now. Last we heard on this was from @Scott Landry back in July of 2019, but it's been silence since then. Is anyone on the Security and Compliance team working with the Microsoft Partner Center team on this?? This is the one item that's keeping us from being able to exclusively work from our Delegated Admin accounts. As it stands now we still have to share a generic global admin account with all our employees just so they can manage certain aspects of our client's Office 365 subscription.
Mar 05 2020 11:33 PM
PowerShell should support delegated access to the SCC. There's also some work being done on the UI, see roadmap item #60975.
Mar 05 2020 11:48 PM - edited Mar 05 2020 11:50 PM
Roadmap #60975 only applies to the Office 365 Admin center. I used this feature today - it's nice, but unrelated to my post about the S&C Center.
The PowerShell you're referring to connects to Exchange Online and a handful of MSOL commands. Useful, but doesn't apply to my use case here. I need my techs to access UI features that are only available in our clients' S&C Centers.
Aug 26 2020 01:02 PM
Don't worry, they'll give us access to it by 2025, after it's been depreciated and renamed and no longer useful...
I normally don't complain, but what the hell...
Jun 25 2021 06:35 AM
I am replying on behalf of my organization and to reiterate what I've told the MS partner support team + the regular O365 support team.
1.) Partner relationships specifically have Global Admin privileges. Global Admin privileges specifically state access to the Security & Compliance centers. The fact that O365 tenant management within the partner center is missing the Security & Compliance center access is a contradiction of Microsoft's own stated policies.
2.) The Security & Compliance center has several aspects that are accessible from other admin centers; Spam filter/policy, message trace, DKIM, etc. which are accessible through the old & new Exchange admin centers. Audit log search is also somewhat accessible through the Azure admin center. Limiting access to Security & compliance center for security reasons doesn't really make sense considering so much of it is accessible from other areas.
3.) In order to fully manage a tenant, administrators will need access to the Security & Compliance center. If we need a dedicated Global Admin account to fully manage a tenant, this renders administering a tenant through the partner portal completely useless.
4.) Best practices from Microsoft say every admin should have their own account and not a shared one, but says you shouldn't have more than 4 global admins. For us, as an MSP, this is impossible to achieve due to the amount of employees.
This decision seems arbitrary and senseless. IT renders managing a tenant through the partner portal useless because a global admin account will always be needed regardless.
Aug 11 2021 03:24 PM
Jul 08 2022 03:42 AM
So it's 2022 and it looks like the prediction above about finally getting partner access back by 2025 my be a bit optimistic.
I still have yet to speak to a single other MSP who having success getting MS to understand that major stakeholders (IT Tech's working in MSP's) are rightly getting beyond pissed off by all this now.
There is the same feedback all over the internet, changes made for no reason, dumb changes that in now way line up with stated policy goals..
Obviously they would rather count money than give us the systems we need to do our jobs safely and securely without stress...
#rantover.
Feb 27 2023 09:46 PM - edited Feb 27 2023 09:47 PM
so it's 2023.....MSPs are struck by GDAP and NCE licensing effectively making it impossible to use our support chains on customers with Microsoft licensing, Godaddy and other ISPs are making tenants on default this locking out MSPs for 12 months and making it hard to deal with
Purvie/compliance and security is still on a Global admin level only
Pretty sure MSPs are not in Microsofts gameplan future
Feb 15 2024 04:07 PM
@Fastidius Indeed, they have never been, and it's not going to improve anytime soon, as MS has been seen contacting end users behind some MSPs back.
Right now, I have access to some of my customers' MTO, but the ones I still don't have access to are the ones on which the role is "Full Administration".
I already setup the GDAP roles on those tenants, so it would be on the new system, but it doesn't seem to switch to it...
There would be so much to say about MS service that writing a whole book about it would take at least 10 years...