Microsoft extends security update deadline for partners • The Register

Microsoft’s campaign to improve the security of its customers and partners – by allowing the latter to define roles in customers’ Active Directory implementations without asking for permission – has been extended by four months.

As The registry reported in July 2022, Microsoft has determined that IT service providers are a target for cybercriminals as cracking one partner could grant access to many thousands of machines.

Microsoft’s safeguard against this finding is an upgrade to Delegated Administrator Privileges (DAP), which are granted to partners so they can take care of customers’ software purchases and systems.

The upgrade is called GDAP – granular delegated administrator rights – and implements zero trust principles, so partners can still manage customer software but are restricted to specific activities and low privileges.

Microsoft is so keen on partners upgrading to GDAP that they are allowed to create the role in Active Directory without first getting permission from the customer.

But the partners don’t seem to be in a hurry to implement GDAP. Microsoft has set October 31st as the date when the software that automates DAP-to-GDAP migrations will be retired.

A notice to partners on October 13 reveals that the software will now expire on March 1, 2023 – four months after the old deadline.

The ability to create a DAP relationship will also last longer than intended – until January 17, 2023.

The news of the deadline extensions was accompanied by the following haste from Microsoft:

Microsoft also noted that the GDAP roles that partners can create are limited and customers must approve upgrades to more privileged roles. Therefore, when partners rush and meet the deadline, it means less rush for their customers as well.

Redmond had a rough time with its partner community in 2022 as many challenged the New Commerce Experience (NCE) terms, which prioritize selling fixed-term subscriptions and make it harder to acquire a perpetual license. The partners’ acquisition of NCE was so slow that Microsoft extended its old license agreements indefinitely, admitting that the transition had had a greater-than-expected negative impact on revenue.

Another partner-related issue is Microsoft’s pricing of software licenses, which are significantly cheaper in the company’s Azure cloud. Cloud partners fought back, helped by the European Union’s decision that Microsoft’s pricing constituted unfair competition that disadvantaged competing clouds. Microsoft introduced per-core licensing, saying it was to level the playing field. But as analyst Wesley Miller noted this twitter threadMicrosoft now offers three different pricing schemes: one for Azure and two for different classes of partners.

Giving Azure customers better features, rights, and privileges than they offer users in other clouds doesn’t exactly level the playing field, regardless of pricing. ®

https://www.theregister.com/2022/10/14/gdap_deadline_extension/ Microsoft extends security update deadline for partners • The Register

Rick Schindler

World Time Todays is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – admin@worldtimetodays.com. The content will be deleted within 24 hours.

Related Articles

Back to top button