The Delegation and Policy Control (DPC) capabilities in Quadrotech Nova streamline and simplify the management of your Office 365 tenant by allowing your IT administrators to securely delegate control of Office 365 actions to other users in your organization. Now, your helpdesk, country-level admins and other admins throughout your organization can effectively manage Office 365 access and permissions within their own areas of responsibility.
Without a toolset such as Quadrotech Nova DPC, Office 365 delegated administration is difficult to achieve as there are limited native capabilities for delegating administrative tasks. Many organizations solve this by increasing the number of Global Administrators (GAs), even though this is known to substantially increase security risks.
Quadrotech Nova DPC alleviates this by offering:
Delegated administration within Office 365 is hard to achieve, with limited built-in capabilities. However, with Nova you can see and manage only the users that you are responsible for, and it's even possible to add multiple tenants to the application. Organizations of any size would benefit from a delegated administration tool for their Office 365 environment.Dominik Hoefling Microsoft MVP for Office Servers and Services
Authorization policies allow a delegated administrator to perform a predefined action against a specific set of users. The actions defined in the authorization policy provide the ability to granularly restrict both what the delegated admin can see or do.
The policy applies to objects such as Office 365 or on-premises users, a team within Microsoft Teams or a Mailbox. Over 100 actions can be taken, such as setting a password, creating a Teams channel, adding a user to an AD group or setting an out of office notification.
License Policies enable organizations to delegate the function of assigning O365 licenses. As an example, a delegated license administrator can be given a quota of licenses that are both E3 and E5.
The E3 licenses may be restricted to only Exchange, OneDrive, SharePoint, and Teams. The E5 licenses could be unrestricted. When a request is made for a license, the delegated license admin would assign the appropriate license, and this would be removed from their quota.
Configuration policies apply rules to users in a Virtual OU. For example, to ensure that all users have multi-factor authentication (MFA) enabled, have a specific Microsoft usage location, or to assign a specific license type. This ensures the configuration for users, groups, and other AD objects are correctly configured according to what has been deemed appropriate for that group of users.
Configuration policies ensure standard configurations are applied to particular groups or departments by standardizing objects wherever the policy is applied. For example, if you have a virtual Organizational Unit for the Sales Department, all users in this container will have their Department attribute equal ‘Sales’. Once a user is moved into this container, he or she will be brought into compliance with the configuration policy for Sales.