For the best web experience, please use IE11+, Chrome, Firefox, or Safari

Office 365 Delegated Administration

The Delegation and Policy Control (DPC) capabilities in Quadrotech Nova streamline and simplify the management of your Office 365 tenant by allowing your IT administrators to securely delegate control of Office 365 actions to other users in your organization. Now, your helpdesk, country-level admins and other admins throughout your organization can effectively manage Office 365 access and permissions within their own areas of responsibility.

Delegation and Policy Control
Providing more granular delegation
Providing more granular delegation than the default Microsoft administrator roles is especially important if you’re in a larger enterprise, a company with multiple business units, a university or any organization that needs to delegate access widely across the organization.

Key Benefits

Delegation and Policy Control allows a variety of user types to do their jobs more productively, in a secure fashion and without the need for elevated administrator credentials.

Helpdesk

Support teams can set user passwords, reset MFAs, add users to groups and enable access to mailboxes.

Procurement

Procurement can assign licenses to people in their part of the organization.

BU Owners

Business unit owners can manage their own teams while ensuring naming conventions are adhered to.

Line Managers

Line Managers can set Automatic Replies for users within a specific business unit or geography.

HR

HR personnel can correct data for users in AD or Azure AD and create mailbox aliases or set forwarding.

Office 365 Delegated Admin Access

Without a toolset such as Quadrotech Nova DPC, Office 365 delegated administration is difficult to achieve as there are limited native capabilities for delegating administrative tasks. Many organizations solve this by increasing the number of Global Administrators (GAs), even though this is known to substantially increase security risks.

Quadrotech Nova DPC alleviates this by offering:

Defined roles
Customizable OUs
Audit logs
Defined roles

Defined roles

Designated administrators can see and act on only the users they are responsible for, in a fashion that aligns precisely with their defined administrative role. This enables administrative tasks to be conducted where they are most effective and increases the productivity of the organization.

Microsoft MVP for Office Servers and Services

Delegated administration within Office 365 is hard to achieve, with limited built-in capabilities. However, with Nova you can see and manage only the users that you are responsible for, and it's even possible to add multiple tenants to the application. Organizations of any size would benefit from a delegated administration tool for their Office 365 environment.

Dominik Hoefling Microsoft MVP for Office Servers and Services
Authorization Policies

Authorization Policies

Authorization policies allow a delegated administrator to perform a predefined action against a specific set of users. The actions defined in the authorization policy provide the ability to granularly restrict both what the delegated admin can see or do.

The policy applies to objects such as Office 365 or on-premises users, a team within Microsoft Teams or a Mailbox. Over 100 actions can be taken, such as setting a password, creating a Teams channel, adding a user to an AD group or setting an out of office notification.

Licensing Policies

Licensing Policies

License Policies enable organizations to delegate the function of assigning O365 licenses. As an example, a delegated license administrator can be given a quota of licenses that are both E3 and E5.

The E3 licenses may be restricted to only Exchange, OneDrive, SharePoint, and Teams. The E5 licenses could be unrestricted. When a request is made for a license, the delegated license admin would assign the appropriate license, and this would be removed from their quota.

Configuration Policies

Configuration Policies

Configuration policies apply rules to users in a Virtual OU. For example, to ensure that all users have multi-factor authentication (MFA) enabled, have a specific Microsoft usage location, or to assign a specific license type. This ensures the configuration for users, groups, and other AD objects are correctly configured according to what has been deemed appropriate for that group of users.

Configuration policies ensure standard configurations are applied to particular groups or departments by standardizing objects wherever the policy is applied. For example, if you have a virtual Organizational Unit for the Sales Department, all users in this container will have their Department attribute equal ‘Sales’. Once a user is moved into this container, he or she will be brought into compliance with the configuration policy for Sales.

Get started now

Get in touch to learn more about the #1 Office 365 delegated administration tool.