GDAP enables [[Microsoft 365]] administrators to delegate access privileges at a more granular level, allowing them to define specific permissions for individual resources, actions, or data elements within an application or system. Something I learned in the cipp discord is that shoving all roles into one group isn't reliable. If you want GA, then just check GA for that group. Don't check them all, you can have weird issues later.^[[MSP - Reddit](https://old.reddit.com/r/msp/comments/176x2o2/psa_microsoft_has_begun_the_rolling_phase_out_of/k4p5499/)] # Sources [Understanding GDAP and Its Operational Impact (huntress.com)](https://www.huntress.com/blog/understanding-gdap-and-its-operational-impact)