MS-100 Implement Access for External Users of M365 Workloads

May 31st, 2019 | Posted by admin in Exchange

Create B2B accounts

Azure AD B2B collaboration lets you securely share your company’s applications and services with guest users from any other organization, while maintaining control over your own corporate data.

Administrators can create B2B guest accounts in Azure AD and can send in invitation link for guest users to accept privacy statement.

Non-Administrator users also can B2B accounts by sending an invitation to external user and add them in a Group or share an application to guest users. To make it work, Global Administrator has to enabled self-service management for a group and assign the user as owner of the group and the group added in the application.

Conditional Access can be used to control the organization data.

To create a B2B account

Azure Portal -> Azure AD -> Users -> New Guest User -> email address and the personal message and click on Send Invite.

Guest can accept the invitation and the external user account added as Guest User in Azure AD Tenant.

Create guest accounts

Guest account creation is same as B2B account creation.

Design solutions for external access

We can plan the external access restriction with the below settings.

Navigate to Azure Portal -> Azure AD -> User Settings -> Manage External Collaboration Settings

Guest Users Permissions are Limited

Admins and Users in the guest inviter role can invite

Members can Invite

Guest can Invite

In addition to the above external access settings, we can configure the below collaboration restrictions

You can follow any responses to this entry through the RSS 2.0 You can leave a response, or trackback.

Leave a Reply