External user (without MS account) can't access Azure Portal
Hi Members, I need to provide Azure portal access to few external users. They don't have any Microsoft account but only their company email ids, say email address removed for privacy reasons which are not on Microsoft. When I added them as external user. They received invite and after authentication through one time code received on their emails they were able to login to my apps. But, when they try to login to Azure portal they are getting error message: "We couldn't find an account with that username. Try another, or get a new Microsoft account." Do they need to link/create a new Microsoft account with their existing email id i.e. email address removed for privacy reasons? Or is there any way they can use the existing email id to login to Azure portal without creating/linking Microsoft account? As MyApps access worked for them.
How would you transition existing external People to SharedChannel?
We are currently having around ~1000x Guest-User (B2B Collab) and would like to switch to Team-Connect (B2B Direct Connect), so they do not have to switch Tenants anymore. Where would you start, after doing all the preparation (Federation) on the Tenant-Level: - Switch them Company by Company / Switch them Team by Team? - Will they still be able to access existing Files, Discussion, Channels? - Where do i have to pay attention?
Show guest users in Teams Rooms search
Hey folks, I have a question regarding Microsoft Teams Rooms devices in with guest users in my tenant: I have invited users from another M365 tenant into my AzureAD. When I start a session on my rooms device and want to add one of the external guest users, my device could not find them if I search them by name. It works, when I enter the whole SIP address, so I just want them to be searchable just with the display name without entering the whole address. Any ideas if there is a solution for this? Thanks in advance, SebastianSharePoint Guest Users API Access - Unauthorized
Hello, we've build an Azure AD App that uses MSAL to authenticate against SharePoint. The auth flow works fine, till we try to access SharePoint resources with guest users. We've tried several solutions and configurations but we always get the answere: "Exception of type 'Microsoft.IdentityModel.Tokens.AudienceUriValidationFailedException' was thrown." Is there any policy that does not allow guest users to access sharepoint through the sharepoint api? Direct access to sharepoint works without a problem. Thanks in advance Michael
Configure custom PNP Search page on SharePoint site (access via external account)
Hi - Wondering if anyone can help. I have created a PNP search page on my SharePoint site & configured the search settings so that when a user searches when on the site they land on the PnP search results page rather than the native default of Microsoft Search. This works, however, when I access as an external user, the search functionality defaults back to default & lands back on the default Microsoft search page. Can anyone help me?
Enable External Users to manage group membership on Azure AD
Hi, We have a requirement to allow some external Guest Users in our Azure AD to manage the membership of certain Groups in our Azure AD domain. The requirements are: Only specified Guest Users can manage only specified groups Ideally the changes they make are enacted immediately A full audit trail of their changes is available I am wondering if the "Ask a sponsor to review a guest's access to an application" option detailed on the "Manage guest access with Azure AD access reviews" page (see: https://docs.microsoft.com/en-gb/azure/active-directory/governance/manage-guest-access-with-access-reviews) may meet this requirement? Can you have an external Guest User as the sponsor? Are they only able to enact changes based on be triggered with a review request, or can they initiate changes themselves? Are the results of their Access Reviews immediately automatically enacted, or does this require review and implementation by a tenant admin? Our other option is to code a control to provide this management, and use GraphAPI calls to make the membership changes. Would be very interested if anyone has any ideas on this, or if there are any other options we have overlooked to meet these requirements. thankyou!!
