Forum Discussion
Conditional Access - Require MFA for Guest Users
Hi - we have set up guest access on Azure AD and require all guest users to use MFA.
We have set up a conditional access policy that uses the built-in "All guests and external users (preview)" option for the users to be included. This part works perfectly. However, it appears that in order to achieve this, there is a dynamic group created called "All External Users". As you'd guess, this has all of the guest users listed in it.
The problem comes when the guest user logs into the Access Panel (the portal they get to from the invitation email) and it shows them the Groups that they are members of. The first group is "All External Users" and it show all of our external users - some of which are competitors - to the logged in guest user. Can this specific group be hidden from guest users?
- CorsinoCopper ContributorHi Pete, I believe guest users can see your directory members. Try this: - Go to Azure Active Directory -> User Settings -> Manage external collaboration settings Check if the "Guest users permissions are limited" is configured to "yes", if not, please change it.
- Pete BostromBrass Contributor
Hi Corsino, thanks for your response. I've checked the "Guest users permissions are limited" setting, and it is already set to "Yes".