Forum Discussion

matheus844's avatar
matheus844
Copper Contributor
Mar 29, 2023

MS Teams in Cross-Tenant synchronization

Hello!

 

I am using Cross-Tenant synchronization (preview) to synchronize two tenants (A and B).

 

I have created a configuration to send the users from Tenant A to Tenant B.

 

In the "Provision Azure Active Directory Users" mapping, the "Usertype" attribute is set to Member and in the "showInAddressList" attribute is set to True.

 

After these settings, in outlook the migrated users appear in the GAL/search bar and work perfectly, showing data, status and sending e-mails normally. In Microsoft Teams, the migrated users appear in the GAL with all their data, but no status and the messages do not arrive at their destination.

 

Is this normal for the tool? If yes, is there any way to hide these migrated users only in Ms Teams?

 

I am worried about the end user sending messages to these migrated users and not being able to contact them.

 

Regards,

  • Nurazri_Baharim's avatar
    Nurazri_Baharim
    Copper Contributor

    matheus844 I am also having the same problem. I can't chat via Teams from the synced users. The only way is to search them externally, and communicating as them as if they are "External" users.

    External Users

     

    Cross Tenant Synced Users - always showing offline where actually they are not

     

     

    Tried reading the limitations from here, not sure if it is even related.

     

    Microsoft 365 Multi-Tenant Organization People Search - Microsoft 365 Enterprise | Microsoft Learn

     

    • matheus844's avatar
      matheus844
      Copper Contributor

      Nurazri_Baharim Hi! How did you solve this situation? Is there any way to hide the migrated users in the teams search bar?

       

      Regards,

  • GSJLusky's avatar
    GSJLusky
    Copper Contributor
    Same issue here, and opened a ticket yesterday. "External" users still work in Teams, but the cross-tenant sync users show offline and never receive the messages.
    • Walmsleyj1's avatar
      Walmsleyj1
      Copper Contributor

      GSJLusky have you heard anything back yet? This is causing me the same issues and getting really noisy for me

      • Walmsleyj1's avatar
        Walmsleyj1
        Copper Contributor

        Has anyone played with sip address in the attribute transformations?

        I'm not home to test but could adding a mapping fix this? 

  • emadameer's avatar
    emadameer
    Copper Contributor
    Hey,
    Even am facing similar issue, where I can see the data of the users, but unable to to send them message as they appear offline.

    Did anyone on this forum managed to solve this issue.
  • noogaz2023's avatar
    noogaz2023
    Copper Contributor
    I just got a reply from them.....

    "Apologies for the delay.

    We’ve reached out to engineering on your findings. To be added to the public roadmap is Multi-tenant org sync for Teams. This is currently work in progress."

    oh well we all have to wait.....
    • GSJLusky's avatar
      GSJLusky
      Copper Contributor
      That doesn't answer the the question of how to get Cross-Tenant Sync to not screw up Teams. Anyone have contact info for a Teams product manager?
      • d3c3po's avatar
        d3c3po
        Copper Contributor
        this is a known issue and needs to be resolved, but MS have published that "External members aren’t supported in Power BI, Azure Virtual Desktop or Teams Connect shared channels." But it has only just gone GA.

        B2B users are exposed in the GAL, and then in teams a chat is commenced to the B2B address, that user will be emailed and prompted to switch Teams tenant to join the chat, rather than a live external chat commencing. You have to chat to the external address NOT the B2B to have seamless chat.
  • matheus844 

     

    Facing the same issue. Has anyone been able to find a solution or been given an estimate from MS on this?

     

    From my testing the only way to make this user-friendly is setting the 'showInAddressList' attribute initially to false in the cross-tenant mapping and manually creating a Teams Contact for the external account. After that I can set the attribute to true to have the guest user show up in the GAL (for Outlook) but when searching in Teams the first in the list is the manually created External contact instead of the guest account.
    Hardly a practical solution as its not scalable (need to create contacts for each synced user on each individual Teams user) and no guarantee this works long term as I've seen all sorts of search results after hours of testing various configurations.

    • Greg Olson's avatar
      Greg Olson
      Copper Contributor
      This is still a complete cluster F. I have a paid support call opened with Teams, and it went round and round and its now at a stage were its with the developer team they say, yet they said that earlier as well and it wasn't. Because the cross-sync creates the contact on the receiving tennant as something like email address removed for privacy reasons#@companyxyz.microsoftonline.com along with the email address that is correct say email address removed for privacy reasons, it works fine in Outlook and Sharepoint, but cluster F teams finds the #@companyxyz.microsoftonline.com and sends it to that instead of the external email address. This then creates a email request for the other user to accept an invitation to the newcompany's tenant and will give you a second teams account to login. When and if that works (As more often then not it will not work at all and no invites are sent and its just a big hole) users then must switch back and forth in Teams to see messages and get into groups on the other tenant. Its a complete mess for users as they will not and do not get why they must do this, and if they have already connected with them using a email address in teams and its already resolved to "External user" then it gets even more confusing for them. It gets better once Sharepoint sites are also being shared, depending on your address book you might already have two contacts in their and if you share with the wrong name then the end user can't access the Sharepoint site or file and just gets another error. We had to remove the cross-sync (And remove is key as just reducing the scope of synced users will cause other issues as the sync will remove contacts you created in the other tenant as it see's they were not authorized to be synced and will helpfully remove them for you). All in all a cluster F.
      • clathrop's avatar
        clathrop
        Copper Contributor

        Just tested. This is still broken. Please, Microsoft, get this fixed. It's such an unbelievable pain point.

  • matty091091560's avatar
    matty091091560
    Copper Contributor

    Having the same issue. I have to say the multi tenant implementation for teams has always been terrible but this actually makes it worse.

     

    With the new teams client at least messages delivered to the "other" teams instance cause a windows notification by default so users know they are there but when you are talking about thousands of users all working on something so non-intuitive it generates hundreds of SD calls.

     

    The cross tenant sync generally is exactly what we need for resource access, gal visibility for exchange etc but this issue completely destroys the experience.

  • Looks like the newly announced Multi-tenant organization preview feature is aimed at solving this:
    https://techcommunity.microsoft.com/t5/microsoft-teams-blog/announcing-more-seamless-collaboration-in-microsoft-teams-for/ba-p/3901092

    Currently testing it but it takes quite some time for things to propagate (up to 7 days for users to show in Teams search according to official documentation: https://learn.microsoft.com/en-us/microsoft-365/enterprise/plan-multi-tenant-org-overview?view=o365-worldwide#limitations-for-multi-tenant-organizations-in-microsoft-365-preview)
    • AHochste13's avatar
      AHochste13
      Copper Contributor

      FrankvanZandwijk 

       

      did you have any luck with testing the Multi-tenant org? We are having this same issue and were just reading the docs. Just wanted to see if it's worth trying. 

      • FrankvanZandwijk's avatar
        FrankvanZandwijk
        Copper Contributor

        AHochste13 

        Things are improved (such as the search functionality) but its evident this is still very much a preview feature meaning there are still cases where a user may end up chatting with a guest account. At least Teams recognizes this now (in most cases, I've had some bugs with previously synced accounts but that could be a matter of time and letting things sync) and gives the user a warning banner:

         

        I've found a couple other 'gotcha's', for example, in Outlook these synced users show up properly in the GAL but pushing the call button from there still directs Teams to the guest account and not the external address:

         

        This means that users still need to know how to switch tenants within Teams. It's likely these sorts of things will get sorted out in time but its anyone's guess how long that will take.

        I strongly recommend setting this up in a test environment or rolling it out to a small set of test users to verify this will work for you organization as it may be 'good enough'.

         

        Hope that helps!

         

Resources