Forum Discussion
Streamlining adding external users to our tenant and as members of a new SharePoint Online portal
Hi
I am adding a number of external users who all grouped by separate domains. From the Bulk invite AD B2B docs
foreach ($email in $invitations)
{New-AzureADMSInvitation `
-InvitedUserEmailAddress $email.InvitedUserEmailAddress `
-InvitedUserDisplayName $email.Name `
-InviteRedirectUrl "<a href="https://mytenant.sharepoint.com/sites/YourNewPortal" target="_blank">https://mytenant.sharepoint.com/sites/YourNewPortal</a>"`
-InvitedUserMessageInfo $messageInfo `
-SendInvitationMessage $true
}
Now this worked first time with a couple of users
Tomorrow I want to add a load more so
- Can I auto add each user to the tenant without the invite ( toggling the switch above) . Indeed the current process means I have to approve each invite which in this case won't be necessary.
- Can I also add each user to the desired SharePoint group automatically
- Is there a way to extend 2) and add my (ext) domain grouped users to a designated AD group and then add the AD group to my desired SharePoint group .. so cut out the approvals.
- CorsinoCopper Contributor
Regarding the 1st question, I'm not a Sharepoint Expert, so I hope someone can answer that question.
Regarding the others, if you have the Sharepoint Group Object ID, you just need to add a line in your code:
Add-AzureADGroupMember -ObjectId $groupID -RefObjectId $userid #Adding B2B users directly to the Group
foreach ($email in $invitations) {New-AzureADMSInvitation ` -InvitedUserEmailAddress $email.InvitedUserEmailAddress ` -InvitedUserDisplayName $email.Name ` -InviteRedirectUrl "<a href="<a href="https://mytenant.sharepoint.com/sites/YourNewPortal" target="_blank">https://mytenant.sharepoint.com/sites/YourNewPortal</a>" target="_blank"><a href="https://mytenant.sharepoint.com/sites/YourNewPortal</a" target="_blank">https://mytenant.sharepoint.com/sites/YourNewPortal</a</a>>"` -InvitedUserMessageInfo $messageInfo ` -SendInvitationMessage $true Add-AzureADGroupMember -ObjectId $groupID -RefObjectId $userid #Adding B2B users directly to the Group }
Regarding the 3rd questions, from what I know, nested groups are not supported.
However, you can use Dynamic Groups (You need a Premium license) and assign that group to SharePoint.
I think this Dynamic Rule will be enough:
(user.userPrincipalName -match "#EXT#@DomainYouWantToAssignUsers.com")
- Daniel WesterdaleIron Contributor
Very interesting answers. Thanks you, I like your approach. I was code going to add Add-PnPUserToGroup but i think your approach is more elegant. I did find that trying to add external user who was already on the tenant caused and exception which needed to handle
I will look at dynamic groups as it looks useful if the domain in question is "safe" .