Forum Discussion
Best Practice to Administer Guest Users from another Tenant
- Oct 10, 2020
Hello,
For 1) you can take a look at https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/users-restrict-guest-permissions (in preview)
For 3) (MFA) you can use https://docs.microsoft.com/en-us/azure/active-directory/external-identities/b2b-tutorial-require-mfa
For password complexity I'm not sure you can do it because, to me, it doesn't make sense a tenant manage passwords for external identities.
Hello,
For 1) you can take a look at https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/users-restrict-guest-permissions (in preview)
For 3) (MFA) you can use https://docs.microsoft.com/en-us/azure/active-directory/external-identities/b2b-tutorial-require-mfa
For password complexity I'm not sure you can do it because, to me, it doesn't make sense a tenant manage passwords for external identities.
- MosesLimOct 12, 2020Copper ContributorI assumed, guest user are still treated like normal user where we can still track their activity through log analytics right?
- Thijs LecomteOct 12, 2020Bronze ContributorYou cannot change the guest users password, but all conditional access control will apply to a user (require MFA, block etc...)
You can monitor through log analytics indeed
For number 2, I would look into access packages - https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-access-package-first