Forum Discussion
Custom policy for guest account
Hi I would like to configure a custom expérience for guest user in my tenant. The principal reason : on many application, guests can list/read my Azure AD and eventually, browse all existing clients...
Hi Romain,
What kind of policies you like to force on the guest users?
You can apply some policies to Guest users using Conditional Access like MFA, device platform etc, check url below:
https://docs.microsoft.com/en-us/azure/active-directory/b2b/b2b-tutorial-require-mfa
Moe
What kind of policies you like to force on the guest users?
You can apply some policies to Guest users using Conditional Access like MFA, device platform etc, check url below:
https://docs.microsoft.com/en-us/azure/active-directory/b2b/b2b-tutorial-require-mfa
Moe
- Hi Moe
I would like to restrict guests right on the session and in the top idea, blocked list/read user in my Directory- Guest will be able to access and read what invited for.
In your case, Conditional Access should do the trick by blocking the guest from accessing other apps. I would also recommend using Access reviews to review the Guest Permissions, so you have an idea of permissions have given to guests in your directory.
https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-external-users
Great recommendation and I am big fan of Azure B2B.We normally restrict our external partner by white list their ip addresses with our Azure B2B Solution. What would you suggest with partners which uses Public / Dynamic ip addresses as we dont want to open up this up.
Any other way we can restrict or would you suggest VDI solution?
Hitesh
