Forum Discussion

Anonymous

Oct 23, 2018

custom AzureADDirectorySettingTemplate as default for all groups

I have a really specific use case I'm trying to solve and I'm just not having any luck searching for the powershell needed (possible graph may be the answer). I want to create a custom AzureADDir...

groups

Office 365 Groups

VasilMichev

MVP

Oct 24, 2018

Simply configure it as shown in the article, but with AllowToAddGuests set to $false. This sets the default configuration for any new groups created in the tenant. Then, for any group you want to have Guest enabled for, apply a custom settings template at the group level.

VasilMichev
MVP
Oct 24, 2018
And by "in the article", I mean the first section, "create settings at the directory level": https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-settings-cmdlets#create-settings-at-the-directory-level
- Anonymous
  Oct 24, 2018
  We did try that and it works to a point. If we set guest access off at the directory level, it does block all guest access. But then when we have specific Teams that we want to allow guest access, there is no way to do that because the directory level setting overrides the group level setting. What we need is granular control of each Team/O365 Group to set guest access on or off. We were hoping the directory level setting would help with this, but it's very much an all or nothing scenario for all groups in the tenant.
  - VasilMichev
    MVP
    Oct 25, 2018
    This works just fine in conjunction with the granular, group-specific template you can apply (the next section in the article).