Forum Discussion
It is possible to hide Active Directory personal user information to external Microsoft 365 users?
Hi All,
As a Company, we have the Active Directory connector to synchronize our local AD info to Azure AD.
Our users then can login with our AD credentials to all Microsoft 365 services and all info about users are synchronized with their online account.
Now, we have noted a privacy violation of internal information when our Teams users invite external users.
All these external users are able to see the full list of Active Directory information related to the internal users that have joined the meeting (personal phone number, mobile number, internal number, street, city, etc.).
Does all these information should be protected by default as stated by the GDPR compliance? (privacy by design and privacy by default)
I have opened a ticket to the Technical support, but they closed the ticket telling me that "it is normal" and invited my to open a question on the Microsoft portals.
Do you know if there is a way to exclude access to our internal AD information from external users?
- Hi! You can limit guest permissions in azure AD. This will also affect other things like group memberships etc. read it carefully:
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/users-default-permissions
AdamSounds to me you're simply looking for this? External collaboration settings - Microsoft Azure
Restrict guest user access permissions - Azure Active Directory | Microsoft Docs
- Yes, indeed
