Forum Discussion

briannorman's avatar
briannorman
Copper Contributor
Oct 04, 2023

Possible to isolate guest users to a single team and stop users sharing other resources with them?

We have previously allowed external users to be invited as guests to teams but have found that once the user is a guest in our office365 tenant internal users can invite them to whatever they want, o...
  • LeonPavesic's avatar
    LeonPavesic
    Oct 04, 2023

    Hi briannorman,

    to address the challenges you mentioned, you can do the following:

    • To prevent owners of the guest team from inviting new external users, you can modify the team permissions to remove the "Add members" permission from the Owner role. You can then grant the "Add members" permission to a specific group of administrators who are responsible for managing guest users.
    • To prevent internal users from inviting guest users to access SharePoint or OneDrive files, you can disable guest sharing for SharePoint and OneDrive. You can do this by going to the SharePoint admin center or OneDrive admin center, respectively, and clicking Sharing. Under Guest sharing, select Disable guest sharing.

    Allowing owners to invite internal users to the guest team

    To allow owners to invite internal users to the guest team, you can add the "Add members" permission to the Owner role for the guest team. You can do this by going to the Teams admin center, clicking Teams, and then clicking the name of the guest team. Under Permissions, click Manage roles. Select the Owner role and then click Edit. Under Permissions, select the Add members checkbox and then click Save.

    Ensuring that guest users only have access to files in the team they were added to

    To ensure that guest users only have access to files in the team they were added to, you can disable guest sharing for SharePoint and OneDrive. You can also use SharePoint security groups to control access to SharePoint files and folders. For example, you can create a security group for guest users and then grant that group access to the files and folders in the guest team.


    Please click Mark as Best Response & Like if my post helped you to solve your issue.
    This will help others to find the correct solution easily. It also closes the item.


    If the post was useful in other ways, please consider giving it Like.


    Kindest regards,


    Leon Pavesic
    (LinkedIn)

Resources