Home

Azure Active Directory B2B Collaboration

61 Conversations

Latest Activity

Custom List Message Item

Hi, when trying to add guest accounts to Teams I receive following error for users, who don't have MS account yet: "Only Office 365 work or school accounts can be added as guests.". As far as I understand, this shouldn't happen anymore, as MS extended the

... Read More
317 Views
12 Replies

Now, I'm receiving "You are not authorized" messages from teams, when trying to add guests.

Only Office 365 accounts so far:

 

https://www.youtube.com/watch?v=kWp-gXyxy4Y ( at 31 minutes)

Read More

Hi,

 

This is not a question.

 

I am writing this after being in contact with the product group, so that others can find this later without bothering them again :)

 

The invitedToGroups and invitedToApplications columns from CSV are not directly implemented in

... Read More
772 Views
16 Replies

Great find!

 

So how are you detecting that the user has accepted the invitation?  As you can't add them to a group or application until they do.

 

I believe this is because

... Read More
Thanks Marius! This will be very useful for those who want to invite a user and add them to a group or an app in the same script.

When accepting an invite as a gmail user I get redirected to sign-in. But shouldnt I be redirected to the page where I "Create Password" first?

It asks me for a password and the one attached to my Gmail obviously does not work. Can only add emails from mic

... Read More
42 Views
1 Reply

In our case, previous external users invited from SharePoint show up with the #EXT# after their external mail, with the " @ " replaced with underline as bobafett_live.com

... Read More

Hi Guys,

 

We would really like to see a way where the redemption of invitations can be automated by using an Azure AD App through the API. Currently this only seems possible when using a user account.

 

We are having to do huge CSV uploads of users and t

... Read More
327 Views
3 Replies

Hello Clemence - thanks for your question!

 

I think you are asking for a stand alone portal that can perhaps perform self-service sign-up.

 

This is possible with our AP

... Read More
Best Response

We've created a new place for you to share your ideas, feedback, and feature requests regarding Azure Active Directory B2B Collaboration.  

 

Submit and vote here

 

AzureIdeaExchange.PNG

 

Read More
257 Views
1 Reply

I nam hoping to be # top 3  in sales and service with many SOLAR  and ENERGY based clients STARTING NEXT WEEK AND MY EFFORTS WILL BE RECORDED TO ENSURE THE COMPLETENESS. 

... Read More

Is there a way for our tenant administrators to see when users in our tenant have been added as B2B guests in other tenants?

 

Here's the scenario we stumbled across.

An ISV was commissioned by a business user to create a POC implementation of their software

... Read More
36 Views
0 Reply

I'm looking for an "easy" way to get the inviting "object" (user, app, ...) for an B2B user object (userType -eq "guest"). The only information available regarding this typ of data is the Azure AD audit logs. But I really would like to avoid checking the

... Read More
30 Views
0 Reply

I'm excited about the new introduced features and I immediately tried it out. What my customer are looking for is to enhance the external collaboration on their SharePoint Online. I want to enforce MFA for all or selected external users. The users are alr

... Read More
1,333 Views
8 Replies

Marco - can you try the instructions I have included here to enable MFA for SPO and let us know if it works for you?

 

Let’s say the goal is: MFA for guest users only, ac

... Read More

We love your enthusiasm on the new features, Marco!

 

@Sarat Subramaniam, @Mary Lynch, do you have inputs on the behavior described by Marco?

Read More

Hello, Azure AD B2B sends verification code emails to external guests only in english. There is no possibility to change language & design? Besides, if the external user has to set the new passwort for his MSA/AAD, the page is in english and cannot be cus

... Read More
40 Views
0 Reply

Hi, when trying to add guest accounts to Teams I receive following error for users, who don't have MS account yet: "Only Office 365 work or school accounts can be added as guests.". As far as I understand, this shouldn't happen anymore, as MS extended the

... Read More
74 Views
1 Reply

I have a similar question. I was able to add the test external organizational account (a test yahoo account) to a Teams site, but when I try to log in with that email add

... Read More

Am I correct in saying partner organisations who use ADFS (with no identity in Azure AD) are not able to use B2B?  How can we overcome this?  Are there any timings as this is becoming a major hurdle for us.

244 Views
9 Replies
Hi Bally - partners without Azure AD can still use B2B. We just spin up an Azure AD tenancy and account for them at the time of redemption. Please check out the 15 minute... Read More

Hi,

 

We're using AAD and B2B account to allow our partners to access our applications.

One of our customers, to which we've sent an AAD B2B invite got the error message "An unexpected error occurred. Please try again.", after entering the verification code

... Read More
466 Views
13 Replies

Had this issue as well, workaround I found is to set the country to "United States" (at the page where you pick a password)

I would open a support ticket through the Azure Portal

If I grant guest users rights directly to a SPO document library (after having disabled inheritance), the users will have the expected rights, but they will not show up in the list of users/groups with access to the library. This is of course a security p

... Read More
337 Views
6 Replies
Are you picking the users from the B2B users already invited through Azure AD B2B?

Hi - I have been some messing about and have found that only when the Azure invite is redeemed and the user goes from being 'Invited' to 'Guest' user or simlar in their profile can you add them to a SharePoint Online security group.

 

This is an issue for u

... Read More
83 Views
1 Reply

So, I think you can do this by adding them to the SharePoint hidden user list - but ideally you could add a guest user before their profile turns from Source:Invited to S

... Read More

We are investigating how to take B2B into use with our clients. Many of our clients are smaller companies who don't have AAD in use or even IT-know-how what it is. Now if we invite some client users as Guests to the MS Teams for example, then viral un-man

... Read More
51 Views
0 Reply

Having SharePoint OnPrem, ADFS, Azure AD Sync etc in place and wanting to use Azure AD B2B for external user access the authentication of external users in the SharePoint Web Application is now possible. 

Creating an "Azure Security Group" (putting all ext

... Read More
793 Views
8 Replies

Inorder for B2B users to access OnPrem applications, you need to:

1. Set up App proxy for Authentication to work

2. Write back B2B users to OnPremises for Authorization t

... Read More

Hi

 

We are using B2B, and have a customer with an ADFS solution.  I want to understand if it's possible, and how to have the B2B user authenticated by the ADFS hosted by the customer.

 

Thanks in advance :)

Joe

Read More
675 Views
7 Replies
Joe - like Raymond says in the reply below, if the partner has an Azure AD that is federating authentication to their ADFS infrastructure, then there is nothing new to be... Read More

If your customer has a working AD FS infrastructrure integrated with Azure AD, then the users of that organization will automatically be authenticated by that AD FS when

... Read More

We’ve just enabled Guest Access in Microsoft Teams, built on the B2B collaboration features of Azure AD!

 

You can now enable partner collaboration in Teams for interactions across chat, apps, and file sharing, all with the ease of use and enterprise-grad

... Read More
729 Views
2 Replies

I'm liking the guest support!  My only feedback at the moment is the context switching between tenants is going to be a challenge, I think you'll see limited adoption unt

... Read More

Great stuff Eric, I assume the same licensing requirements exist for using premium features as other in other AzureAD sceanrios ? https://docs.microsoft.com/en-us/azure/active-directory/active-directory-b2b-licensing

Read More

Hi all having an issue inviting a guest user.

 

when ever i add the guest user an invitation email gets sent to him but i can never see him in the GAL or directory. any advice?

68 Views
0 Reply

Hi everyone

 

i want to know if SharePoint OnPrem supported to integrate with Azure AD B2B or not ? if supported, what is requirments to use Azure AD B2B?

i need some resources for integration between Azure AD B2B and SharePoint onprem 

thanks in advance 

Read More
81 Views
0 Reply

I have configured an MVC application using the Owin components to authenticate users against Azure B2C.  Everything works just fine when using the appname.azurewebsites.net URL.

 

Now, we've added a custom domain name (myapp.ourdomain.com) to the web applic

... Read More
110 Views
1 Reply

UPDATE: I determined that because the B2C directory was setup with a custom domain name of ourdomain.com), there must have been an internal translation of that domain to

... Read More

Hi.  I have seen information on B2B Guest integration capabilities & restrictions with SharePoint, OneDrive and Teams.

Just wondering what is the current scope of integration and/or restrictions with other O365 components, in particular Exchange.

For exampl

... Read More
72 Views
0 Reply

Just want a confirmation the following would work:

Invite B2B user

Create DISABLED AD Account on local ADDS with the UPN of the invited B2B user (Automation via SCIM Provisioning)

Use AAD App Proxy to provide on-premises application to B2B user

Read More
757 Views
9 Replies

Hi, I assume you are looking to use the app proxy for organizations with on-premises apps which are using Windows authentication.  We are currently working on the documen

... Read More
Best Response
Do you then mean that the Azure AD App Proxy App should use Windows Authentication?

I would just like to know if PowerBI for B2B Users are now supported? Thank you.

458 Views
4 Replies
Any update on this? This would provide great value.
From my experience with customers and projects, this feature is much demand, as well as B2B support for Microsoft Teams ;)

Hi Aljohn this is a great feature and is on the roadmap.

We have multiple tenats which are alle working with Sharepoint Online/Onedrive. We would like to drag and drop files from Sharepoint Online in Tenant A to a user which uses Onedrive from Tenant B. Can we esthablish this with Azure AD B2B?

290 Views
9 Replies

There are ways to get this done with B2B. This involves using our APIs and using scripts to bulk onboard people from the other organization. And enabling self service sig

... Read More
Best Response

All, does b2b work with the teams application? 

130 Views
1 Reply
Neil this is work in progress. Stay tuned for updates here.

Hello, my name is Daniel and I'm the service owner for O365 at VMware. I have a use case that I need help with, you may have already seen a email from your colleague on this question. I would like to create a SharePoint site (hosted on vmware domain) that

... Read More
273 Views
5 Replies

Hi Daniel - with the current capabilities you can add one user from each org that you want to work with as a B2B user in your org and assign them to the guest inviter rol

... Read More

We have ten minutes to go -- get your questions in!

 

file.jpeg

Read More
223 Views
4 Replies
who are the people in the photo? it would nice to have a face to go with a name.
Fun to be part of from Norway, although you guys had the better/faster responses than I could come up with. Keep up the good work, team, looking forward to use Azure AD B... Read More
Thank you for your time today!

Using the B2B capability to create guest records in our Organization and allow SSO into our AAD registered apps is a very useful integration.

 

I would really love to somehow see the high level status (link status) of the foreign Org ID record. Not personal

... Read More
64 Views
0 Reply

Hello,

 

We are using B2B for managing our partners, with the self service we can delegate the invitation to one default group at the level of the application. We have several groups per partners and we need to delegate for each partner a owner per group.we

... Read More
142 Views
2 Replies

Can you clarify the user experience and what a partner sees when they login? How and where do they see all other partner groups?

 

What kind of application? General custom

... Read More

Thanks Juan.

From the blog article, about the new features: "Ability to invite a user with any email address to collaborate. Whether a user has an Office365 or on-premises

... Read More

Welcome to the Azure Active Directory B2B Collaboration Ask Microsoft Anything! This live hour gives you the opportunity to ask questions and provide feedback directly to the Azure Active Directory team.

  

Please post your question in a new thread. You c

... Read More
652 Views
22 Replies
Please share the session link

Hi, Michael Kirst-Neshva from Neumünster in Germany here. MVP for Office 365 Servers and Services.

Hi everyone, I'm Aljohn Bonifacio, Global IT Manager from Philippines.

Is there documentation or recommendations on how we can allow our SharePoint Online site admins to invite guest users via Azure B2B?  We've tinkered with various permissions unsuccessfully and need a simple process these admins can follow without a need t

... Read More
149 Views
5 Replies

Hi Ryan - please refer to this doc here and let us know if this helps: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-b2b-o365-external-user 

Read More

(EDIT: The summary document of what was covered during the Azure Active Directory B2B Collaboration AMA is attached here!)

 

Thank you for joining us and voicing your questions and feedback during this fun and action-packed hour.  

 

See you next time!

 

... Read More
278 Views
6 Replies

The Link should now be working!

 

Please, fill out this quick survey about the AMA, we'd love to hear your feedback! 

Read More
Feedback:
Thank you for your time and answers!
Thank you for that product idea!
I'm talking since two years in sessions "Your Extranet in 5 Minutes including Identity Manage... Read More
Thank you
Thanks for your time.
But I'm not allow to see this forms ;-)
Microsoft Forms is not launched to your organization yet
Please contact your administrator for details.

Session id: ce636a5e-a103-46d5-ba7c-889f3bfcd90f, Correlation id: 5d... Read More

Will the implementation of tenant restrictions via proxy header injection prevent users in our directory who were invited as B2B guest users to another tenant from accessing that partner tenant from our network where tenant restrictions are in place?  I p

... Read More
226 Views
3 Replies

We have a allow / deny list coming up for managing outgoing relationships, but what is your scenario for restricting incoming relationships?

Hello,

Can a guest account be manager of a group in order to send invitation and add/remove members

128 Views
4 Replies

Thank you for you reply, can we have a documentation for that

In our implementation and testing the past quarter, the Azure AD B2B required an elevated set of privileges that was not appropriate for a guest user... but you COULD do ... Read More
Yes, the self-service group management works for a guest account for the most part. Let us know if you have any issues with this. For sending the invitation, the guest us... Read More
Hello, do you plan to add support for self user managed guest B2B memberships? So that user could also leave the organization they were invited into? Right now, I am in quite a lot of AADs from different projects and it is cluttering my Azure Portal and M... Read More
122 Views
2 Replies
Hi, I'm thinking, this is a good question!
Because, when you your reading the GDPR Requirements, this could be an important point!
GDPR = European General Data Protection R... Read More

Hi Jan - yes, this is a frequently requested capability that we're looking at. Please stay tuned for updates.

Is there a definative Aazure AD B2B Roadmap that working parties can follow?

James Andrew Malone, Programmer Analyst, STV

150 Views
4 Replies
So the Azure Roadmap https://azure.microsoft.com/en-us/roadmap/ is searched for B2B has one line "Azure Active Directory B2B collaboration" In preview ... that does not l... Read More

Thank you James!


You can view the roadmap along with other links below.

-https://azure.microsoft.com/en-us/roadmap/

-follow AzureAD on twitter at https://twitter.com/azuread

... Read More

Hello to the community,

I recently started experimenting with MS Azure, and I can say I am quite intrigued from its capabilities. I have managed to set up login with ADFS and WAP servers but I am currently struggling with Azure B2B.

I have successfully invi

... Read More
119 Views
2 Replies

Hello Rouxlas - 

 

Yes, B2B users can access O365. Currently, SPO/OneDrive, Office 365 groups, Dynamics 365 and Dynamics CRM support B2B user access.

 

Support for other

... Read More

We have a customer who would like to use Azure AD B2B as a replacement for federation (AD FS), so their business partners can access their web site. I've not seen an end-to-end scenario list of what all is possible with B2B and am wondering if that use ca

... Read More
176 Views
4 Replies

Hi Kent - please have a look at this quick 15 minute video for what's possible and what's coming with Azure AD B2B Collaboration: https://aka.ms/b2bmechanics. Let me know

... Read More
Hi Kent, my answer was for you :-)

We have some customers, where we are implementing AAD Sync with full password sync and using Office365 Groups as "Extranet Site" for "ex... Read More

For viral/JIT client users, we need to have validation set at regular intervals to ensure the user is still a part of their organisation.  Currently, there is no validation in place for these JIT users.  Are there any plans to address this and timings?

Read More
122 Views
3 Replies

Hi Bally, we have heard this ask from several customers and it is definitely on our roadmap.  For background, we have access reviews today in Azure AD as part of Azure AD

... Read More

Can a global administrator for an Azure Commercial tenant invite a user that is federated with an Azure Gov tenant?

77 Views
3 Replies

Hi Tony - Great question. We hear this feature request a lot. We believe this is very important and we're looking into it. Stay tuned for updates.

We have some customers, where we are implementing AAD Sync with full password sync and using Offic e365 Groups as"Extranet Site" for "external/external" and "external/internal" users. With an internal process, the users are Azure B2B only.

82 Views
1 Reply
Welcome to the community! Let us know if you have any questions!

If you enfore MFA on a B2B user via AAD conditional access and the user cant use the already confiured MFA app / MFA options.

They have to register for MFA again and even end up with two entries in the Authenticator App if used.

 

Are you looking to improve

... Read More
132 Views
1 Reply

HI Alexander - thanks for the question!

 

Currently, MFA is managed at the resource tenant - that is the tenant that has invited the B2B user. This allows the organizatio

... Read More
Best Response

Hello

 

Ram here. I've got few questions on usecase scenarios to make few architectural recommendations:

 

  1. Do you have any usecases and architectural solutions in integrating B2B with on-premise organisation ADs and services such as portals hosted on Azure in
... Read More
172 Views
1 Reply

Hi Ram -

 

Thanks for your questions:

 

1. We are going to be publishing guidance on OnPrem app access for B2B users soon. Stay tuned!

2. Yes. B2B users will be able to a

... Read More

Hi, Khaliq here from South Africa and asking a question on behalf of a customer that could make it (we already 18:00).  Any update on supported patterns for on-premis?

 

101 Views
1 Reply
Hi Khaliq - great question! We are putting together some guidance this and will publish soon. Stay tuned!

Hi

 

First I'd like to confirm my understanding that the passwords for invited guests are managed in the guest/partner's own identity provider and not in our (resource provider) AAD tenant?

 

I'd also like to confirm if at any time the guest password is actua

... Read More
200 Views
1 Reply

Hi Shayne-

 

B2B by default uses federated authentication. So that the guest passwords never leave the partner org. Also, the password policies are managed by the partner

... Read More
Best Response

HI,

I have a queston about partners who dont have Azure AD  OR just On-premise managed IT Accounts & Consumer accounts

1. Is there any way that for such IT managed accounts in which case they would be using a Microsoft account to access my tenant based on t

... Read More
103 Views
1 Reply

We are working on direct federation capabilities with such partners. That will bring in the lifecycle controls similar to what you'd get if the partner is on Azure AD.

Read More

Azure Analysis Services integrates with Azure Active Directory (Azure AD) to allow users within an AAD tenant to log into a server. Customers have asked for the ability to allow users from other organizations to access their models in Azure Analysis Servi

... Read More
143 Views
1 Reply

This is amazing progress. Very excting! Thanks for sharing!

I'm trying to get my head around Azure B2C and B2B.

 

We are building a web app to be used by both internal (O365 users) and external users. Most of the external users will be individuals or employees of social profits without an identity provider.

 

If we go

... Read More
408 Views
3 Replies

B2B collaborators can sign in with an identity of their choice. If the user doesn’t have a Microsoft account or an Azure AD account – one is created for them seamlessly a

... Read More