Azure B2B Multiple Office Tenancies For an Organization

%3CLINGO-SUB%20id%3D%22lingo-sub-175008%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20B2B%20Multiple%20Office%20Tenancies%20For%20an%20Organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-175008%22%20slang%3D%22en-US%22%3EHi%20dean%20do%20you%20have%20any%20documentation%20links%20that%20shows%20the%20sharepoint%20permissions%20external%20users%20can%20have%20please.%20I%20would%20like%20them%20to%20have%20contribute%20or%20even%20create%20site%20permissions%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-175005%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20B2B%20Multiple%20Office%20Tenancies%20For%20an%20Organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-175005%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20dean%20in%20office%20365%26nbsp%3Bsharepoint%20there%20are%20scenarios%20where%20you%20do%20not%20want%20people%20to%20be%20able%20to%20see%20other%20people%20-%20for%20example%20the%20people%20picker.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIn%26nbsp%3Bsharepoint%20online%20the%20people%20picker%20shows%20everyone%20in%20the%20azure%20ad%20that%20is%20mapped%20to%20it.%20There%20is%20no%20way%20to%20lock%20it%20down%20to%20say%20organisational%20units%20like%20in%20sp%20on%20premise.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThis%20is%20one%20of%20the%20drivers%26nbsp%3Bfor%20looking%20at%20another%20tenancy.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20hope%20I%20have%20explained%20the%20issue.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-174987%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20B2B%20Multiple%20Office%20Tenancies%20For%20an%20Organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-174987%22%20slang%3D%22en-US%22%3E%3CP%3EIf%20you%20already%20have%20an%20Office%20tenant%2C%20why%20do%20you%20want%20another%20one%3F%20they%20will%20be%20totally%20disconnected%20and%20you%20will%20have%20to%20do%20duplicate%20admin%20tasks.%20It%20would%20be%20much%20easier%20to%20just%20enable%20external%20sharing%20on%20dedicated%20sharepoint%20sites%20in%20your%20existing%20Office%20365%20tenant.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EYou%20state%20that%20users%20of%20the%20new%20tenancy%20already%26nbsp%3Bexist%20in%20separate%20Azure%20AD%20directories.%20How%20can%20you%20know%20that%20for%20all%20of%20your%20customers%3F%20are%20these%20directories%20that%20you%20manage%20or%20that%20your%20customers%20manage%3F%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EB2B%20is%20good%20if%20you%20know%20who%20you%20are%20going%20to%20work%20with%20and%20want%20to%20preload%20a%20bunch%20of%20accounts.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThis%20should%20be%20helpful%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fsupport.office.com%2Fen-us%2Farticle%2Fshare-your-office-365-sites-with-external-users-89502322-bfbb-43d6-9207-4030f8ce26e0%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fsupport.office.com%2Fen-us%2Farticle%2Fshare-your-office-365-sites-with-external-users-89502322-bfbb-43d6-9207-4030f8ce26e0%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIn%20general%20B2B%20Guests%20can%20do%20whatever%20they%20are%20authorized%20to%20do%20by%20the%20person%20who%20invites%20them%2Cwith%20some%20restrictions%20of%20course.%20In%20SharePoint%2C%20they%20can%20be%20granted%20edit%20or%20read%20permissions%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThis%20may%20be%20helpful%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Factive-directory-b2b-what-is-azure-ad-b2b%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Factive-directory-b2b-what-is-azure-ad-b2b%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-174972%22%20slang%3D%22en-US%22%3EAzure%20B2B%20Multiple%20Office%20Tenancies%20For%20an%20Organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-174972%22%20slang%3D%22en-US%22%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EHi%20We%20are%20looking%20at%20a%20scenario%20where%20we%20want%20to%20create%20an%20additional%20Office%20365%20tenancy%20for%20staff%20and%20customers%20to%20collaborate%20in%20primarily%20using%20SharePoint%20.%20The%20users%20of%20this%20tenancy%20will%20already%20exist%20in%20separate%20azure%20ad%20directories.%20So%20we%20will%20have%20to%20add%26nbsp%3Ball%20users%26nbsp%3Bas%20Azure%20B2b%20guests%20in%20the%20new%20tenancy.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ECan%20somebody%20give%20me%20an%20overview%20of%20the%20limitations%20of%20what%26nbsp%3BAzure%20B2b%20guests%20can%20and%20cant%20do%20and%20what%20the%20roadmap%20is%3F%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3Ethanks%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-174972%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EB2B%20collaboration%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Occasional Contributor

 

Hi We are looking at a scenario where we want to create an additional Office 365 tenancy for staff and customers to collaborate in primarily using SharePoint . The users of this tenancy will already exist in separate azure ad directories. So we will have to add all users as Azure B2b guests in the new tenancy.

 

Can somebody give me an overview of the limitations of what Azure B2b guests can and cant do and what the roadmap is?

 

thanks

 

 

3 Replies

If you already have an Office tenant, why do you want another one? they will be totally disconnected and you will have to do duplicate admin tasks. It would be much easier to just enable external sharing on dedicated sharepoint sites in your existing Office 365 tenant. 

 

You state that users of the new tenancy already exist in separate Azure AD directories. How can you know that for all of your customers? are these directories that you manage or that your customers manage?

 

B2B is good if you know who you are going to work with and want to preload a bunch of accounts. 

 

This should be helpful https://support.office.com/en-us/article/share-your-office-365-sites-with-external-users-89502322-bf...

 

In general B2B Guests can do whatever they are authorized to do by the person who invites them,with some restrictions of course. In SharePoint, they can be granted edit or read permissions

 

This may be helpful https://docs.microsoft.com/en-us/azure/active-directory/active-directory-b2b-what-is-azure-ad-b2b

 

 

Hi dean in office 365 sharepoint there are scenarios where you do not want people to be able to see other people - for example the people picker.

 

In sharepoint online the people picker shows everyone in the azure ad that is mapped to it. There is no way to lock it down to say organisational units like in sp on premise.

 

This is one of the drivers for looking at another tenancy. 

 

I hope I have explained the issue.

Hi dean do you have any documentation links that shows the sharepoint permissions external users can have please. I would like them to have contribute or even create site permissions