External collaboration settings available in the Azure AD blade

%3CLINGO-SUB%20id%3D%22lingo-sub-183836%22%20slang%3D%22en-US%22%3EExternal%20collaboration%20settings%20available%20in%20the%20Azure%20AD%20blade%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-183836%22%20slang%3D%22en-US%22%3E%3CP%3EHave%20you%20checked%20the%20new%20sharing%20controls%20available%20in%20the%20Azure%20AD%20blade%3F%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20482px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F32457i9A273D69EF01F766%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22sharingAAD.png%22%20title%3D%22sharingAAD.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThose%20are%20not%20the%20SharePoint%2FODFB%20settings%2C%20but%20the%20new%20service-wide%20controls%20which%20we%20first%20discussed%20here%3A%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FOffice-365-Groups%2FNew-Feature-Announcement-PowerShell-support-of-Allow-Block-guest%2Ftd-p%2F92423%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FOffice-365-Groups%2FNew-Feature-Announcement-PowerShell-support-of-Allow-Block-guest%2Ftd-p%2F92423%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI'm%20pleasantly%20surprised%20that%26nbsp%3BMicrosoft%20has%20actually%20listened%20to%20feedback%20and%20provided%20a%20nice%20UI%20set%20of%20controls%20for%20this.%20They%20obviously%20have%20some%20additional%20work%20to%20do%2C%20but%20the%20fact%20that%20we%20don't%20have%20to%20deal%20with%20that%20crappy%20syntax%20anymore%20is%20a%20huge%20win%20in%20my%20book%20%3A)%3C%2Fimg%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThe%20documentation%20has%20also%20been%20updated%20accordingly%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Factive-directory-b2b-allow-deny-list%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Factive-directory-b2b-allow-deny-list%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-183836%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-198631%22%20slang%3D%22en-US%22%3ERe%3A%20External%20collaboration%20settings%20available%20in%20the%20Azure%20AD%20blade%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-198631%22%20slang%3D%22en-US%22%3E%3CP%3EThat's%20a%20setting%20on%20the%20%22service%22%20level%2C%20the%20SPO%20ones%20are%20just%20for%20SPO.%20They%20are%20not%20necessarily%20related%2C%20but%20if%20you%20configure%20the%20Azure%20AD%20one%2C%20it%20should%20also%20apply%20to%20SPO.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-198547%22%20slang%3D%22en-US%22%3ERe%3A%20External%20collaboration%20settings%20available%20in%20the%20Azure%20AD%20blade%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-198547%22%20slang%3D%22en-US%22%3E%3CP%3EAs%20a%20question%20of%20process%2C%20does%20this%20set%20of%20settings%20supersede%20SPO%2FODFB%20sharing%20settings%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20are%20planning%20an%20automated%20process%20for%20our%20company%2C%20and%20don't%20know%20whether%20to%20use%20the%20current%20SPO%20sharing%20settings%20or%20default%20to%20this%20for%20all%20future%20use.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-184176%22%20slang%3D%22en-US%22%3ERe%3A%20External%20collaboration%20settings%20available%20in%20the%20Azure%20AD%20blade%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-184176%22%20slang%3D%22en-US%22%3E%3CP%3Ethat%20is%20great%20only%20it%20would%20have%20been%20clearer%20to%20say%20tenant%20admins%20instead%20of%20admins%20who%20also%20could%20be%20team%20admins%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1838164%22%20slang%3D%22en-US%22%3EIs%20auto%20sync%20with%20B2B%20tenant%20%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1838164%22%20slang%3D%22en-US%22%3E%3CP%3EDear%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F58%22%20target%3D%22_blank%22%3E%40Vasil%20Michev%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20two%20tenants%20in%20Azure%20AD.%20One%20is%20XX.onmicrosoft.com%20and%20another%20is%20YY.onmicrosoft.com.%20My%20requirement%20is%2C%20how%20can%20I%20sync%20all%20B2B%20user%20without%20adding%20as%20a%20guest%20user.%20Only%20those%202%20domain%20can%20share%20documents%20easily.%20Plz%2C%20suggest.%20Is%20it%20possible%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E
MVP

Have you checked the new sharing controls available in the Azure AD blade?

 

sharingAAD.png

 

Those are not the SharePoint/ODFB settings, but the new service-wide controls which we first discussed here: https://techcommunity.microsoft.com/t5/Office-365-Groups/New-Feature-Announcement-PowerShell-support...

 

I'm pleasantly surprised that Microsoft has actually listened to feedback and provided a nice UI set of controls for this. They obviously have some additional work to do, but the fact that we don't have to deal with that crappy syntax anymore is a huge win in my book :)

 

The documentation has also been updated accordingly: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-b2b-allow-deny-list

4 Replies

that is great only it would have been clearer to say tenant admins instead of admins who also could be team admins :)

As a question of process, does this set of settings supersede SPO/ODFB sharing settings?

 

We are planning an automated process for our company, and don't know whether to use the current SPO sharing settings or default to this for all future use.

That's a setting on the "service" level, the SPO ones are just for SPO. They are not necessarily related, but if you configure the Azure AD one, it should also apply to SPO.

Dear @Vasil Michev 

 

I have two tenants in Azure AD. One is XX.onmicrosoft.com and another is YY.onmicrosoft.com. My requirement is, how can I sync all B2B user without adding as a guest user. Only those 2 domain can share documents easily. Plz, suggest. Is it possible?