Forum Discussion
Azure AD B2B SharePoint on Premise using Groups
Now Azure AD Groups are transmitted as Roles-Claim to SharePoint. The only thing we changed was the AzureCP configuration (Claims Provider) by removing the UPN Claim, so that only EmailAddress and Role is used as Claim types mapped to Azure objects.
MicrosoftInorder for B2B users to access OnPrem applications, you need to:
1. Set up App proxy for Authentication to work
2. Write back B2B users to OnPremises for Authorization to work
We are working on making this more seamless in the future.
My understanding the user writeback is no longer supported in Azure AD Connect
Hi
I don't know how you solved this but I'm using accounts defined in AzureAD (members and B2B guests), putting them in Azure groups (usage of AzureCP to see them in People Picker). The "Role" claim with the Azure group will appear in the claims associated to the user for Azure AD members and Azure AD Guest but only when defined as Microsoft Account (= source). When the source is "Azure AD External", it won't appear. Any idea ?
- What method do you use to publish the on-prem SharePoint to Azure AD for the purposes of Azure B2B Collaboration?
I made a post here about it. If you want to take a minute and chime in.
https://techcommunity.microsoft.com/t5/Azure-Active-Directory-B2B/Azure-B2B-Collaboration-and-SharePoint-Server-2016/m-p/219081#M425
