03-23-2020 04:07 PM
03-23-2020 04:07 PM
I'm working at a university where we run two tenants, one for staff and one for students. The student tenant was set up for "Microsoft Azure Dev Tools for Teaching" but has not been used for anything else. The staff tenant has been pretty much dormant, because we don't trust the cloud and try to avoid using it.
Today everybody is excited about getting Teams up and running for collaboration, so we want teams accessbile by both staff and students.
I basically found two options. External access, related to sykpe for business (?), but limited. No group chat, etc. so not really what we are looking for. Guest users (at AAD) level sound way better, but there is a catch: inviting 20.000 students to our staff tenant isn't fun, getting them all to accept those invitations, etc. Invition staff to the students tenant isn't much better (but less staff than students...).
All I see is problems while my boss is hoping for solutions. ;)
Putting all students in the staff tenant and ditching the student tenant might sound like the way to go, but there are compliance requirements that are easier to meet if those tenants stay separated. At least as far as I can tell.
Would be nice if I could both invite and accept guest users. Like adding educatinoal staff to the student tenant as guest without the invitation process, since staff hired to teach the students can be told to accept the invitation to the student tenant anyway, so why bother with the process? ;) I control both tenants anyway.
Basically I'm looking for the least bad option. Teams has some more guest options than AAD, that's why I post here.
By the way, we run local AD but it is not connected to the tenants in AAD. No directory synchronisation, no ADFS. Both tenants are managed by our IDM-system and federated with Shibboleth.
Any help would be greatly appreciated
by Bradley Wood on May 20, 2020
by Gary Bushey on May 20, 2020