Cross-tenant access settings
2 Topics- Azure AD Direct Connect access deniedHi. We've set up Direct Connect for the first time between two of our tenants. We've configured the External Identities -> Cross-tenant access settings exactly the same on both. But on both we get this error message when attempting to access a Sharepoint site from each tenant: Here're the settings (same for both tenants): I cannot figure out why access would be blocked as these settings seem to be the most permissive possible. Thanks for your help.2.3KViews0likes7Comments
- Evaluating Azure Cross-Tenant Synchronization: Benefits and ConcernsWe’re looking into this Azure feature and how it would benefit the 4 tenants we manage. Reading MS learn and other articles, they highlight many of the benefits, but what about the got chas? Several areas of concern right off the bat are: How are users affected with devices not in Intune from one tenant (child - them) accessing a tenant with active CAPs (primary - us) that require compliant enrolled devices? Does the sync take precedence over the CAPs (Conditional Access Policies)? Are there any effects on guest user (b2b) access? How does this affect established SharePoint/OneDrive sharing access. Are the SP/OD sharing settings still in affect? When you sync identities, do you have granular control what gets synced and to what resources? https://learn.microsoft.com/en-us/entra/identity/app-provisioning/known-issues?pivots=app-provisioning#special-characters-are-not-supported-on-joining-properties brings up an issue with special characters. Our child tenants are in the EU, Africa, and in China that use them. Has anyone had issues? Thank you in advance sharing your experiences with this.250Views0likes3Comments