SPF, DKIM and DMARC bypassed for guest users
I manage a small non-profit using Microsoft 365 Business Basic. Most of the people on our board of directors are added as unlicensed guest users so that they can participate in Teams chats and meetings and to access our Sharepoint without using up a license. The problem: any email sent from an internal licensed user (or shared mailbox) to one of these guest users completely bypasses our domain's SPF, DKIM and DMARC configuration, resulting in bounced emails (particularly for recipients using gmail). Mail sent from an internal licensed user to any external address NOT registered as a guest user correctly passes SPF, DKIM and DMARC checks. I gather that this is because guest users are viewed as "internal" despite having external email addresses, but it seems like a serious limitation if I cannot reliably send email to anyone who is a guest user. Is there any extra configuration I can do to enable SPF, DKIM and DMARC for email to guest users?
Microsoft 365 Windows 11 external user or guest user sign in
Consider the following situation: CompanyA has a Microsoft 365 tenant with licensed users. CompanyA has a business relationship with CompanyB which also has a Microsoft 365 tenant. All of CompanyB's Windows 11 Pro computers are Entra ID joined and Intune enrolled. All of CompanyB's users have Microsoft 365 Business Premium licenses. An employee of CompanyA is stationed at CompanyB's office and needs to use one of CompanyB's computers as his primary computer. How would a technician have to configure things so that CompanyA user can sign into CompanyB's Windows 11 Pro computer and work like normal? I've done some reading online but most of the articles focus on access to cloud resources, whether that be Microsoft Teams or Entra Enterprise Apps or similar resources. I haven't found an article touching on Windows 11 sign in. Matthew
Guest Access for iOS??
We rolled out Microsoft Teams and Planner for a project at our organization. We have guest access turned on and enabled across Teams and Planner and everything seems to be working well. However, we noticed that our guest users do not seem to be able to access Planner thru the iOS app on their phone. It just says "Can't open link - You either don't have access to this item or it has been deleted" Is this a settings issue or something that isn't available on the iOS app yet?
Can't invite deleted Guest User "We ran into an issue. Please try again later."
Good morning Microsoft community We have to delete an Guest-User from our AD and reinvite the Guest-User into a team - the reason is a workaround for a PowerBI problem. I have a short, but for me an unsolveable question: I deleted the Guest-User and permanently deleted him inside of the "deleted users". After more than 24h i tried to reinvite him into a team. What now happens, is that he still get listed in the memberdropdown menu and if i click on him, the following message appears. As information: I cant just type his mailadress inside the invitation-box, without picking his saved mailadress from the dropdown-list - otherwise it doesn't recognize a new guest-user. I hope someone can help me. Thank you very much! Kind regards B_GenRecommendation - Microsoft 365 authorisation concepts - Part 1
[New Blog Post] *PART 1!* I have put a new article online. This article is divided into two parts. In these two parts, you will learn the most important things about #AdministrativeUnits in #EntraID. What needs to be considered when creating an authorization concept. https://www.msb365.blog/?p=5495 #MVPsummit #M365 #Microsoft365 #CommunityRocksHow to Purge Guest Accounts with Unredeemed Invitations from Azure AD
It’s easy to invite people to become guest users in a Microsoft 365 tenant, but some of the invitees never accept the invitation. Perhaps they don’t need to redeem the invitation to do work or maybe it’s because they don’t want to. In either case, Azure AD guest accounts with unredeemed invitations can accumulate and become stale. In this post, we discuss how to use PowerShell to find and remove those stale accounts in a safe manner. https://office365itpros.com/2023/02/07/azure-ad-guest-accounts-unredeemed/Adding QR Codes to Microsoft Authenticator for Azure AD Guest Accounts
Getting a new device means that some work must be done to ensure that apps work. This article explains how to add QR codes to the Microsoft Authenticator app so that the app has the credentials to respond to MFA challenges. We cover how to get QR codes for Azure AD accounts and how to do the same for guest accounts in other Microsoft 365 tenants. https://office365itpros.com/2023/01/04/microsoft-authenticator-app-qr/
