Azure B2B guest users licensing question
Hello, I am working on Azure B2B in order to add guest users in my Azure AD tenant. I am wondering how to know the following information? https://docs.microsoft.com/en-us/azure/active-directory/b2b/licensing-guidance The document explains: "B2B guest user licensing is automatically calculated and reported based on the 1:5 ratio. Additionally, guest users can use free Azure AD features with no additional licensing requirements. Guest users have access to free Azure AD features even if you don’t have any paid Azure AD licenses." As reported here: https://azure.microsoft.com/en-us/pricing/details/active-directory/my guest users use only free Azure AD features, such as: User provisioning User and group management (add/update/delete) So my question is, the 1:5 ratio is also applied for free Azure AD features? Am I subject to this ratio even if guest users use free AAD features? Can I see somewhere on the portal if I exceed this limit? Thank you. Nicolas
MS Teams in Cross-Tenant synchronization
Hello! I am using Cross-Tenant synchronization (preview) to synchronize two tenants (A and B). I have created a configuration to send the users from Tenant A to Tenant B. In the "Provision Azure Active Directory Users" mapping, the "Usertype" attribute is set to Member and in the "showInAddressList" attribute is set to True. After these settings, in outlook the migrated users appear in the GAL/search bar and work perfectly, showing data, status and sending e-mails normally. In Microsoft Teams, the migrated users appear in the GAL with all their data, but no status and the messages do not arrive at their destination. Is this normal for the tool? If yes, is there any way to hide these migrated users only in Ms Teams? I am worried about the end user sending messages to these migrated users and not being able to contact them. Regards,Can a Guest User Log Into WIndows 10 AAD Joined Machine?
I have added Guest user from don.quixote@windmill.com (which is an AAD tenant) to the AAD tenant holygrail.com I have made don.quixote@windmill.com a global admin on holygrail.com Can AAD tenant holygrail.com guest user don.quixote@windmill.com log into a Windows 10 machine which is joined to holygrail.com as guest user don.quixote@windmill.com ? because this use case does not work for me so would appreciate either no this doesn't work in Windows 10 and despite the terabytes of documentation on Azure B2B, it isnt referring to this core feature that is soul crushing me or ….Yes and here is the procedure other than what I have done above.... much appreciated.External Guest User licensing demystified
HI To looking at https://docs.microsoft.com/bs-latn-ba/azure/active-directory/b2b/licensing-guidance could I confirm the following please: The fact my guest users each have an Azure P1 license on their source tenant is irrelevant. On the target tenant they can be freely invited and not need additional licenses. Again if we rely on the MFA setup on their target tenant we still don't need additional licences If we want each external user to be a member of a dynamic AD group on the target tenant, then an additional Azure AD P1 license is required for on the target tenant, for every 5 guest users. Again as with point 4) if we wanted to enable MFA on our target tenant for all guest users .
Invitation redemption failed
We have started getting "Invitation redemption failed An error has occurred. Please retry again shortly." error for newly invited gmail users. This was working perfectly fine last week. We have raised ticket with Microsoft however they are still investigating. Can someone please assist here. Thanks, ManojAllowing an external org to access my application (registered in azure ad) with their credentials?
Hi all, I have created a single tenant application that works well for my organisation, however I need to add another organisation (external) to be able to use my application. The organisation that I want to add has an Azure AD. Hence my goal is to enable for people from the 2nd organisation to be able to sign into my app without needing to register. How am I suppose to go about this? I've looked into the "app registrations" page but have not seen such ability and I've looked online to find a solution to this problem to no avail. I'm aware I will need to change the application to "multi-tenant" and also change the urls from tenant specific to /common. However, I have no idea how to go about enabling a specific organisation to be able to access my application (while not allowing other orgs) and use my app after signing on using their microsoft org credentials without registration. I'm looking for suggestions on how I should go about this, or a resource I can use to do this as I'm a bit lost on how to do this - still a bit of a noobie with Azure AD. Appreciate any help! Thanks,
Lost access to B2B organization after tenant migration
Hi. We recently migrated to a new tenant. Several users, including myself, have lost access to other organizations' Team(s) they were invited to. Our tenant name changed (and of course our onmicrosoft.com email addresses), but not our company email addresses. Using the original redemption email link does not work. I am assuming now that these are connected to the tenant and not just the email. How can we gain access to our external partners? (We are not all accessing the same company.) I also assume the organization will have to reinvite people. But how would they go about doing that? Looking at our own Azure AD and external profiles, I do not see a way to resend an invitation. TIA (Edited to update title)Cross-tenant synchronization unable to provisioning group
Hello, I'm trying to sync some groups from a tenant to another, but the log return this error: Result Skipped Description Group '31d81b35-5725-40f5-9242-02a100363959' will be skipped. EntityTypeNotSupported SkipReason EntityTypeNotSupported ReportableIdentifier 31d81b35-5725-40f5-9242-02a100363959 This issue occurs with any kind of group, m365 or security. Users seems works. What could I do to address this issue?
