New Feature: Guest Management through admin portals

Microsoft

We are happy to announce the world wide roll-out of Guest management features in Office admin portals.

With guest access we have democratized the way people collaborate with external users and since its launch 6 months ago, it’s an extremely popular feature among the 10 million people using groups in Outlook every month. It is important for IT Admins to manage guest users in safe and secure way. We have provided controls for IT admins to manage guests in portal & now we are rolling out Guest user management features in Exchange Admin Center(EAC) & Office Admin Center(OAC) where you can 

  • View & filter Guest users
  • Add existing guests to Group through portal

Here is the link to the detailed documentation: https://support.office.com/en-us/article/manage-guest-access-in-office-365-groups-9de497a9-2f5c-43d6...

 

Thanks,

Sahil

15 Replies

Good stuff Sahil! Keep it coming!

We were already aware of this at the Change Alerts Group :-)...but we were missing this official announcement...ey @Vasil Michev then the Guest users option had not been there for so long time :) 

It would be nice to see who invited them and what they have access to. But great start. I would say that 100% of the time , we have customers wanting to know "who invited this user" or "What site do they have access to"
Been waiting for this one!:thumbs_up::)

Good progress! I am missing the option to search for guest users  in the list, which is there for active users.

We have many guest users and scrolling is not a very good option....

And in addition to that, we are very much looking forward to the feature where Group admins can only add external users that already exist in Azure AD and not invite random external users.

 

It seems the Office 365 admins now have that capability.

 

Any plans to extend that to Group admins, @Sahil Arora?

Joost Koopmans wrote:

And in addition to that, we are very much looking forward to the feature where Group admins can only add external users that already exist in Azure AD and not invite random external users.


You already this feature where group owners can only add existing guests in the directory, all you have to do is this:


Turn off the following switch under Admin Center > Home > Security & Privacy > Sharing:

"Let users add new guests to the organization"

 

Turn on the following switches under Admin Center > Home > Services & add-ins > Office 365 Groups:

"Let group members outside the organization access group content"

"Let group owners add people outside the organization to groups"

We have those settings already as you describe. However when we try to add externals that already exist we get the error message 'There was a problem adding one or more people to the group. For help, contact your administrator'.

 

I guess we need to raise a ticket?


@Joost Koopmans wrote:

I guess we need to raise a ticket?


Please do.


@davidpetree1 wrote:
It would be nice to see who invited them and what they have access to. But great start. I would say that 100% of the time , we have customers wanting to know "who invited this user" or "What site do they have access to"

Agree with David. I would also like to know who invited the user and via which site or object the guest access is shared.

 

Is there by any chance already a Uservoice idea which I can upvote? ;)

A year on, I have the same question.  Does this functionality exist anywhere?

You can see who invited guest via Azure portal(portal.azure.com). Azure B2B is the common platform used by Microsoft applications to invite guests.

 

To see who invited guest: Go to Azure portal->AAD->Audit logs; For reference see the screen below.

Picture1.png

Thanks for that, useful to know.

 

However, unless I'm missing something, its use is limited, due to relatively short life of audit logs.  A number of months or years after an account was created, how do I track down any information about it?

Is there an updated link to documentation?

 

Sahil's link above to "detailed documentation" isn't working.