Microsoft Teams: Communication with Users from Other Organizations

By /

Listen to this Post

Microsoft Teams provides two main options for collaborating with people outside your organization: external access and guest access. The choice between these options depends on the level of interaction and collaboration desired with external users.

External Access vs. Guest Access

  • External Access (Federation): Allows users from other Teams organizations to communicate with your team (chat, call, and set up meetings). However, they cannot access team channels or shared files.
  • Guest Access: Permits external users to join teams and channels, collaborate on files, and participate in meetings as full members.

You Should Know:

1. Enabling External Access in Teams

By default, external access is enabled in Teams. To verify or modify settings:
– PowerShell Command: 

Get-CsExternalAccessPolicy
Set-CsExternalAccessPolicy -Identity Global -EnableFederationAccess $true

2. Configuring Guest Access

To allow guest access in Teams:

  • Microsoft Teams Admin Center:
    Navigate to Org-wide settings > Guest access and enable “Allow guest access in Teams”.
  • PowerShell Command: 
    Set-CsTeamsClientConfiguration -AllowGuestUser $true
  1. Managing External Sharing in SharePoint (for File Collaboration)
    Since Teams relies on SharePoint for file storage, ensure external sharing is configured:

– SharePoint Admin Command: 

Set-SPOSite -Identity <SiteURL> -SharingCapability ExternalUserAndGuest

4. Restricting External Domains (Security Best Practice)

To limit collaboration to trusted domains:

  • Teams Admin Command: 
    New-CsAllowedDomain -Identity "example.com"

5. Monitoring Guest Users

To list all guest users in your tenant:

  • Microsoft Graph API (PowerShell): 
    Get-AzureADUser -Filter "userType eq 'Guest'" | Select DisplayName, UserPrincipalName

6. Revoking Guest Access

To remove a guest user:

  • PowerShell Command: 
    Remove-AzureADUser -ObjectId <GuestUserID>

What Undercode Say

Microsoft Teams offers powerful collaboration tools, but security should never be overlooked. Always:
– Audit guest access regularly (Get-AzureADUser -Filter "userType eq 'Guest'").
– Use conditional access policies (New-AzureADMSConditionalAccessPolicy).
– Monitor sign-in logs (Get-AzureADAuditSignInLogs).
– Restrict file sharing via SharePoint (Set-SPOSite -Identity <SiteURL> -SharingCapability Internal).
– Enforce MFA for guests (Set-AzureADUser -ObjectId <GuestUserID> -StrongAuthenticationRequirements @{}).

For deeper security, integrate Azure Sentinel for threat detection or use `Get-MgRiskDetection` (Microsoft Graph) to assess risky sign-ins.

Expected Output:

A well-configured Teams environment with controlled external collaboration, ensuring productivity without compromising security.

Reference: Microsoft Teams: Communication with Users from Other Organizations

References:

Reported By: Juliaoribeiro Microsoft – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Related Posts: