*
en | de
All Content
Timespan
explore our new search
​
Azure AD Guest Management
Microsoft Entra
Apr 3, 2023 2:00 PM

Azure AD Guest Management

by HubSite 365 about John Savill's [MVP]

Principal Cloud Solutions Architect

Pro UserMicrosoft EntraSecurityM365 Hot News

A look at technologies and practices to maintain guests in your Azure AD tenant. 🔎 Looking for content on a particular topic? Search the channel. If I have som

A look at technologies and practices to maintain guests in your Azure AD tenant.

Azure AD Guest Management is a feature in Microsoft’s cloud-based identity and access management platform that allows organizations to securely manage external users and their access to corporate resources. It enables an organization to easily add, manage, and remove guest users from their Azure AD tenant. Organizations can also apply policies to control access to corporate resources by guest users. Additionally, it can be used to audit guest user activity, including logins and access to corporate resources. Azure AD Guest Management provides a secure and easy way for organizations to collaborate with external users.

In this Video

  • 00:00 - Introduction
  • 01:21 - User object attributes
  • 09:29 - Guest restrictions
  • 14:03 - External collaboration settings
  • 17:50 - Cross-tenant access settings
  • 20:17 - Redemption and consent
  • 21:48 - Guest licensing
  • 26:36 - Provisioning guests
  • 31:35 - Entitlement management
  • 38:06 - Access control
  • 51:12 - Using custom attributes
  • 54:17 - Hygiene of guests
  • 55:21 - Access Reviews
  • 1:00:54 - Script to help
  • 1:01:52 - Summary

Whiteboard:

[https://github.com/johnthebrit/RandomStuff/raw/master/Whiteboards/]

â–º Restrict guest permissions:

[https://learn.microsoft.com/azure/active-directory/enterprise-users/users-restrict-guest-permissions]

â–º Cross-tenant access:

[https://learn.microsoft.com/azure/active-directory/external-identities/cross-tenant-access-overview]

â–º AAD External identity pricing:

[https://azure.microsoft.com/pricing/details/active-directory/external-identities/]

â–º External user access reviews:

[https://learn.microsoft.com/azure/active-directory/governance/access-reviews-external-users]

â–º Identity protection with guest users:

[https://learn.microsoft.com/azure/active-directory/identity-protection/concept-identity-protection-b2b]

â–º Clean-up stale guest users:

[https://learn.microsoft.com/azure/active-directory/enterprise-users/clean-up-stale-guest-accounts]