LemonBits

  • Home
  • About
  • Contact me
Azure, Microsoft 365, Microsoft Teams, Office 365

Azure AD internal guest users

Frane Borozan - July 12, 2022

Did you know you can have an internal guest user? To be honest, I haven’t ever used an internal guest user, I would always use an internal account with fewer privileges (meaning giving access only to resources the account needs to have access to).

There are for types of the UserType property in the Azure AD:

  • External guest (external Azure AD account, social identity, or another external identity, this is a guest user we all know of and we use for the users that need to access our Azure AD)
  • Internal guest (has an account in your Azure AD directory, but only has guest level to your org, they have your organization email address)
  • External member (uses an external account to authenticate, but has member level access to your Azure AD, they don’t have your organization’s email address).
  • Internal member (regular user inside you Azure AD we all use, has your organization email address)

These are the users that are part of the B2B collaboration feature.

There is a new B2B direct connect feature, where you set up mutual trusts between Azure ADs (probably you remember this from before as trust relationship between domains – I am old I know), so users authenticate on their Azure AD, but because of trust, they are able to access resources in your Azure AD.

Below is the table I found with an excellent explanation of UserType property, how different users authenticate and what’s their relationship to your org.

Has anybody ever used an internal guest user, and if yes what would be the appropriate use case?

 0 0
Share Now

Frane Borozan

Helping SBC administrators kick-ass Google+

Leave a Reply Cancel Reply

Your email address will not be published. Required fields are marked *

Previous Post Pinned chat in Teams
Next Post #MicrosoftTeams module 4.6.0

Connect with me on

Latest Posts

  • Introducing Teams Client Health: Proactive Monitoring for Microsoft Teams

  • Tracking and monitoring user access in Microsoft Teams and Shared channels

    Restricted content discovery or how Copilot can see that site too?

  • SharePoint Agents: Revolutionizing Workplace Collaboration

  • Microsoft Data Security Posture Management for AI

  • SharePoint agents are very use to create and use

  • SharePoint Agents

  • BEWARE OF THE INACTIVE ONEDRIVE ACCOUNTS!!!

  • Microsoft’s version of the GenAI, Copilot is now available through WhatsApp

  • Control Copilot access to content

  • 🌟 Increasing Microsoft 365 Governance Adoption with custom solution branding🌟

Recent Comments

  • Nigel Sampath on Installing Remote Desktop Services 2016
  • Christoph Juli on VPN doesn’t work aka how to clear ARP cache on the computer when you connect to the VPN
  • Amir on The curious case of saved-critical Hyper-V machines in Hyper-V Manager or Incomplete VM Configuration in Virtual Machine Manager
  • Frane Borozan on Downloads folder slow to load/sort in Windows 10
  • güvenlik kamerası on Downloads folder slow to load/sort in Windows 10
  • Laki Lakovic on Opening group policy editor on a remote computer and forcing GP Update
  • Diane on Opening group policy editor on a remote computer and forcing GP Update
  • Manoj B on Differences between L1, L2, L3 system administrator guidlines
  • Travis Vroman on Teams slow
  • Yossi B on Remote Desktop Services Manager 2016
  • astha on SharePoint audit logs
  • Frane Borozan on Installing Remote Desktop Services 2016
  • Joe Zhou on Installing Remote Desktop Services 2016
  • Pino on Installing standalone Remote Desktop Gateway on the Windows Server 2012 R2 without complete Remote Desktop Services infrastructure
  • Eddy Wilson on Windows 10: Share a VPN Connection
  • haleybri.com on Remote Desktop Services Manager 2016
  • Atif on Remote Desktop Services Manager 2016
  • Tan Vu on KB2919355 The update is not applicable to your computer
  • Vinay on Installing Remote Desktop Services 2016
  • JOEL FERDY FEUBI TABOUE on KB2919355 The update is not applicable to your computer
  • Delmar on Installing standalone Remote Desktop Gateway on the Windows Server 2012 R2 without complete Remote Desktop Services infrastructure
  • Luke Welden on KB2919355 The update is not applicable to your computer
  • LM on Installing standalone Remote Desktop Gateway on the Windows Server 2012 R2 without complete Remote Desktop Services infrastructure
  • Anonymous987 on KB2919355 The update is not applicable to your computer
  • ANonyommus987 on KB2919355 The update is not applicable to your computer
  • Alan on Remote Desktop Services Manager 2016
  • Jagz on Installing Remote Desktop Services 2016
  • VG on SharePoint audit logs
  • VG on SharePoint audit logs
  • Kalle on SharePoint audit logs
  • 3 pandas on SQL Server security best practices
  • Kalle on SharePoint audit logs
  • Frane Borozan on Installing standalone Remote Desktop Gateway on the Windows Server 2012 R2 without complete Remote Desktop Services infrastructure
  • Erin Platt on Installing standalone Remote Desktop Gateway on the Windows Server 2012 R2 without complete Remote Desktop Services infrastructure
  • Tad Benoit on Remote Desktop Services Manager 2016

Copyright © 2023 Frane Borozan. All rights reserved