Microsoft Prepping Tools for Guest Access to Office 365 Groups

Microsoft this week rolled out the ability to permit or block guest access to Office 365 groups, but the feature appears to be at a rudimentary test level.

The idea is to permit guest access to users outside an organization so that they can communicate via groups. IT pros can run PowerShell scripts to either block group access for users of specific domains or allow access, according to the announcement. It's an either/or proposition. They can either create a list that allows guest access or create a list that blocks guest access. It's not possible to set up both lists, according to Microsoft's documentation.  

Once configured, it's possible to invite users to most Office 365 groups.

"This policy works for all workloads with Guest access through O365 Groups such as Outlook, Teams & Planner in future," Microsoft's announcement explained.

This Office 365 guest access configuration capability also will be coming to the Office Admin Portal, so it will be available for IT pros in the more user friendly graphical user interface (GUI) form. It'll be available "soon" in the Office Admin Portal, Microsoft's announcement indicated.

However, it seems that the GUI version can't come soon enough. Readers of Microsoft's announcement, such as Vasil Michev, a Microsoft MVP, complained that they will have to check through a long PowerShell script before using it to make a settings change. He requested making it easier for IT pros to work with JSON functions within PowerShell scripts, plus Microsoft should provide examples on how to run the cmdlet.

Microsoft MVP Tony Redmond also noted in the comments that the new PowerShell script isn't signed by Microsoft.

"Running unverified scripts is not a habit that we should encourage, even if the script comes from Microsoft," Redmond wrote.

It turns out that Microsoft has only provided a reference script at this point, according to Sahil Arora of the Microsoft Tech Community.

"This is a representative script for IT admins to use as a reference while crafting their own based on their organization requirements," Arora wrote. "It is not a downloadable script. The downloadable link will be provided to you in few days, which will be signed by Microsoft."

The Azure Active Directory Module preview for Windows PowerShell is required to use the feature. The setup, as described, seemed a bit crazy. It consists of a series of installs and uninstalls.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


comments powered by Disqus

Subscribe on YouTube