OneDrive & SharePoint integration with Azure AD B2B is a new Office 365 feature in preview. We'll begin rolling this preview out soon.
This message is associated with Microsoft 365 Roadmap ID 33415.
How does this affect me?
This integration is disabled by default during preview and so this roll out will not affect you unless you choose to opt-in.
This preview integrates external sharing in SharePoint and OneDrive with Azure AD B2B. This includes external sharing of files, folders, list items, document libraries and sites.
With this integration turned on, when a user shares an item in SharePoint or OneDrive with an external user then a Guest account is immediately created for that external user (if one does not already exist). As a result, any sign-in or conditional access policies in place in your organization will take effect on those external users.
We'll be gradually rolling out the ability to opt-in to the preview starting in late June, and the roll out will be completed worldwide by the end of July.
What do I need to do to prepare for this change?
Because this integration is off by default, while in preview, there is nothing you need to do to prepare for this change. However, once it exits preview next year then you will not be able to turn it off.
Advantages of Azure AD B2B
- Invited external users are each given an account in the directory and are subject to Azure AD access policies such as multi-factor authentication.
- Invitations to a SharePoint site use Azure AD B2B and no longer require users to have or create a Microsoft account.
- If you have configured Google federation in Azure AD, federated users can now access SharePoint and OneDrive resources that you have shared with them.
- SharePoint and OneDrive sharing is subject to the Azure AD organizational relationships settings, such as Members can invite and Guests can invite.
- Sign in to the Azure portal as an Azure AD global administrator.
- In the navigation pane, select Azure Active Directory.
- Under Manage, select Organizational Relationships.
- Select Settings.
- Under Enable Email One-Time Passcode for guests (Preview), select Yes.
- Click Save.
Opt in to the SharePoint and OneDrive integration with Azure AD B2B
Install the latest version of the SharePoint Online Services Module for Windows PowerShell (min version 8924.1200).
Connect to your tenant by using Connect-SPOService.
Run the following cmdlets:
Set-SPOTenant -EnableAzureADB2BIntegration $true
Set-SPOTenant -EnableAzureADB2BIntegration $true
Set-SPOTenant -SyncAadB2BManagementPolicy $true
Set-SPOTenant -EnableAzureADB2BIntegration $false.
(You can also opt out of the Azure AD passcode authentication preview.)
- Sign in to the Azure portal as an Azure AD global administrator.
- In the navigation pane, select Azure Active Directory.
- Under Manage, select Organizational Relationships.
- Select Settings.
- Under Enable Email One-Time Passcode for guests (Preview), select No.
- Click Save.
Content that was shared externally while the preview was enabled will need to be shared again with the specific external users.
Note that after preview, this feature will replace the ad-hoc external sharing experience used in OneDrive and SharePoint today for all tenants and you will not be able to opt out.
Note that after preview, this feature will replace the ad-hoc external sharing experience used in OneDrive and SharePoint today for all tenants and you will not be able to opt out.
No comments:
Post a Comment