Disable guest access for a few specific teams
Managing Guest Access to Azure Active Directory with PowerShell AzureADPreview Module
Installing PowerShell AzureADPreview Module
- To install the preview version of the PowerShell AzureADPreview module, use the command:
Install-module AzureADPreview
- If you have the General Availability version of the Azure AD PowerShell module (AzureAD) installed, uninstall it before installing the preview version by running the command:
Uninstall-Module AzureAD
- If you already have a preview version installed, run:
Install-Module AzureADPreview
to ensure you have the latest version.
Blocking Guest Access for a Specific Group
- To block guest access for a specific group, run the provided script in your PowerShell session, replace:
"<GroupName>"
With the name of the group you want to block guest access for.
- The script connects to AzureAD, gets the template for the group unified guest directory setting, creates a copy of the setting, sets
"AllowToAddGuests" to False
Gets the object ID of the group you specified, and creates a new AzureAD object setting with the updated copy of the directory setting and the group object ID.
- The script should look like this:
$GroupName = "<GroupName>"
1. Connect-AzureAD
2. $template = Get-AzureADDirectorySettingTemplate | ? {$_.displayname -eq "group.unified.guest"}
$settingsCopy = $template.CreateDirectorySetting()
$settingsCopy["AllowToAddGuests"]=$False
$groupID= (Get-AzureADGroup -SearchString $GroupName).ObjectId
New-AzureADObjectSetting -TargetType Groups -TargetObjectId $groupID -DirectorySetting $settingsCopy
- To verify that the script was executed correctly, run the second script provided, which should return values :
{class SettingValue { Name: AllowToAddGuests Value: False }}
- The verification script should look like this:
Get-AzureADObjectSetting -TargetObjectId $groupID -TargetType Groups | fl Values
- For more information, check out the Solutions2Share blog:
Related Articles
Enable guest access for a few specific teams
Managing Guest Access to Azure Active Directory with PowerShell AzureADPreview Module Installing PowerShell AzureADPreview Module To install the preview version of the PowerShell AzureADPreview module, use the command: Install-module AzureADPreview ...Guest Access Restrictions in Teams Manager
Introduction This article addresses the management of guest access restrictions in Teams Manager and how they correlate to the use of External User Manager. Problem Description A scenario has been identified where there may be confusion about adding ...Resolving Issues with Disabling Guest Access in Teams Manager
Introduction This article addresses a common issue encountered in Teams Manager where administrators find that they cannot disable the 'Guest Access' option during the team creation process. The article provides a step-by-step guide to resolve this ...Inviting External Users to a Team with Guest Access Disabled
Introduction This article explains how to invite guests to a Microsoft Teams team that has guest access disabled, using the External User Manager (EUM). Problem Statement In instances where a team within Microsoft Teams has the guest access option ...Providing Access to Create Teams in Teams Manager
Introduction This article describes how to provide users with access to create teams within Teams Manager. This capability is essential for team leads and project managers in managing their teams and projects effectively. Problem Statement The user ...