Disable guest access for a few specific teams

Disable guest access for a few specific teams

Managing Guest Access to Azure Active Directory with PowerShell AzureADPreview Module


Installing PowerShell AzureADPreview Module

  1. To install the preview version of the PowerShell AzureADPreview module, use the command:
Install-module AzureADPreview
  1. If you have the General Availability version of the Azure AD PowerShell module (AzureAD) installed, uninstall it before installing the preview version by running the command:
Uninstall-Module AzureAD
  1. If you already have a preview version installed, run:
Install-Module AzureADPreview
to ensure you have the latest version.

Blocking Guest Access for a Specific Group

  1. To block guest access for a specific group, run the provided script in your PowerShell session, replace:
"<GroupName>"
With the name of the group you want to block guest access for.

  1. The script connects to AzureAD, gets the template for the group unified guest directory setting, creates a copy of the setting, sets
"AllowToAddGuests" to False
Gets the object ID of the group you specified, and creates a new AzureAD object setting with the updated copy of the directory setting and the group object ID.

  1. The script should look like this:
$GroupName = "<GroupName>"

1. Connect-AzureAD

2. $template = Get-AzureADDirectorySettingTemplate | ? {$_.displayname -eq "group.unified.guest"}
    $settingsCopy = $template.CreateDirectorySetting()
    $settingsCopy["AllowToAddGuests"]=$False
    $groupID= (Get-AzureADGroup -SearchString $GroupName).ObjectId
    New-AzureADObjectSetting -TargetType Groups -TargetObjectId $groupID -DirectorySetting $settingsCopy

  1. To verify that the script was executed correctly, run the second script provided, which should return values :
{class SettingValue { Name: AllowToAddGuests Value: False }}

  1. The verification script should look like this:
Get-AzureADObjectSetting -TargetObjectId $groupID -TargetType Groups | fl Values

  1. For more information, check out the Solutions2Share blog:

    • Related Articles

    • Enable guest access for a few specific teams

      Managing Guest Access to Azure Active Directory with PowerShell AzureADPreview Module Installing PowerShell AzureADPreview Module To install the preview version of the PowerShell AzureADPreview module, use the command: Install-module AzureADPreview ...
    • Migration from unmanaged teams to managed teams with Unmanaged Bot

      Preparation In order to ensure that the managing process runs smoothly, it is advisable to create an extra template and policy package for this process. This then contains only for the managed teams e.g. an extra lifecycle or naming conventions. To ...
    • Teams Manager SharePoint Provisioning

      Basic Information: Teams Manager can also be used to provision specific SharePoint content. To use this feature, however, you first need the Enterpreis license. Then the authorization must be activated and authorized via the Teams Manager interface ...
    • Teams Manager Understanding

      Here you can find a document of the Teams Manager understanding.
    • Provide users only Private Teams

      Basic Information With Microsoft Teams, both private and public teams can be created. Private teams are only visible and accessible to the members who were explicitly added, allowing for private conversations and file sharing among team members. ...