Introduction

This article provides a solution to the query raised by a user regarding the possibility of making exceptions to enforced policies for Teams, particularly concerning guest access which has been restricted by default as per department templates.

Issue Description

The user, Dario Nujic, inquired whether there was a method to exclude or modify an enforced policy for a specific Team that, by default, does not allow guest access due to departmental templates set within the organization.

Resolution Steps

PowerShell Script for Guest Access

• Solutions2Share Support provided a PowerShell script solution to enable guest access for a team that has been disabled due to enforced policies.
• The script involves installing the AzureADPreview module and updating settings for the specific group via Azure Active Directory (AzureAD).

Step-by-Step Script Execution

1. Install the AzureADPreview module using the PowerShell command Install-Module AzureADPreview.
2. Remove the general availability version of the AzureAD module if installed.
3. Run the provided PowerShell script, ensuring to replace "<GroupName>" with the actual name of the group.
4. Validate the execution of the script using the verification script provided.

Script Details

The script provided performs the following actions:

• Connects to AzureAD.
• Retrieves the template for the group unified directory setting.
• Creates a modified copy of the setting to allow guest access.
• Applies the updated setting to the specified group using its object ID.

Script Example

The main PowerShell script example is as follows:

$GroupName = "<GroupName>"
Connect-AzureAD
$template = Get-AzureADDirectorySettingTemplate | ? {$_.displayname -eq "group.unified.guest"}
$settingsCopy = $template.CreateDirectorySetting()
$settingsCopy["AllowToAddGuests"]=$True
$groupID= (Get-AzureADGroup -SearchString $GroupName).ObjectId
New-AzureADObjectSetting -TargetType Groups -TargetObjectId $groupID -DirectorySetting $settingsCopy

Verification Script Example

To verify the success of the script's execution:

Get-AzureADObjectSetting -TargetObjectId $groupID -TargetType Groups | fl Values

Additional Information

The Solutions2Share blog contains further details on blocking guest access for specific Teams in Microsoft Teams.

Conclusion

Adjusting policies for Teams requires executing specific PowerShell scripts as provided by the Solutions2Share Support Team. For any issues during the process or additional questions, users are encouraged to reach out to the support team.

Support

Users in need of assistance or experiencing similar issues should contact Solutions2Share Support. We are committed to offering guidance and support to navigate through policy adjustments and customizations.

Remember to provide feedback on the effectiveness of the solution. Your cooperation is crucial for us to improve service quality and performance.