There are a lot of of settings available in a Microsoft 365 Tenant which were responsible for guest access. To manage guest Access in Teams you have to adjust different settings. At least the Azure AD external Collaboration Settings, the SharePoint Sharing Policies & Settings and the Teams Guest Access Settings are relevant. If you’re… Weiterlesen Microsoft Teams – Fulfill Advanced Guest Access Requirements
Kategorie: Azure Active Directory
Another Microsoft Teams Governance Approach – Using Azure AD Identity Governance

Since Microsoft published the Request a Teams App Solution on github ( https://github.com/OfficeDev/microsoft-teams-apps-requestateam ), I stopped all my „ambitions“ to create my own deployment tool for Microsoft Teams, because it´s designed very well and especially the PowerApp-Part is better than I could ever build it. So I concentrated on other Governance topics than the creation… Weiterlesen Another Microsoft Teams Governance Approach – Using Azure AD Identity Governance
Advanced Conditional Access Use Cases – Part 2: Controlling the actions in a session
After my introduction to Policy Design for Conditional Access and the integration of Risk Based Conditional Access I would like to deal with the first session controls today. While all other policies so far were concerned with the question of whether an access is allowed or not, session controls define conditions within the access or… Weiterlesen Advanced Conditional Access Use Cases – Part 2: Controlling the actions in a session
Advanced Conditional Access Use Cases – Part 1: Risk
In my last blogpost I told you about my approach and experiences at designing CA rule sets. While this blogpost was focussed on the basic features I now want to cover the more advanced features. This first blog is about Risk Based Conditional Access and I hope that Session Controls will follow soon. Risk based… Weiterlesen Advanced Conditional Access Use Cases – Part 1: Risk
How to build Conditional Access rule sets

In the past months I have spent some time designing and implementing Conditional Access rule sets and would like to capture / share my experiences. In my experience, CA rule sets usually start relatively simply, then grow and become more complex and confusing. With the increasing use of cloud apps, different devices and different user… Weiterlesen How to build Conditional Access rule sets
Filtering Options with Azure AD Connect
A recurring question in our M365 projects is „How can I prevent that my whole AD is synchronised to the Azure Active Directory?“My answer is always: „You have multiple options and will be in full control at every moment!“ I’ve discussed the topic so often that I now have decided to write a blog post… Weiterlesen Filtering Options with Azure AD Connect
Admin consent requests
One of the many announcements on the MS Ignite 2019 is the preview of the admin consent requests feature. Starting from this preview I’d like to explain the topic around strategies for staying in control over used cloud apps and fighting shadow IT. Which problem is addressed by this new feature? In the default configuration… Weiterlesen Admin consent requests