Home » Blog » How to Blacklist and Whitelist External Domains in M365

How to Blacklist and Whitelist External Domains in M365

Blacklist Whitelist External Domains M365

Managing guest access in Microsoft Teams and generally in M365 universe can be a complex task for admins, where they have to ensure both security and flexibility within their organization. Today we will show you a step-by-step approach to blacklisting or whitelisting guests in Microsoft Entra, helping you maintain control over who can enter your M365 and Teams environment.

This guide is meant for Microsoft Teams admins seeking efficient ways to manage guest access. Whether your goal is to improve security or simplify the management process, the following steps will guide you through setting up guest access controls.

Time needed: 2 minutes

  1. Access Microsoft Entra

    First, go to entra.microsoft.com and login with your administrator credentials. Microsoft Entra is your gateway to managing access to Microsoft’s ecosystem, which is essential for managing guest access.Microsoft Entra Home

  2. Navigate to the External Identities

    Once logged in, locate and click “External Identities” from the menu. This phase is important for managing people outside your organization, and provides the basis for guest access management across teams.Microsoft Entra External Identities

  3. Search for the External Collaboration Settings

    In the list of external connections, locate and select “External Collaboration Settings”. This field allows you to specify how your organization interacts with external users, including guests.Microsoft Entra External Connection Settings

  4. Adjust Settings

    Lastly, navigate to “Collaboration restrictions” at the page’s end. There, you’ll find three key settings:

    Allow invitations to be sent to any domain (most inclusive): Guests from any domain can be invited, suitable for wide collaboration networks.
    Deny invitations to the specified domains: Blocks invitations to listed domains, creating a blacklist.
    Allow invitations only to the specified domains (most restrictive): Only pre-listed domains can receive invitations, ideal for strict collaboration control.Microsoft Entra Collaboration restrictions

For the second and third options, you will be asked to specify a domain to ensure consistent access. For example, if you choose to deny a particular domain, you can enter “google.com” to block Google-based users. And the other way around, if only certain fields are allowed and you enter “yourcompany.com”, it means that only users from this domain can be invited.

Manage existing guest users in Microsoft Teams

Ready to take your Teams administration to the next level?

Navigating the complexities of External Identities in Microsoft 365 requires more than just basic settings adjustments. For admins looking to enhance security, compliance, and management efficiency, External User Manager offers a comprehensive solution. By automating and simplifying guest management, it frees up valuable time and resources, allowing you to focus on strategic IT initiatives.

Explore how External User Manager can transform your guest management approach, offering enhanced security, compliance, and convenience. Get your free trial of External User Manager or schedule a demo today.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Copyright 2021 © Solutions2Share GmbH

Terms and conditions Privacy policy Cookie Policy Imprint

Send this to a friend