How to Blacklist and Whitelist External Domains in M365
Managing guest access in Microsoft Teams and generally in M365 universe can be a complex task for admins, where they have to ensure both security and flexibility within their organization. Today we will show you a step-by-step approach to blacklisting or whitelisting guests in Microsoft Entra, helping you maintain control over who can enter your M365 and Teams environment.
This guide is meant for Microsoft Teams admins seeking efficient ways to manage guest access. Whether your goal is to improve security or simplify the management process, the following steps will guide you through setting up guest access controls.
Time needed: 2 minutes
- Access Microsoft Entra
First, go to entra.microsoft.com and login with your administrator credentials. Microsoft Entra is your gateway to managing access to Microsoft’s ecosystem, which is essential for managing guest access.
- Navigate to the External Identities
Once logged in, locate and click “External Identities” from the menu. This phase is important for managing people outside your organization, and provides the basis for guest access management across teams.
- Search for the External Collaboration Settings
In the list of external connections, locate and select “External Collaboration Settings”. This field allows you to specify how your organization interacts with external users, including guests.
- Adjust Settings
Lastly, navigate to “Collaboration restrictions” at the page’s end. There, you’ll find three key settings:
Allow invitations to be sent to any domain (most inclusive): Guests from any domain can be invited, suitable for wide collaboration networks.
Deny invitations to the specified domains: Blocks invitations to listed domains, creating a blacklist.
Allow invitations only to the specified domains (most restrictive): Only pre-listed domains can receive invitations, ideal for strict collaboration control.
For the second and third options, you will be asked to specify a domain to ensure consistent access. For example, if you choose to deny a particular domain, you can enter “google.com” to block Google-based users. And the other way around, if only certain fields are allowed and you enter “yourcompany.com”, it means that only users from this domain can be invited.
Ready to take your Teams administration to the next level?
Navigating the complexities of External Identities in Microsoft 365 requires more than just basic settings adjustments. For admins looking to enhance security, compliance, and management efficiency, External User Manager offers a comprehensive solution. By automating and simplifying guest management, it frees up valuable time and resources, allowing you to focus on strategic IT initiatives.
Transform your Microsoft 365 security with a strategic guest management approach, offering enhanced security, compliance, and convenience. Schedule a free demo today!
Head of Development ans Governance Expert at Solutions2Share – Bastian John has been a pioneer in governance and provisioning products for over 13 years, starting with SharePoint 2010. His expertise has evolved with the changing technology landscape, including AI, leading to the development of the most widely used governance application within Microsoft Teams.
