Managing external access on Microsoft Teams is a crucial aspect of the MS-700 exam; it allows collaboration with individuals outside an organization, enhancing productivity and achieving seamless communication. This article dives into the essentials of managing external access with special emphasis on federated domains.
To kick things off, let’s understand the concept of ‘external access’ in Microsoft Teams. External access (federation) provides the ability to users from other domains to participate in your teams through channels or chats. These external users have similar capabilities to team members, except they can’t be made an administrator or owner.
Concept of Federated Domains
In the lens of Microsoft Teams, a federated domain refers to a domain with which your organization has established a connection or relationship for communication. The federation enables the exchange of data and interactions between the two domains in a secure and controllable environment. Typically, these are domains outside your organization’s tenancy.
How to Manage External Access
Managing external access revolves around controlling which domains your users can communicate with. Here’s a stepwise procedure on how teams’ administrators can configure and manage external access.
- Sign in to the Microsoft Teams admin center.
- Navigate to the ‘Org-wide settings’, and then select ‘External access’.
- Toggle the ‘External access’ switch to ‘On’ if you want to allow users to communicate with other Skype for Business and Teams users. If you want to block all external access, toggle the switch to ‘Off’.
- Under ‘Blocked or allowed domains’, select the ‘Add a domain’ option. Here, you can set the domains to either allowed or blocked, giving you the freedom to control which domains your users can communicate with.
Sample Screenshot of MS Teams Admin Center is shown below:
—————
| Org-wide | | External access |
| settings | | |
—————
How to Configure Federated Domains
Configuration of federated domains is crucial in controlling the flow of data and communication between your organization and other domains. Here are the steps to configure federated domains:
- Sign in to the Teams admin center.
- Navigate to ‘External access’ under ‘Org-wide settings’.
- Toggle ‘Users can communicate with Skype for Business and Teams users’ to ‘On’.
- Under ‘Blocked or allowed domains’, add a new domain, key in the domain name, and set its status to ‘Allowed’. Your Teams users can now communicate with users in this domain.
Remember, to save and apply changes to your settings, always select ‘Save’ after configuring your settings.
Comparison between Federated Domains and Guest Access
While both external access (federated domains) and guest access allow interactions with individuals outside the organization, they have fundamental differences.
| External Access | Guest Access | |
|---|---|---|
| Purpose | To communicate via calls or chat with users from other organizations | For allowing individuals to participate as full members in teams and channels |
| Permissions | Can’t access team or channel, can only participate in one-to-one chats or calls | Have access to resources, such as files, channels, chats, and applications |
| Configuration | Configured in the Teams admin center, under External access | Configured in the Teams admin center, under Guest access |
In conclusion, managing external access and federated domains is an integral part of the administrative tasks in Microsoft Teams. It empowers organizations to extend collaborations beyond their boundaries, improving productivity and efficiency. Understanding these concepts is not only crucial for real-world operations but also essential for acing the MS-700 exam.
Practice Test
True or False: Microsoft Teams enables you to manage external access with various federated domains.
- True
- False
Answer: True
Explanation: Microsoft Teams allows administrations to manage external communications and access for various federated domains.
Which of the following can you do if you want to allow your team to communicate with external users?
- A. Enable direct federation
- B. Assign a meeting policy
- C. Assign a teams upgrade policy
- D. Set up a resource account
Answer: A. Enable direct federation
Explanation: Direct federation allows your Teams users to communicate with users in another organization that uses Teams or Skype for Business.
True or False: When external access is turned off, your users can still communicate with other people outside your organization.
- True
- False
Answer: False
Explanation: When external access is turned off, users can’t communicate with any external users, regardless of which platforms those users are on.
To block users in external organizations from contacting users in your organization, you should use:
- A. Federation
- B. Tenant Allow/Block list
- C. Communication settings
- D. Resource accounts
Answer: B. Tenant Allow/Block list
Explanation: You can use the Tenant Allow/Block list to block specific domains from communicating with your users.
True or False: It is possible to allow external access for certain domains while blocking others.
- True
- False
Answer: True
Explanation: It is possible to manage external access in Microsoft Teams on a domain-by-domain basis.
Which of the following is NOT a requirement for setting up direct federation?
- A. The externally federated team must use Teams or Skype for Business Online.
- B. Both parties must enable their organization to be discoverable.
- C. The externally federated team must also use MS Exchange for email.
- D. The admins of both teams must use the Microsoft Teams admin center to setup federation.
Answer: C. The externally federated team must also use MS Exchange for email.
Explanation: The externally federated team is not required to use MS Exchange for email to setup federation.
To manage external access, you need to be in the Microsoft Teams admin center. True or False?
- True
- False
Answer: True
Explanation: Management of external access and federated domains is managed through the Microsoft Teams admin center.
Which of the following cannot be done with external access in Microsoft Teams?
- A. Communicate with external users
- B. Share files with external users
- C. Participate in team chats and channel conversations
Answer: C. Participate in team chats and channel conversations
Explanation: External access in Teams does not support shared team or channel experiences.
True or False: You can block all external access to your Teams with a single setting.
- True
- False
Answer: True
Explanation: The Microsoft Teams admin center allows you to block all external access with one setting.
The Allow federation with all domains except those I block setting will:
- A. Block all external communication except for blocked domains
- B. Allow communication with all domains not explicitly blocked
- C. Allow communication only with blocked domains
- D. Block all communication
Answer: B. Allow communication with all domains not explicitly blocked
Explanation: This setting allows external communication with all domains except for those that you specifically block.
Interview Questions
What is an external access in the context of Microsoft Teams?
External access means that Teams in an organization can communicate with another Teams users in a different organization, whether or not the other organization is using Teams as a collaborative tool.
How can we manage the external access in Microsoft Teams?
We can manage the external access in Microsoft Teams through the Teams admin center. Here we can allow or block communications with external domains.
What are federated domains in Microsoft Teams?
Federated domains are the ones we allow to have external communication with Teams in our organization.
Can we allow external access with all domains?
Yes, by default, the external access is turned on in Microsoft Teams, which means the Teams users can find, call, chat, and set up meetings with users in other Teams and Skype for Business users.
Can we block external access with specific domains?
Yes, there is an option to block external communications with certain domains in Microsoft Teams. Admins can set it up in the Teams admin center.
Can we allow external access with certain domains only?
Yes, you can allow external access only with certain domains. To do this, you must turn off external access except for allowed domains where you list the external domains with which you want to communicate.
How can we add a federated domain in Microsoft Teams?
A federated domain can be added by going to the Teams admin center, and then to Org-wide settings > External access. Here we can add a domain and then choose the action “allow”.
How can we remove a federated domain in Microsoft Teams?
A federated domain can be removed by going to the Teams admin center, and then to Org-wide settings > External access. Here we can choose the domain and then select ‘remove’.
Can we control the guest access and external access separately in Microsoft Teams?
Yes, guest access and external access are designed to allow different types of access in Microsoft Teams and can be controlled separately in Teams settings.
What is the difference between guest access and external access in Microsoft Teams?
Guest access is given to an individual who may not be part of the organization. They have more access than an external user. External access is given to an entire domain and they can only participate in one-to-one federated chat.
extutorials.com