#Background
Teams Shared Channels is a great new feature that is still in Public Preview, the goal of this post is to create a concise guide to follow in order to enable Shared Channels in your Tenant
Azure AD Cross Tenant Access Policies
These are the basis of Teams Shared Channels and we must begin configuring them in order to enable Teams Shared Channels later.
- Browse to https://aad.portal.azure.com/
- Click on Azure Active Directory
- Click on External Identities
- Click on Cross-Tenant access settings (preview)
- Click Add Organization, this would be the information of the other organization we would like to interact with.
- Enter the Tenant ID or domain name, if you use the latter, it is in the form of tenantname.onmicrosoft.com
- It should resolve the Name and Tenant ID, click Add
- A new entry should be added on the list and a default of "Inherited from default" in Inbound Access and Outbound access columns should be displayed.
- We are going to customize per organization instead of using the defaults, but you can also customize the defaults. Click on the Inherited from default in the inbound access column
- Click B2B Direct connect
- Click Customize settings
- Verify Allow Access and All External users and groups are selected (Although it can be customized to scope to certain users and groups), and Click Save
- Click Applications and verify Allow Access and all applications are selected (although it can be customized to certain applications), click Save if you had to modify any setting here.
- Go back to the External identities screen clicking on External Identities
- Inbound access is configured when the direction of the collaboration is ToMyTenancy, in other words when we want to invite someone from the other organization to a Shared channel created on our tenant.
- If you want your users to be able to participate in the other organization’s shared channels, configure the same settings under inherited from default in Outbound access column.
Note: This configuration can be viewed with the Graph PowerShell cmdlet Get-MgPolicyCrossTenantAccessPolicy (Microsoft.Graph.Identity.SignIns) and the Exchange Online PowerShell cmdlet Get-CrossTenantAccessPolicy, although not yet so user-friendly.
Check this great resources in case you want to understand more about these policies:
https://www.michev.info/Blog/Post/3681/cross-tenant-access-policy-xtap-and-the-graph-api https://practical365.com/cross-tenant-access-policies/ https://docs.microsoft.com/en-us/azure/active-directory/external-identities/b2b-direct-connect-overview https://docs.microsoft.com/en-us/azure/active-directory/external-identities/cross-tenant-access-settings-b2b-direct-connect
Teams Admin Center
Teams policies
- Browse to https://admin.teams.microsoft.com/
- Click on Teams – Teams policies
- Click on the Global (org-wide default)
- Verify that Create shared channels and Join external shared channels is enabled
- You can also create a new policy if you don’t want to use the Global one
Teams update policies
- Click on Teams – Teams update policies
- Click on the Global (org-wide default)
- Verify that under the Show preview features combo, Enabled is selected
- Click Apply if necessary.
Teams client
- Click the … in the Teams desktop client
- Select About – Public Preview version
- Accept the agreement
- You should now be able to create a Shared Channel
Note: Is not necessary to load Teams using the Public Preview version to later interact with the Channel once it is created.
comments powered by Disqus