Intro add guest user in office 365 with B2B
Sometimes you need to let external users get access to your Office 365 tenant . When this is one user you can just invite the user from the site (Office 365 B2B Guest invites). But what will you do when you need to give access to lots of users without a invite.
In this article i explain how you can add multiple users (10, 100, 1000, 10000 ) as a guest to you office 365 tenant.
First of all you need to do the manual invite Once and give the user you have invite 2 roles.
- Invite guests
The invite guests role explains itself, but you need the usermanagement for changing attributes or removing the user from the tenant.
Ok lets start with Office 365 B2B Guest invites
Invite a users from your source tenant in your destination tenant. When you have done this the user should be in your office 365 tenant under guest with a name like.
When you have checked this you can execute the following command to give the right permissions to that user.
Add-MsolRoleMember -RoleObjectId 95e79109-95c0-4d8e-aee3-d01accf2d47b -RoleMemberEmailAddress “user_domain.com#EXT#@j3rmeyerDEV.onmicrosoft.com”
*note: the invited user gets an email which he needs to accept so for testing purposes give him a Exchange online license.
#Connect to destination tenant with the credential of the inviter account (yes i know you can use a keyfile)$Username = “Inviteraccount”$Password = “Inviteraccount password”$PasswordSecured = Convertto-SecureString –String $Password –AsPlainText –Force$UserCredential = New-object System.Management.Automation.PSCredential $Username,$PasswordSecuredConnect-AzureAD -Credential $UserCredential -TenantDomain “j3rmeyerDEV.onmicrosoft.com”#Invite the user$newuser = New-AzureADMSInvitation -InvitedUserEmailAddress “email@example.com” -InvitedUserDisplayName “User2” -sendinvitationmessage $false -InviteRedirectUrl “https://j3rmeyerdev.sharepoint.com”
In a following blog post i will show you how you can easily loop true the users in Activedirectory and add them as a guest without a invite in you Office 365 tenant.