API tools faq
paste
Advertisement
cbonnin

Microsoft Teams external domain whitelisting

cbonnin
Aug 9th, 2023
348
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PowerShell 2.27 KB | None | 0 0
raw download clone embed print report
  1. #Prerequisites :
  2. # Update-Module MicrosoftTeams -RequiredVersion 5.5
  3.  
  4. Disconnect-MgGraph
  5. Connect-MgGraph -Scopes "user.read.all"
  6.  
  7. [array]$Guests = Get-MgUser -All -Filter "usertype eq 'Guest'"
  8. Write-Host ("{0} guest accounts found" -f $Guests.Count)
  9. $GuestList = [System.Collections.Generic.List[Object]]::new()
  10.  
  11. ForEach ($Guest in $Guests) {
  12.     $Domain = $Guest.Mail.Split("@")[1]
  13.     $ReportLine = [PSCustomObject][Ordered]@{  
  14.       Guest    = $Guest.Mail
  15.       Domain   = $Domain
  16.       Name     = $Guest.DisplayName }
  17.     $GuestList.Add($ReportLine)
  18. }
  19. Write-Host ""
  20. Write-Host "Guest accounts found for the following domains"
  21. Write-Host "----------------------------------------------"
  22. $GuestList | Group-Object Domain | Sort-Object Name | Select-Object Name, Count
  23. $Domains = $GuestList | Sort-Object Domain -Unique | Select-Object -ExpandProperty Domain
  24.  
  25. Write-Host "Connecting to Microsoft Teams to check current external access configuration"
  26.  
  27. Disconnect-MicrosoftTeams
  28. Connect-MicrosoftTeams
  29.  
  30. # Get current set of domains configured for Teams extrenal access
  31. $DomainConfiguration  = Get-CsTenantFederationConfiguration  | Select-Object -ExpandProperty AllowedDomains
  32. # Check the set of domains that aren't in the current configuration
  33. [array]$DomainsToAdd = $Domains | Where-Object {$_ -notin $DomainConfiguration.AllowedDomain.Domain}
  34.  
  35. $Prompt = "Do you want to add the following domains to the list allowed for Teams external access? " + $DomainsToAdd -join ", "
  36. $Choice = Read-Host $Prompt
  37.  
  38. #Type Y to add detected domains
  39. If (($Choice.ToUpper()) -eq "Y") {
  40.         $AllList = new-object object[] $DomainsToAdd.Count  
  41.         $i = 0
  42.        
  43.         ForEach ($Domain in $DomainsToAdd) {
  44.          $x = New-CsEdgeDomainPattern -Domain $Domain
  45.          $AllList[$i] = $x
  46.          $i++
  47.         }
  48.  
  49.         $newAllowList = New-CsEdgeAllowList -AllowedDomain @($AllList)
  50.         # replace the current domains list for the new list generated above
  51.         Set-CsTenantFederationConfiguration -AllowedDomains $newAllowList            
  52.     }
  53.  
  54. $DomainConfiguration  = Get-CsTenantFederationConfiguration  | Select-Object -ExpandProperty AllowedDomains
  55. Write-Host ("External access for Teams now includes {0} domains" -f $DomainConfiguration.AllowedDomain.Domain.count)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!