![Microsoft Teams: Microsoft PowerShell cmdlet to allow federation with specific trial tenant domains [MC994289]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-mali-110818-1024x683.webp)
Message ID: MC994289
Coming soon: We will introduce a new Microsoft Teams PowerShell setting in Tenant Federation Configuration to enable you to customize your federation posture. Tenant administrators will be able to define a list of external trial tenants to be whitelisted for federation, while maintaining the default block on overall federation with trial-only tenants.
[When this will happen:]
General Availability (Worldwide): The new setting is available now in Teams PowerShell. If populated, the allowed trial tenant domains list will start to take effect in mid-February 2025.
Note: This feature requires no immediate admin action, and there will be no impact if the list is not populated.
[How this will affect your organization:]
Microsoft Teams introduced a new PowerShell setting (-ExternalAccessWithTrialTenants) to the Set-CsTenantFederationConfiguration cmdlet in August 2024 that enabled blocking all external access with trial-only tenants.
Now, we’re introducing a new Tenant federation setting -AllowedTrialTenantDomains to enable more granularity in defining the federation posture for your organization. This setting will allow you to keep federation with trial-only tenants blocked, while explicitly allowing federation with trial tenant domains you trust and collaborate with for valid business needs.
Important notes
- A "trial-only" tenant is defined as a tenant with a Teams service plan that has only Trial subscriptions (0 purchased licenses).
- Cross-cloud experience: Currently, all cross-cloud communication involving trial-only tenants in public clouds is blocked by default. The
AllowedTrialTenantDomainssetting will not be supported for cross-cloud communication. - This setting is only supported in PowerShell.
[What you need to do to prepare:]
This rollout will happen automatically by the specified date with no admin action required before the rollout. You may want to notify your users about this change and update any relevant documentation.
- Review your settings for external access to determine if you have a valid business need to allow federation with trial-only tenants and then prepare the whitelist.
- Download or upgrade to the latest PowerShell package (6.7 or higher): https://www.powershellgallery.com/packages/MicrosoftTeams/
- To block external communication with trial-only tenants, use:
Set-CsTenantFederationConfiguration -ExternalAccessWithTrialTenants "Blocked" - To allow external communication with specific trial-only tenants, while blocking it by default for most trial-only tenants, use:
$list = New-Object Collections.Generic.List[String]
$list.add("contoso.com")
$list.add("fabrikam.com")
Set-CsTenantFederationConfiguration -AllowedTrialTenantDomains $list
- To remove tenants from the
AllowedTrialTenantDomainslist, use:
$list = New-Object Collections.Generic.List[String]
$list.add("contoso.com")
Set-CsTenantFederationConfiguration -AllowedTrialTenantDomains @{Remove=$list}
- To allow external communication with all trial-only tenants, use:
Set-CsTenantFederationConfiguration -ExternalAccessWithTrialTenants "Allowed"
Learn more
- PowerShell cmdlet configuration: Set-CsTenantFederationConfiguration | Microsoft Learn
- Manage external communication: IT Admins – Manage external meetings and chat with people and organizations using Microsoft identities – Microsoft Teams | Microsoft Learn
Source: Microsoft
![Microsoft Teams: Microsoft PowerShell cmdlet to allow federation with specific trial tenant domains [MC994289]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-bob-west-746886459-19239866-150x150.webp)
![Microsoft Teams: Microsoft PowerShell cmdlet to allow federation with specific trial tenant domains [MC994289]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-pixabay-158163-150x150.webp)
The introduction of the new Microsoft Teams PowerShell cmdlet for tenant federation is set to have a significant impact on both admins and users alike. For administrators, the ability to customize federation settings will provide greater control over external communications. By whitelisting specific trial tenant domains, admins can maintain a secure environment while still collaborating with trusted partners. This nuanced approach allows organizations to tailor their federation posture based on real business needs rather than a one-size-fits-all solution.
On the user side, this enhancement promises a smoother collaboration experience with trusted external partners, fostering better communication and productivity. Users will appreciate the flexibility to work with trial tenants that are essential to their projects without compromising security.
The changes are impactful, as they strike a balance between security and collaboration. While the default block on overall federation with trial-only tenants remains in place, the ability to allow specific domains means that organizations can adapt to their unique requirements without unnecessary complications.
As we navigate these changes, it’s important for admins to review their external access settings and communicate any updates to their users. After all, knowledge is power—and it’s best shared!
What are your thoughts on this update? Will it make a difference in how your team collaborates? Share your insights and experiences in the comments! And for more information on Microsoft Teams features and updates, check out additional posts at mwpro.co.uk.