0

Is there a recommended Azure AD strategy for managing internal and our partner users?

We know we can add external users to our Azure AD but we would like a clear separation between the internal and partners users.

I see in Azure you can add another Azure AD so wondering if we can add a new just for external users. But I'm not sure what effect this would have to our current company Azure AD and whether it would have access and/or impact on the features we have in our Azure AD (e.g. O365/Sharepoint/etc).

Or is it recommended just to use groups in Azure AD to separate the internal and external users?

waka
  • 3,362
  • 9
  • 35
  • 54
monkeyhandz
  • 23
  • 4
  • Just remember that *all users* in a directory have the rights to see a list of all users and groups in that directory. – juunas Sep 22 '17 at 06:44

1 Answers1

0

is it recommended just to use groups in Azure AD to separate the internal and external users?

I think this is the best way to manage your users and partner users.

If you add partner users to another Azure AD, they will not access your default Azure AD resources and app.

Different Azure AD have different resource groups and APP.

Jason Ye
  • 13,710
  • 2
  • 16
  • 25