Use PowerShell to control guest access to a team

In addition to using the Office 365 admin center and the Azure Active Directory portal, you can use Windows PowerShell to control guest access. With PowerShell, you can do the following:

  • Allow or block guest access to all teams and Office 365 groups

  • Allow guests to be added to all teams and Office 365 groups

  • Allow or block guest users from a specific team or Office 365 group

For more details, see the section "Use PowerShell to control guest access" on the Manage tab of Guest access in Office 365 Groups.

You can also use PowerShell to allow or block a guest user based on their domain. For example, let's say your business (Contoso) has a partnership with another business (Fabrikam). You can add Fabrikam to your Allow list so your users can add those guests to their groups. For more information, see Allow/Block guest access to Office 365 groups.

If you want to block guests in teams and still allow guests to access SharePoint sites, you can use Azure Active Directory Powershell cmdlets to disable the AllowGuestAccessToGroups parameter on the Company object, assuming external sharing is turned on for SharePoint sites.