TeamsFederationConfiguration¶
Parameters¶
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| Identity | Key | String | The only valid input is Global - the tenant wide configuration | Global |
| AllowFederatedUsers | Write | Boolean | When set to True users will be potentially allowed to communicate with users from other domains. | |
| AllowedDomains | Write | StringArray[] | List of federated domains to allow. | |
| BlockedDomains | Write | StringArray[] | List of federated domains to block. | |
| AllowPublicUsers | Write | Boolean | When set to True users will be potentially allowed to communicate with users who have accounts on public IM and presence providers. | |
| AllowTeamsConsumer | Write | Boolean | Allows federation with people using Teams with an account that's not managed by an organization. | |
| AllowTeamsConsumerInbound | Write | Boolean | Allows people using Teams with an account that's not managed by an organization, to discover and start communication with users in your organization. | |
| ExternalAccessWithTrialTenants | Write | String | When set to Blocked, all external access with users from Teams subscriptions that contain only trial licenses will be blocked. This means users from these trial-only tenants will not be able to reach to your users via chats, Teams calls, and meetings (using the users authenticated identity) and your users will not be able to reach users in these trial-only tenants. If this setting is set to Blocked, users from the trial-only tenant will also be removed from existing chats. | Allowed, Blocked |
| TreatDiscoveredPartnersAsUnverified | Write | Boolean | When set to True, messages sent from discovered partners are considered unverified. That means that those messages will be delivered only if they were sent from a person who is on the recipient's Contacts list. | |
| SharedSipAddressSpace | Write | Boolean | When set to True, indicates that the users homed on Skype for Business Online use the same SIP domain as users homed on the on-premises version of Skype for Business Server. | |
| RestrictTeamsConsumerToExternalUserProfiles | Write | Boolean | When set to True, Teamsconsumer have access only to external user profiles | |
| Credential | Write | PSCredential | Credentials of the Teams Admin | |
| ApplicationId | Write | String | Id of the Azure Active Directory application to authenticate with. | |
| TenantId | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com | |
| CertificateThumbprint | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | |
| ManagedIdentity | Write | Boolean | Managed ID being used for authentication. | |
| AccessTokens | Write | StringArray[] | Access token used for authentication. |
Description¶
This resource is used to configure the Teams Federation Configuration (CsTenantFederationConfiguration). In the Teams admin center this is available in 'External access' in the Users section.
More information: https://docs.microsoft.com/en-us/microsoftteams/manage-external-access
Permissions¶
Microsoft Graph¶
To authenticate with the Microsoft Graph API, this resource required the following permissions:
Delegated permissions¶
-
Read
- None
-
Update
- None
Application permissions¶
-
Read
- Organization.Read.All
-
Update
- Organization.Read.All
Examples¶
Example 1¶
This examples sets the Teams Federation Configuration.
Configuration Example
{
param(
[Parameter(Mandatory = $true)]
[PSCredential]
$Credscredential
)
Import-DscResource -ModuleName Microsoft365DSC
node localhost
{
TeamsFederationConfiguration 'FederationConfiguration'
{
Identity = "Global";
AllowedDomains = @();
BlockedDomains = @();
AllowFederatedUsers = $True;
AllowPublicUsers = $True;
AllowTeamsConsumer = $True;
AllowTeamsConsumerInbound = $True;
RestrictTeamsConsumerToExternalUserProfiles = $False;
SharedSipAddressSpace = $False;
TreatDiscoveredPartnersAsUnverified = $False;
Credential = $Credscredential
}
}
}