Microsoft Teams Shared Channels: Know your Options

[MUSIC PLAYING] Welcome, everyone, to my session at Virtual TEC. My name is Habib Mankal. This session is up and running with Microsoft Teams Shared Channels. So again, my name is Habib Mankal. I'm a Principal Architect and Founder at WaveCore IT. I'm also a Microsoft 365 Apps and Services MVP. That is my Twitter handle if you wish to follow me. And we also have a podcast with three additional Canadian MVPs, called O365h.com, if you'd like to check us out there as well. So Teams Connect, also known as Shared Channels for the better part of the community, is a new collaboration feature that Microsoft has announced recently. You know, it became live you know mid-summer, which I'm going to basically go through the session with you, how do you configure it from end-to-end, whether it be it from an Azure Active Directory perspective, Teams administration side of things, and then how to actually use it as the end user perspective as well. So just a quick recap about Shared Channels, it provides the ability for collaboration outside of your current team. So you can have a Shared Channel within your current team, and you can have different members within that Shared Channel as well. So it is enabled by default, the Shared Channel functionality within Teams is enabled by default. However, it isn't enabled at the external collaboration side of things. So it is a new channel type. So when you're creating a new channel, you'll have three different options in there. One is called a standard private, in the private channel, which was announced in Ignite 2019. And then the new one is the share channel type. So what it does is it allows you to join a channel without having to context switch, or tenant switch. So if you're using it for external collaboration, I have the ability to share channel with somebody outside my organization, and they can view that channel itself within their team's client, so they don't have to change memberships, or sign out, and sign in to your tenant to see this channel. So it uses a different type of membership called Federated identities, which is in Azure Active Directory. And it's different than the guest access, or B2B guest, or B2B collaboration that we'll talk about a little bit afterwards, all right? In order to use this functionality outside the organization, the users must be licensed with, or have a Microsoft Teams license assigned to them. Obviously, internally, you have to have a license assigned to them as well. And then just from an availability perspective, it is available in the commercial multi-tenant and GCC. But the GCC High is on the roadmap, and also on the DOD side of things as well. So I just wanted to quickly talk about the guest access versus shared channels. So primary scenario is for my guest access perspective, or B2B collaboration. External users can use a preferred identity to sign into your Azure ID. So within Microsoft Teams, you'll actually see in the top right hand corner the name of the organization that you are a guest in, and then you'll be able to sign out or switch your account from your tenant to the guest account that you're in. With the Shared Channels, you use Federated Identity, so you use your own Microsoft 365 Identity to see that shared channel, and you authenticate against another organization's tenant. So we set up something that's called Cross Tenant Collaboration Policies, or Cross Tenant Access Settings, that I'm going to walk you through a little bit later to do that type of technology. It's intended-- so for guest access, it's intended for business partners or suppliers who may not have an Azure AD account, so that they can actually sign into your tenant and collaborate that way. With the Shared Channels, you can have business partners as well, but they have their own Azure AD account. From a user management perspective, all of the guest access users are managed within your Azure Active Directory. So you create your guest accounts within there, and then from the Shared Channel side of things, you know, there's no management from the user object perspective. So you're not creating the accounts, but you do have the ability to somewhat govern the users and groups that are accessing your tenant through these policies we're going to walk through. Next, is the top five questions asked, right? So first thing we want to-- I guess one of the first questions are, are consumer accounts supported, such as MSA accounts? So we're talking gmail.com, outlook.com, hotmail.com accounts. So those accounts can be tied to a Microsoft service account or system account. And then you can be able to log into other Microsoft services. So those are currently not supported. Only Azure AD, or school or work accounts that have a Teams license assigned to them are utilized, or are able to sign in, or use Shared Channels. Bots in and line of business applications are not supported as well. So the second question are guest accounts. So is guest access, or B2B collaboration supported? So the answer is no. So if you have a team that has multiple channels, and you have multiple guest users within that team, those guest users are not able to access or see the share channel, nor will you be able to add them to that share channel at all. So if you want those members, or those guest users to be able to see that share channels, you need to share it with their external identity if they have one in Azure AD from their particular tenant. Third, do I need cross tenant policies if I just implement it in more organizations? So if I'm only using share channels within my organization and I don't have no plans of using it externally, then no, I do not need cross tenant policies configured, because it is