Unit 6: Add Guest Users to Directory

1. Objective

Once external users are invited, you need to verify their directory presence and ensure their accounts are properly added and categorized as “Guests.”

2. Adding Guest Users via Admin Center

Steps:

• Go to Identity → Users → All Users.
• Select New User → Invite External User.
• Provide the guest’s email address, display name, and optional personal message.
• Click Invite.

The system immediately creates a guest user object in your Entra tenant. You’ll see:

• User type: Guest.
• Source: External Microsoft Entra ID (or other IdP).
• Status: Pending redemption until the user accepts the invitation.

3. Important Details

• Group email addresses are not supported.
• Avoid using “plus addressing” (user+test@gmail.com) — it causes delivery issues.
• Once added, you can assign the guest to groups, roles, or apps just like any internal user.

4. Verification

After sending the invitation:

• Return to All Users.
• Search for the guest’s name or email.
• The User Type column should show Guest.

If the user redeems the invitation successfully, they can access assigned resources (Teams, SharePoint, etc.).

5. Real-World Example

Scenario: Contoso’s IT administrator invites sara@northwind.com to collaborate on a finance dashboard. Once invited:

• Sara appears in the directory as a Guest.
• After redeeming, she can access Power BI reports shared with her group.
• Her account can be managed via standard access reviews and Conditional Access.

6. Exam Tip

• User type “Guest” indicates external B2B collaboration.
• Guests must redeem invitations before gaining access.
• Use Microsoft Entra admin center for manual invites or PowerShell for automation.

Summary

Adding guests to the directory is the final step in the onboarding phase of B2B collaboration. Once they appear in Microsoft Entra ID, you can manage them with the same security and governance features used for internal users — ensuring consistency across your identity environment.