How to Convert Azure B2B Guest Users to Members While Maintaining User Collaboration post

Azure B2B guest accounts are often created during a Merger & Acquisition, so teams from both organizations can easily collaborate during the business and technology integration. However, these external users with B2B Guest accounts in their directory will eventually need to be migrated, which is problematic since B2B Guest accounts aren’t recognized as being licensed. The guest account can be removed and a new one created, but previous permissions would be lost. So how do we preserve permissions, keep collaborating without managing two sets of credentials while preparing the user account for data migrations? This article walks you through a solution that can be used in certain situations to help you easily manage the account to meet your needs.

MIGRATION

Richard Dean

9/8/20211 min read

a person holding a black book with the word guests on it
a person holding a black book with the word guests on it

Today’s Challenge

Cross-Tenant migration and integration projects increasingly use Azure B2B guest users as part of Microsoft Business-to-Business (B2B) account functionality to provide a richer collaboration experience during the coexistence stage of a migration project.

During a Merger and Acquisition (M&A) event, Enterprise organizations will allocate some users as B2B Guest accounts so teams from both organizations may share and manage information during the business and technology integration.

During these events, administrators or internal users will invite different people from the acquired organizations to participate in discussions, schedule meetings, and share data from Microsoft Teams, Groups, and SharePoint sites. These external users which now have B2B Guest accounts in their directory will eventually need to be migrated. But before that, licenses will be needed in order to create their mailboxes and OneDrive containers in SharePoint before any data can be migrated.

This is a problem for B2B Guest accounts as they don’t recognize being licensed and can’t own a mailbox in Exchange Online. The guest account could be removed, and a new account created and licensed, but all the permissions previously assigned to files and shared resources would be lost, which causes other problems with email reply-ability and cached identities. And if the account is recreated, the end-user will be forced to manage two sets of credentials until they are fully migrated if they want to keep collaborating with the team members in the acquiring organization.

So how do we preserve permissions, keep collaborating without managing two sets of credentials while preparing the user account for data migrations? Read more.