New Microsoft Teams PowerShell Setting Enables Federation with Specific Trial Tenants
Microsoft has introduced a new PowerShell setting, allowing administrators to control federation with specific trial-only tenant domains.
Published: Feb 05, 2025
Key Takeaways:
- Microsoft has introduced the -AllowedTrialTenantDomains PowerShell setting, allowing administrators to manage federation with trusted trial-only tenants.
- The setting is only supported in PowerShell and enables more granular control over external communication with trial tenants.
- organizations are encouraged to review their external access settings.
Microsoft has introduced a new PowerShell setting within Tenant Federation Configuration, offering administrators enhanced flexibility to tailor their federation posture. The company announced on the Micrososoft 365 admin center that this setting is now available to commercial users through Microsoft Teams PowerShell.
Last year, Microsoft added a new PowerShell setting (called -ExternalAccessWithTrialTenants) to the Set-CsTenantFederationConfiguration cmdlet. This setting allows IT administrators to block external access with tenants with trail-only licenses. A trail-only tenant is a tenant that uses trail subscriptions and has no purchased licenses. These tenants can be used to evaluate Microsoft Teams features before committing to a full license.
“Now, we’re introducing a new Tenant federation setting -AllowedTrialTenantDomains to enable more granularity in defining the federation posture for your organization. This setting will allow you to keep federation with trial-only tenants blocked, while explicitly allowing federation with trial tenant domains you trust and collaborate with for valid business needs,” Microsoft explained.
How to manage federation with specific trial-only tenants in Microsoft Teams
Microsoft clarifies that the new AllowedTrialTenantDomains setting is exclusively available in PowerShell. Administrators can enable external communication with specific trial-only tenants using the following PowerShell command:
$list = New-Object Collections.Generic.ListString
$list.add(“contoso.com”)
$list.add(“fabrikam.com”)
Set-CsTenantFederationConfiguration -AllowedTrialTenantDomains $list
Currently, any communication between different Microsoft 365 cloud environments involving trail-only tenants is blocked by default. However, keep in mind that the new setting will not be applicable to cross-cloud communication.
Organizations that add domains to the allowed trial tenant list will see these changes take effect in mid-February. Microsoft advises reviewing external access settings to determine if there is a valid business need for allowing federation with trial-only tenants. If you haven’t already, be sure to download the latest PowerShell package (6.7 or higher) from the official website.