Microsoft 365|Office|Office 365|Yammer

Yammer Previews Support for Azure B2B Collaboration

On December 15, Microsoft announced the preview of Yammer support for guest user access through Azure B2B Collaboration. Yammer joins Microsoft 365 Groups, Teams, SharePoint Online, and Planner as the mainline Microsoft 365 applications supporting guest access.

Yammer’s External Collaboration Journey

Guest access first appeared in Office 365 Groups in September 2016. At the time, Yammer supported external support to its networks, a feature not built on top of Azure AD. Yammer’s own implementation worked well and continues to be used as the basis for external collaboration in many organizations, including Microsoft where it’s used to facilitate communications between third parties and some engineering groups.

Even though Yammer had its own model for external collaboration, the fact that Yammer did its own thing made it more of an outlier in the increasingly integrated Microsoft 365 world. This was acknowledged by new engineering leadership in 2018 and an effort began to integrate Yammer better with Azure AD and other Microsoft 365 components. Two years later, this is the latest step forward.

Native Microsoft 365 Mode Required

The preview for Azure B2B collaboration depends on moving Yammer to native Microsoft 365 mode. When an organization does this, Yammer communities are powered by Microsoft 365 groups, which lays the foundation for Azure B2B collaboration.

Sponsored Content

Maximize Value from Microsoft Defender

In this ebook, you’ll learn why Red Canary’s platform and expertise bring you the highest possible value from your Microsoft Defender for Endpoint investment, deployment, or migration.

If your organization has moved Yammer into native Microsoft 365 mode, you don’t need to do much to prepare for guest users. Microsoft says that Yammer networks provisioned after December 15 are automatically configured for guest access, much like Microsoft will enable guest access automatically for Teams from February 2021. Existing networks need to have their security settings updated to allow External messaging (Figure 1). It’s a curious choice of term – perhaps Enable Azure B2B collaboration might have been clearer.

Image 1 Expand
Figure 1: Security Settings for a Yammer network to permit Azure AD guest users (image credit: Tony Redmond)

How Yammer Supports Guest Users

Once the organization security settings are configured, community owners can add guest members. Click the large plus sign beside the members list in the top right-hand of the Yammer browser interface. Type in the user principal name of the guest. Yammer checks the tenant’s Azure AD. If the guest account already exists, it’s suggested otherwise a new account is added (Figure 2).

Image 2 Expand

Figure 2: Adding a guest user to a Yammer community (image credit: Tony Redmond)

Behind the scenes, the guest receives an email notification that they’ve been added to a community (Figure 3).

Image 3 Expand
Figure 3: Adding a guest user to a Yammer community (image credit: Tony Redmond)

When the guest goes to the community, they can access the communities in the host tenant they’ve been added to and interact just like any member. Figure 4 shows that the guest belongs to two communities in the tenant.

Image 4 Expand
Figure 4: Yammer interface for a guest user (image credit: Tony Redmond)

All of this will be very familiar to anyone who has worked with guest accounts in Outlook groups or Teams. The process of creating guest accounts, redeeming invitations, and access is the same.

Some Restrictions in Preview

This is a preview release, and some gaps are expected. Microsoft describes several limitations in their documentation. Here are the highlights:

  • Only Microsoft 365 business accounts are supported. Essentially, this means that Azure AD accounts are required, in another Office 365 tenant or an Azure AD deployment.
  • Collaboration is restricted to a single region. If your organization uses Yammer based in Europe or North America, you can collaborate with guests from the same geography. Cross-region collaboration isn’t shared for now.
  • No private messages for guests. Guests can send messages to the Yammer communities to which they are invited. They can’t send private messages to other Yammer users.
  • No guests in Live Events. Guests can’t participate in Yammer live events because these events are underpinned by Stream, which doesn’t support Azure B2B collaboration. If you want guests to participate in live events, organize the events through Teams.
  • Can’t add guests during initial community creation. A Yammer community must be up and running before its owners can invite guests. Microsoft says that this restriction will be removed to make Yammer work the same as Teams and Outlook groups, both of which can invite guests during the setup of new groups.
  • Guests don’t receive interactive Yammer notifications. Guests receive old-style email notifications about messages posted to Yammer communities. They don’t have the chance to respond directly from the email.
  • Guests can’t be added to the All Community community. All Community describes all the tenant users in an organization. Guests have Azure AD accounts in an organization, but they’re not full users so they don’t get to be in All Community.

Hopefully, Yammer will pick up other Azure B2B collaboration features in the future, such as the ability to block guest access for specific communities while allowing them for others. Support for the group expiration policy, the Azure B2B external collaboration policy, and container management through sensitivity labels would also be welcome.

Work to Do for Current Yammer Organizations

If you’re already using Yammer to host external users, some preparatory work and updates are needed to move to the Azure B2B collaboration model. Eventually this bullet will need to be bitten because it’s unlikely that Microsoft will persist with two models for Yammer external collaboration over the long term, so it’s wise to start considering how to move. New organizations adopting Yammer now will probably like the new feature. It’s simple and it works within the current restrictions. When Yammer supports a wider set of external accounts, it will be even better.

Related Topics:

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register
Comments (0)

Leave a Reply

Tony Redmond has written thousands of articles about Microsoft technology since 1996. He covers Office 365 and associated technologies for Petri.com and is also the lead author for the Office 365 for IT Pros eBook, updated monthly to keep pace with change in the cloud.
External Sharing and Guest User Access in Microsoft 365 and Teams

This eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

You will learn:

  • Who should be allowed to be invited as a guest?
  • What type of guests should be able to access files in SharePoint and OneDrive?
  • How should guests be offboarded?
  • How should you determine who has access to sensitive information in your environment?

Sponsored by:

 
Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: