Updates from: 01/19/2023 04:39:02
Category Microsoft Docs article Related commit history on GitHub Change details
admin Share Calendars With External Users https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/share-calendars-with-external-users.md
description: "Enable calendar sharing in the Microsoft 365 admin center so users
# Share Microsoft 365 calendars with external users
-It's sometimes necessary for your users to schedule meetings with people outside your organization. To simplify the process of finding common meeting times, Microsoft 365 enables you to make calendars available to these people. These are people who need to see free and busy times for users in your organization, but don't have user accounts for your Microsoft 365 organization.
-
-You can enable calendar sharing for all users in your organization in the Microsoft 365 admin center. Once sharing is enabled, your users can use Outlook Web App to share their calendars with anyone inside or outside the organization. People inside the organization can view the shared calendar along with their own calendar. People outside the organization will be sent a URL that they can use to view the calendar. Users in your organization decide when to share and how much to share.
- It's sometimes necessary for your users to schedule meetings with people outside your organization. To simplify the process of finding mutually agreeable meeting times, Microsoft 365 enables you to make calendars available to external users. These are people who need to see free and busy times for users in your organization, but don't have user accounts for your Microsoft 365 organization. As the admin, you can enable calendar sharing for all users in your organization. Once sharing is enabled, users can use Outlook Web App to share their calendars with anyone inside or outside the organization. People inside the organization can view the shared calendar along with their own calendar. People outside the organization will be sent a URL that they can use to view the calendar. Users decide when to share, how much to share, and when to keep their calendars private.
compliance Audit Log Activities https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/audit-log-activities.md
Select one of the following links to go to a specific table.
[SystemSync activities](#systemsync-activities) :::column-end::: :::column:::
-
+ [Viva Goals activities](#viva-goals-activities)
:::column-end::: :::row-end::: ++ ## File and page activities The following table describes the file and page activities in SharePoint Online and OneDrive for Business.
The following table lists the activities for SystemSync that are logged in the M
|Data Share Deleted|DataShareDeleted|When the data export is deleted by the user.| |Generate Copy Of Lake Data|GenerateCopyOfLakeData|When the copy of Lake Data is generated.| |Download Copy Of Lake Data|DownloadCopyOfLakeData|When the copy of Lake Data is downloaded.|+
+## Viva Goals activities
+
+The following table lists the user and admin activities in Viva Goals that are logged for auditing. The table includes the friendly name that's displayed in the Activities column and the name of the corresponding operation that appears in the detailed information of an audit record and in the CSV file when you export the search results.
+
+[Search the audit log in the Security & Compliance Center](audit-log-search.md) details how you can search for the audit logs from the compliance portal. The user needs to be a global admin or have audit read permissions to access audit logs. You can use the Activities filter to search for specific activities and to list all Viva Goals activities you can choose ‘VivaGoals’ in the Record type filter. You can also use the date range boxes and the Users list to narrow the search results further.
+
+|**Friendly name**|**Operation**|**Description**|
+|:--|:--|:--|
+|Organization createdΓÇ» |Organization createdΓÇ» |Admin or the user has created a new organization on Viva Goals. |
+|User added |User added |A new user has been added to an organization on Viva Goals. |
+|User deactivated |User deactivated |A user has been deactivated in an organization. |
+|User deleted |User deleted|A user has been deleted from an organization on Viva Goals. |
+|User logged in |User logged in |User has logged into Viva Goals. |
+|Team added |Team added |A new team has been created within an organization on Viva Goals. |
+|Team updated |Team updated |A team within an organization on Viva Goals has been modified or updated. |
+|Team deleted |Team deleted |A team within an organization on Viva Goals has been deleted by the user.|
+|Data exported |Data exported |A user has exported list of OKRs or list of users in an organization on Viva Goals.|
+|Goals policy updated |Goals policy updated |The global admin has modified the policy or settings at the tenant level on Viva Goals. For example, the global admin has configured who can create organizations on Viva Goals. |
+|Organisation settings updated |Organisation settings updated |The user (typically Organization owners or admins) has updated organization specific settings on Viva Goals. |
+|OrganisationΓÇ» integrations updated |OrganisationΓÇ» integrations updated |The user (typically Organization owners or admins) has configured a third party integration or updated an existing third party integration for an organization on Viva Goals. |
+|OKR or Project created |OKR or Project created |User has created an OKR or Project on Viva Goals. |
+|OKR or Project updated |OKR or Project updated |An OKR/Project has been modified or a check-in has been made by the user or an integration on Viva Goals. |
+|OKR or Project deleted |OKR or Project deleted |User has deleted an OKR or Project. |
+|Dashboard created |Dashboard created |User has created a new dashboard on Viva Goals |
+|Dashboard updated |Dashboard updated |User has updated a dashboard on Viva Goals |
+|Dashboard deleted |Dashboard deleted |User has deleted a dashboard on Viva Goals. |
compliance Audit Log Search https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/audit-log-search.md
Why a unified audit log? Because you can search the audit log for activities per
| SharePoint Online|SharePoint, SharePointFileOperation,SharePointSharingOperation, SharePointListOperation, SharePointCommentOperation | | Stream|MicrosoftStream| | Threat Intelligence|ThreatIntelligence, ThreatIntelligenceUrl, ThreatFinder, ThreatIntelligenceAtpContent|
+| Viva Goals|Viva Goals|
| Workplace Analytics|WorkplaceAnalytics| | Yammer|Yammer| | SystemSync| DataShareCreated, DataShareDeleted, GenerateCopyOfLakeData, DownloadCopyOfLakeData |
compliance Get Started With Service Trust Portal https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-service-trust-portal.md
Provides a wealth of security implementation and design information with the goa
- **FedRAMP** - Federal Risk and Authorization Management Program - **PCI** - Payment Card Industry (PCI) Data Security Standards (DSS) - **CSA Star** - Cloud Security Alliance (CSA) Security, Trust and Assurance Registry (STAR)-- **Australia IRAP** - Australia Information Security Registered Assesors Program (IRAP)
+- **Australia IRAP** - Australia Information Security Registered Assessors Program (IRAP)
- **Singapore MTCS** - Multi-Tier Cloud Security (MTCS) Singapore Standard - **Spain ENS** - Spain Esquema Nacional de Seguridad (ENS)
By default, the search returns document results. You can filter the results by u
## My Library
-Use the My Library feature to add documents and resources on the Service Trust Portal to your My Library page. This lets you access documents that are relevant to you in a single place. To add a document to your My Library, click the elipsis (**...**) menu to the right of a document and then select **Save to library**. You can add multiple documents to your My Library by clicking the checkbox next to one or more documents, and then clicking **Save to library** at the top of the page.
+Use the My Library feature to add documents and resources on the Service Trust Portal to your My Library page. This lets you access documents that are relevant to you in a single place. To add a document to your My Library, click the ellipsis (**...**) menu to the right of a document and then select **Save to library**. You can add multiple documents to your My Library by clicking the checkbox next to one or more documents, and then clicking **Save to library** at the top of the page.
Additionally, the notifications feature lets you configure your My Library so that an email message is sent to you whenever Microsoft updates a document that you've added to your My Library. To set up notifications, go to your My Library and click **Notification Settings**. You can choose the frequency of notifications and specify an email address in your organization to send notifications to. Email notifications include links to the documents that have been updated and a brief description of the update.
If a document is part of a series, you will be subscribed to the series and will
:::image type="content" source="../media/stp-my-library.png" alt-text="My Library displays the documents you have subscribed to in two sections.":::
+## My Download History
+
+On the My Download History tab, you can view and export a download history of documents downloaded within the last 18 months. The history includes document title, download date, and document status.
+ ## Localization support The Service Trust Portal enables you to view the page content in different languages. To change the page language, simply click on the globe icon in the lower left corner of the page and select the language of your choice.
compliance How Smtp Dane Works https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/how-smtp-dane-works.md
As an Exchange Online customer, there isn't anything you need to do to configure
## How can Exchange Online customers use SMTP DANE inbound?
-Currently, inbound SMTP DANE isn't supported for Exchange Online. Support is expected to be released at the end of 2022.
+Currently, inbound SMTP DANE isn't supported for Exchange Online. Support for inbound SMTP DANE will be available in the near future.
## What is the recommended TLSA record configuration?
compliance Sensitivity Labels Meetings https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-meetings.md
To apply a sensitivity label to meeting invites using Teams, enforce meeting opt
- Require users to label their meetings and calendar event (also known as mandatory labeling) - Help link to a custom help page -- While a meeting is in session, a sensitivity label can't prevent participates from inviting people to join by copying the meeting link, or by sharing via default email or the Outlook calendar. These choices are from the Teams meeting **Share invite** option.
+- While a meeting is in session, a sensitivity label can't prevent participants from inviting people to join by copying the meeting link, or by sharing via default email or the Outlook calendar. These choices are from the Teams meeting **Share invite** option.
- If there's a label change made in Outlook clients while the meeting is progress, any changes to the meeting options won't take effect for the current meeting. If the meeting is in a series, the changes will apply to the next instance.
enterprise Use Microsoft 365 Cdn With Spo https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/use-microsoft-365-cdn-with-spo.md
description: Learn how to use the Office 365 Content Delivery Network (CDN) to s
You can use the built-in Office 365 Content Delivery Network (CDN) to host static assets to provide better performance for your SharePoint Online pages. The Office 365 CDN improves performance by caching static assets closer to the browsers requesting them, which helps to speed up downloads and reduce latency. Also, the Office 365 CDN uses the [HTTP/2 protocol](https://en.wikipedia.org/wiki/HTTP/2) for improved compression and HTTP pipelining. The Office 365 CDN service is included as part of your SharePoint Online subscription.
+> [!CAUTION]
+> Private CDN configuration is in the process of deprecation. You are no longer required to configure a private CDN. Image file types are served through a private CDN out of the box. However, if a private CDN is in use for other file types, like JS or CSS, we recommend using a public CDN for better performance. Going forward, non-image file types will not be supported through private CDNs.
+ > [!NOTE] > The Office 365 CDN is only available to tenants in the **Production** (worldwide) cloud. Tenants in the US Government and China clouds do not currently support the Office 365 CDN.
security Data Storage Privacy https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/data-storage-privacy.md
Once configured, you cannot change the location where your data is stored. This
Microsoft Defender for Endpoint shares data, including customer data, among the following Microsoft products also licensed by the customer. - Microsoft Sentinel
+- Microsoft Tunnel for Mobile Application Management - Android
## Is my data isolated from other customer data?
security Linux Install Manually https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/linux-install-manually.md
Download the onboarding package from Microsoft 365 Defender portal.
The following external package dependencies exist for the mdatp package:
+ - The mdatp RPM package requires "glibc >= 2.17", "audit", "policycoreutils", "semanage" "selinux-policy-targeted", "mde-netfilter"
- For RHEL6 the mdatp RPM package requires "audit", "policycoreutils", "libselinux", "mde-netfilter" - For DEBIAN the mdatp package requires "libc6 >= 2.23", "uuid-runtime", "auditd", "mde-netfilter"
security Linux Support Install https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/linux-support-install.md
If the Microsoft Defender for Endpoint installation fails due to missing depende
The following external package dependencies exist for the mdatp package:
-The mdatp RPM package requires "glibc >= 2.17", "audit", "policycoreutils", "selinux-policy-targeted", "mde-netfilter"
-For RHEL6 the mdatp RPM package requires "audit", "policycoreutils", "libselinux", "mde-netfilter"
-For DEBIAN the mdatp package requires "libc6 >= 2.23", "uuid-runtime", "auditd", "mde-netfilter"
+- The mdatp RPM package requires "glibc >= 2.17", "audit", "policycoreutils", "selinux-policy-targeted", "mde-netfilter"
+- For RHEL6 the mdatp RPM package requires "audit", "policycoreutils", "libselinux", "mde-netfilter"
+- For DEBIAN the mdatp package requires "libc6 >= 2.23", "uuid-runtime", "auditd", "mde-netfilter"
The mde-netfilter package also has the following package dependencies:
-For DEBIAN the mde-netfilter package requires "libnetfilter-queue1", "libglib2.0-0"
-For RPM the mde-netfilter package requires "libmnl", "libnfnetlink", "libnetfilter_queue", "glib2"
+- For DEBIAN the mde-netfilter package requires "libnetfilter-queue1", "libglib2.0-0"
+- For RPM the mde-netfilter package requires "libmnl", "libnfnetlink", "libnetfilter_queue", "glib2"
## Installation failed
security Linux Support Perf https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/linux-support-perf.md
-
+ Title: Troubleshoot performance issues for Microsoft Defender for Endpoint on Linux description: Troubleshoot performance issues in Microsoft Defender for Endpoint on Linux. keywords: microsoft, defender, Microsoft Defender for Endpoint, linux, performance
ms.pagetype: security
ms.localizationpriority: medium Last updated : 01/18/2023 audience: ITPro
The following steps can be used to troubleshoot and mitigate these issues:
To collect current statistics, run: ```bash
- mdatp diagnostic real-time-protection-statistics --output json > real_time_protection.json
+ mdatp diagnostic real-time-protection-statistics --output json
``` > [!NOTE]
The following steps can be used to troubleshoot and mitigate these issues:
4. Next, type the following commands: ```bash
- chmod +x high_cpu_parser.py
- ```
-
- ```bash
- cat real_time_protection.json | python high_cpu_parser.py > real_time_protection.log
+ mdatp diagnostic real-time-protection-statistics --output json | python high_cpu_parser.py
``` The output of the above is a list of the top contributors to performance issues. The first column is the process identifier (PID), the second column is the process name, and the last column is the number of scanned files, sorted by impact. For example, the output of the command will be something like the below: ```Output
- ... > python ~/repo/mdatp-xplat/linux/diagnostic/high_cpu_parser.py <~Downloads/output.json | head -n 10
+ ... > mdatp diagnostic real-time-protection-statistics --output json | python high_cpu_parser.py | head
27432 None 76703 73467 actool 1249 73914 xcodebuild 1081
security Air About Office https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/air-about-office.md
- m365-security - m365initiative-defender-office365 keywords: automated incident response, investigation, remediation, threat protection Previously updated : 01/29/2021 Last updated : 01/17/2023 description: See how automated investigation and response capabilities work in Microsoft Defender for Office 365 - air
Next, several threat investigation and hunting steps are executed:
- Similar email messages are identified via email cluster searches. - The signal is shared with other platforms, such as [Microsoft Defender for Endpoint](/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection). - A determination is made on whether any users have clicked through any malicious links in suspicious email messages.-- A check is done across Exchange Online Protection ([EOP](eop-about.md) and ([Microsoft Defender for Office 365](defender-for-office-365.md) to see if there are any other similar messages reported by users.
+- A check is done across [Exchange Online Protection](eop-about.md) (EOP) and [Microsoft Defender for Office 365](defender-for-office-365.md) to see if there are any other similar messages reported by users.
- A check is done to see if a user has been compromised. This check leverages signals across Office 365, [Microsoft Defender for Cloud Apps](/cloud-app-security), and [Azure Active Directory](/azure/active-directory), correlating any related user activity anomalies. During the hunting phase, risks and threats are assigned to various hunting steps.
security Reducing Attack Surface In Microsoft Teams https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/reducing-attack-surface-in-microsoft-teams.md
+
+ Title: Reduce the attack surface for Microsoft Teams
+description: Configuration which can be used to reduce the attack surface in Microsoft Teams, including enabling Microsoft Defender for Office 365.
+search.product:
+
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+f1.keywords:
+ - NOCSH
++
+ms.localizationpriority: medium
+
+audience: ITPro
+
+- m365-guidance-templates
+- m365-security
+- tier3
++
+search.appverid: met150
+++
+# Reduce the attack surface for Microsoft Teams
+
+Microsoft Teams is a widely used collaboration tool, where many users are now spending their time. Attackers know this and are pivoting. Below are a set of steps you can perform to reduce the attack surface in Teams and help keep your organization more secure.
+
+> [!IMPORTANT]
+> There is a balance to strike between security and productivity, and not all these steps may be relevant for your organizational risk profile.
+## What you'll need
+
+- Microsoft Teams
+- Microsoft Defender for Office 365 Plan 1 (for some features)
+- Sufficient permissions (Teams administrator / security administrator)
+- 5-10 minutes to perform the steps below.
+
+> [!NOTE]
+> Not all these options will be available for government specific clouds such as GCC.
+## Turn on Microsoft Defender for Office 365 in Teams
+
+If licensed for Microsoft Defender for Office 365 (free 90-day evaluation available at aka.ms/trymdo) you can ensure seamless protection from zero-day malware and time of click protection within Microsoft Teams.
+
+[Learn More (SafeLinks)](https://docs.microsoft.com/microsoft-365/security/office-365-security/safe-links#safe-links-settings-for-microsoft-teams) & [Learn More (Safe Attachments)](https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/turn-on-mdo-for-spo-odb-and-teams?view=o365-worldwide#step-1-use-the-microsoft-365-defender-portal-to-turn-on-safe-attachments-for-sharepoint-onedrive-and-microsoft-teams) (Detailed Documentation)
+
+1. **Login** to the security center's safe attachments configuration page at [https://security.microsoft.com/safeattachmentv2](https://security.microsoft.com/safeattachmentv2)
+2. Press **Global settings**
+3. Ensure **Turn on Defender for Office 365 for SharePoint, OneDrive, and Microsoft Teams** is set to on.
+4. Navigate to the security center's Safe links configuration page at: [https://security.microsoft.com/safelinksv2](https://security.microsoft.com/safelinksv2)
+5. If you have multiple policies, you will need to complete this step for each policy (excluding built-in, standard and strict preset policies)
+6. **Select** a policy, a flyout will appear on the left-hand side
+7. Press **Edit protection settings**
+8. Ensure **Safe Links checks a list of known, malicious links when users click links in Microsoft Teams** is checked
+9. Press **Save**
+
+## Restricting channel email messages to approved domains.
+
+An attacker could email channels directly if they discover the channel email address. The best practice is to have this only setup for known trusted domains rather than open to all (default).
+
+1. **Login** to the Teams admin center at: https://admin.teams.microsoft.com/
+2. On the left-hand navigation, expand **Teams** and then choose **Teams settings**
+3. Under the **Email integration** heading, choose to allow or disallow users to send emails to a channel email address by toggling **Users can send emails to a channel email address.**
+4. If you have allowed users to send emails to a channel email address in the previous step, enter the specific domains you wish to accept mail from in the **Accept channel email from these SMTP domains** box. (for example, an alert provider, or trusted supplier)
+5. Press **Save** at the bottom of the page.
+
+## Managing third party storage options
+
+Users can store their files in potentially unsupported 3rd party storage providers. If you do not use these providers, you can disable this setting to reduce data leakage risk.
+
+1. **Login** to the Teams admin center at: https://admin.teams.microsoft.com/
+2. On the left-hand navigation, expand **Teams** and then choose **Teams settings**
+3. Under the **Files** heading, choose which storage providers you want to be available for use within the files tab.
+4. Press **Save** at the bottom of the page.
+
+## Disabling Third-party & custom apps
+
+Applications are a very useful part of Microsoft teams, but it is recommended to maintain a list of allowed apps rather than allowing all apps by default.
+
+1. **Login** to the Teams admin center at: https://admin.teams.microsoft.com/
+2. On the left-hand navigation, expand **Teams apps** and then choose **Permission Policies**
+3. If you have custom permission policies, you will need to do these steps for each of them if appropriate, otherwise select **Global (Org-wide default)**
+4. Select the appropriate settings for your organization, a recommended starting point is:
+ - Microsoft apps ΓÇô set to **Allow all apps** (default)
+ - Third-party apps ΓÇô set to **Allow specific apps and block all others** (if you already have 3rd party apps to then select for allowing) otherwise select **Block all apps**
+ - Custom apps ΓÇô set to **Allow specific apps and block all others** (if you already have custom apps to then select for allowing) otherwise select **Block all apps**
+5. Press **Save.**
+6. You'll need to change this setting for each policy (if you have multiple)
+
+## Configure meeting settings
+
+You can reduce the attack surface by ensuring people outside your organization cannot request access to control presenter's screens and require dial in and all external people to be authenticated & admitted from a meeting lobby.
+[Learn more](https://docs.microsoft.com/en-US/microsoftteams/meeting-policies-participants-and-guests) (detailed documentation)
+
+1. **Login** to the Teams admin center at: https://admin.teams.microsoft.com/
+2. On the left-hand navigation, expand **Meetings** and then choose **Meeting Policies**
+3. If you have assigned any custom or built-in policies to users, you will need to do these steps for each of them if appropriate, otherwise select **Global (Org-wide default)**
+4. Under the **Content sharing** heading, ensure **External participants can give or request control** is set to **off.**
+5. Under the **Participants & guests** heading, ensure **Automatically admit people** is set to **Invited users only**
+6. Ensure **Dial-in users can bypass the lobby** is set to **off.**
+7. Ensure **Let anonymous people join a meeting** is set to **off.**
+8. Set **Chat in meetings** to **"Turn it on for everyone but anonymous users"**
+9. Press **Save.**
+10. You'll need to change this setting for each policy.
+
+## Configure meeting settings (Restrict presenters)
+You can reduce the risk of unwanted or inappropriate content being shared during meetings by restricting who can present to Organizers (everyone is allowed to present by default).
+
+1. **Login** to the Teams admin center at: https://admin.teams.microsoft.com/
+2. On the left-hand navigation, expand **Meetings** and then choose **Meeting Policies**
+3. If you have assigned any custom or built-in policies to users, you will need to do these steps for each of them if appropriate, otherwise select **Global (Org-wide default)**
+4. Under the **Participants & guests** heading, toggle who can present in meetings to **Organizers, but users can override.**
+5. Press **Save.**
+6. You'll need to change this setting for each policy.
+
+## Disable open federation
+
+Open federation allows your users to communicate externally in Microsoft teams, allowing external organizations to start a conversation with your users and vice versa, which is useful for collaboration, but also for attackers to directly communicate with your organization if they know a victims email address.
+[Learn more](https://docs.microsoft.com/microsoftteams/manage-external-access) (detailed documentation)
+
+1. **Login** to the Teams admin center at: https://admin.teams.microsoft.com/
+2. On the left-hand navigation, expand **Users** and then choose **External access**
+3. Under the **Teams and Skype for Business users in external organizations** heading, select the **Choose which external domains your users have access to** dropdown and set this to **Allow only specific external domains**
+4. Enter any external domains users should be able to communicate with by pressing **Allow domains,** using the flyout, and pressing **Done** when finished.
+5. Press **Save.**
++
+## Learn More
+
+Consider configuring access policies to implement Zero Trust identity and device access policies to protect Microsoft Teams chats, groups, and content such as files and calendars.
+
+Learn more about teams access policies: [Recommended Teams policies - Microsoft 365 for enterprise - Office 365 | Microsoft Docs](https://docs.microsoft.com/microsoft-365/security/office-365-security/teams-access-policies)
+
+Security in Microsoft Teams:[Overview of security and compliance - Microsoft Teams | Microsoft Docs](https://docs.microsoft.com/microsoftteams/security-compliance-overview)
security Tenant Allow Block List Email Spoof Configure https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/tenant-allow-block-list-email-spoof-configure.md
For detailed syntax and parameter information, see [Get-TenantAllowBlockListItem
You can make the following modifications to entries for domains and email addresses in the Tenant Allow/Block list: -- **Block enries**: The expiration date and notes.
+- **Block entries**: The expiration date and notes.
- **Allow entries**: Notes. 1. In the Microsoft 365 Defender portal at <https://security.microsoft.com>, go to **Policies & rules** \> **Threat Policies** \> **Rules** section \> **Tenant Allow/Block Lists**. Or, to go directly to the **Tenant Allow/Block List** page, use <https://security.microsoft.com/tenantAllowBlockList>.
solutions Limit Guest Sharing To Specific Organization https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/limit-guest-sharing-to-specific-organization.md
If you only want your users to invite guests from specific organizations, you ca
## Configure cross-tenant access settings
-The first step in limiting guest sharing is to change the default settings in the Azure AD cross-tenant access settings to block inviting guests by default. Then you can allow guest invitations for specific organizations.
+The first step in limiting guest sharing is to change the default settings in the Azure AD cross-tenant access settings to block inviting guests by default. Then you can allow guest invitations for specific organizations. Note that this will block access for existing guests whose domains are not specifically allowed.
> [!NOTE] > Changes to cross-tenant access settings may take two hours to take effect.
To disable the email one-time passcode feature
[Limit who can be invited by an organization](limit-invitations-from-specific-organization.md)
-[Limit organizations where users can have guest accounts](limit-organizations-where-users-have-guest-accounts.md)
+[Limit organizations where users can have guest accounts](limit-organizations-where-users-have-guest-accounts.md)