{"id":46652,"date":"2024-08-29T11:17:10","date_gmt":"2024-08-29T10:17:10","guid":{"rendered":"https:\/\/www.firstware.com\/?p=46652"},"modified":"2024-08-30T10:48:22","modified_gmt":"2024-08-30T09:48:22","slug":"central-management-of-guest-accounts-in-hybrid-environments","status":"publish","type":"post","link":"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/","title":{"rendered":"Central management of guest accounts in hybrid environments &#8211; AD and Entra ID"},"content":{"rendered":"<p>Managing access control and permissions for guest accounts or external accounts in hybrid environments is complex. <strong>This article highlights the challenges and possible solutions, particularly in the context of using AD groups to control access for guest accounts.<\/strong> In these cases, the accounts are partially managed from within AD.<\/p>\n<p>Parallel to this, it is of course also possible to create <strong>guest accounts only in Entra ID<\/strong>. In this case, however, <strong>the accounts are managed separately from the management of the other accounts<\/strong>, which are synchronized to Entra ID via Active Directory, for example. In the following, we show different options and their advantages.\u00a0<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Index<\/p>\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/#What-are-guest-accounts-and-what-are-their-benefits\" >What are guest accounts and what are their benefits?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/#Challenges-and-risks-of-guest-accounts\" >Challenges and risks of guest accounts<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/#Manage-guest-accounts-in-AD-and-Entra-ID\" >Manage guest accounts in AD and Entra ID<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/#Keep-guest-accounts-centrally-under-control-in-hybrid-environments\" >Keep guest accounts centrally under control in hybrid environments<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/#IDM-portal-helps-with-the-central-management-of-guest-accounts\" >IDM portal helps with the central management of guest accounts<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/#Summary\" >Summary<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/#More-about-FirstWare-IDM-Portal\" >More about FirstWare IDM-Portal<\/a><\/li><\/ul><\/nav><\/div>\n\n<h2><span class=\"ez-toc-section\" id=\"What-are-guest-accounts-and-what-are-their-benefits\"><\/span>What are guest accounts and what are their benefits?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><strong>Guest accounts in Entra ID and M365 offer a flexible way of integrating external users into company networks<\/strong>, especially in hybrid environments with local Active Directory (AD). These guest accounts make it possible to securely and efficiently integrate partners, suppliers or customers into your own resources without granting them full access to the internal network.<\/p>\n<p>In a hybrid configuration, Entra ID Connect synchronizes the user accounts between the local AD and Entra ID, ensuring seamless integration. This also plays an important role, for example, in cloud services in M365, such as Microsoft Teams or SharePoint.\u00a0<\/p>\n<div id=\"attachment_46706\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img decoding=\"async\" aria-describedby=\"caption-attachment-46706\" class=\"imgshadow wp-image-46706 size-large\" title=\"Controlling guest access in the Teams Admin Center\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2024\/08\/Guest-access-in-MS-Teams-1024x807.png\" alt=\"Controlling guest access in the Teams Admin Center\" width=\"1024\" height=\"807\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Guest-access-in-MS-Teams-1024x807.png 1024w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Guest-access-in-MS-Teams-300x236.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Guest-access-in-MS-Teams-768x605.png 768w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Guest-access-in-MS-Teams.png 1104w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-46706\" class=\"wp-caption-text\">Controlling guest access in the Teams Admin Center<\/p><\/div>\n<p><strong>Guest users receive access rights according to the assigned roles and groups<\/strong>, which is controlled in detail by the policies in Entra ID and M365. This structure ensures that security requirements and compliance specifications are implemented efficiently. At the same time, collaboration with external partners is optimized.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Challenges-and-risks-of-guest-accounts\"><\/span>Challenges and risks of guest accounts<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The use of guest accounts in Entra ID and Microsoft 365 poses several security risks and challenges. A key risk is the potential expansion of the attack vector, as external users may adhere to less stringent security policies than internal users. This can lead to <strong>unwanted access to sensitive data<\/strong>, especially if guest accounts are not properly monitored and managed.<\/p>\n<div id=\"attachment_46708\" style=\"width: 1034px\" class=\"wp-caption alignnone\"><img decoding=\"async\" aria-describedby=\"caption-attachment-46708\" class=\"imgshadow wp-image-46708 size-large\" title=\"Connection of cloud services to Active Directory\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2024\/08\/Connect-to-AD-1024x707.png\" alt=\"Connection of cloud services to Active Directory\" width=\"1024\" height=\"707\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Connect-to-AD-1024x707.png 1024w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Connect-to-AD-300x207.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Connect-to-AD-768x530.png 768w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Connect-to-AD.png 1235w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-46708\" class=\"wp-caption-text\">There are also connections to Active Directory in other cloud services, for example in AWS. Entra can help here, but needs support in the secure and effective management of user accounts.<\/p><\/div>\n<p>Another problem is managing the identities and access rights of guest users, as these are often dynamic and the required access rights can change frequently. There is a <strong>risk that access rights will not be adjusted or withdrawn in time<\/strong>, which can lead to increased security incidents. Adherence to compliance guidelines also poses a challenge, as external users may be subject to different data protection regulations.<\/p>\n<p>The integration and synchronization of guest accounts in hybrid environments can also be complex and error-prone. It is making administration considerably more difficult and potentially creating security vulnerabilities. To minimize these risks, careful planning, regular monitoring and the implementation of strict security policies are essential.<\/p>\n<p><a href=\"https:\/\/firstware.com\/en\/contact\/\" target=\"_blank\" rel=\"noopener\"><button class=\"ButtonBeratung2 aligncenter\">Contact our team<\/button><\/a><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Manage-guest-accounts-in-AD-and-Entra-ID\"><\/span>Manage guest accounts in AD and Entra ID<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>In general, there are various options for using guest accounts in hybrid environments and connecting them to Entra ID.<\/p>\n<ol>\n<li><strong>Admins can create the accounts in AD and synchronize them with Entra ID using Entra ID Connect.<\/strong> The accounts are primarily managed in the local Active Directory.<\/li>\n<li>At the same time, it is of course also possible to <strong>create the guest accounts in Entra ID and synchronize them in AD<\/strong>. Of course, the administration takes place primarily in Entra ID.<\/li>\n<\/ol>\n<p>Depending on the scenario in question, this quickly results in error-prone and complicated workflows, often in mixed operation.<\/p>\n<p><img decoding=\"async\" class=\"imgshadow alignnone wp-image-46710 size-large\" title=\"Microsoft Entra Connect\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2024\/08\/Using-Entra-Connect-1024x839.png\" alt=\"Microsoft Entra Connect\" width=\"1024\" height=\"839\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Using-Entra-Connect-1024x839.png 1024w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Using-Entra-Connect-300x246.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Using-Entra-Connect-768x629.png 768w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Using-Entra-Connect.png 1196w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p><strong>If guest accounts are required, it is usually better to manage them centrally for security reasons.<\/strong> This ensures that the guest accounts are available exactly where they are needed and that the central administration provides an overview of rights and areas of application.<\/p>\n<p>Centralized administration also offers further advantages. Guest accounts that admins create in Entra ID are neither visible nor usable in AD. If an external user needs access here too, additional accounts are sometimes required. This increases the attack vectors, as there are more accounts than necessary in the company.<\/p>\n<p>In addition, there is <strong>inconsistent administration in multiple systems<\/strong>. Incorrectly set authorizations pose a further security risk in such a scenario. Security gaps quickly arise here, which can lead to considerable problems in the hybrid network. Even with correctly set authorizations, complex structures are created that are difficult to keep under control.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Keep-guest-accounts-centrally-under-control-in-hybrid-environments\"><\/span>Keep guest accounts centrally under control in hybrid environments<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>If guest accounts are available in Active Directory, there are various scenarios for dealing with them:<\/p>\n<ul style=\"list-style-type: square;\">\n<li>If the guest accounts are primarily required in Active Directory, they can also be managed centrally here. If required, they can be synchronized to Entra ID in the cloud. This makes them available in Entra and M365, for example for guest access to MS Teams or SharePoint.<\/li>\n<li>It is also possible to create <strong>guest accounts as conventional user accounts<\/strong> and use different attributes. Unused attributes or the \u201cmsDS-User-Account-Control-Computed\u201d attribute are possible.<\/li>\n<\/ul>\n<p><strong>The attribute \u201cmsDS-User-Account-Control-Computed\u201d in Active Directory enables the identification and handling of external and guest accounts.<\/strong> This attribute is a bit-masked number that reflects various account settings that are dynamically calculated by the system. For the differentiation and management of external user accounts and guest accounts, the attribute is used to set specific flags that mark these accounts as such.<\/p>\n<div id=\"attachment_41947\" style=\"width: 888px\" class=\"wp-caption aligncenter\"><img decoding=\"async\" aria-describedby=\"caption-attachment-41947\" class=\"imgshadow wp-image-41947 size-full\" title=\"Creation of new attributes in Entra ID\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2022\/04\/attribute-new.png\" alt=\"Creation of new attributes in Entra ID\" width=\"878\" height=\"566\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2022\/04\/attribute-new.png 878w, https:\/\/www.firstware.com\/wp-content\/uploads\/2022\/04\/attribute-new-300x193.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2022\/04\/attribute-new-768x495.png 768w\" sizes=\"(max-width: 878px) 100vw, 878px\" \/><p id=\"caption-attachment-41947\" class=\"wp-caption-text\">Creation of new attributes in Entra ID (Image: Microsoft)<\/p><\/div>\n<p>For example, the flag for a guest account is set to restrict access to sensitive resources and to apply specific policies that are suitable for temporary or restricted users. External user accounts are also marked by corresponding bits in this attribute. This automatically adjusts the administrative measures, such as<\/p>\n<ul style=\"list-style-type: square;\">\n<li>Password requirements,<\/li>\n<li>registration rights and<\/li>\n<li>access rights.<\/li>\n<\/ul>\n<p>It enables precise and automated management of these special user groups, which are tailored to the company&#8217;s specific security and access requirements.<\/p>\n<p>This is used when guest users should not only access resources in the cloud, but also local workloads or data in the local data center (on-premises). The reverse is also conceivable. Central administration in an IAM system, such as the FirstWare IDM-Portal, makes managing guest accounts much easier. It avoids security gaps caused by incorrect settings or an unnecessarily high number of accounts in Entra ID or the local Active Directory.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"IDM-portal-helps-with-the-central-management-of-guest-accounts\"><\/span>IDM portal helps with the central management of guest accounts<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><strong>For centralized management of guest accounts, companies can use the <a href=\"https:\/\/firstware.com\/en\/\">FirstWare IDM-Portal<\/a> to manage guest accounts in Active Directory and Entra ID in parallel.<\/strong><\/p>\n<p>As the IDM-Portal writes directly to the AD,<strong> it can also create, read and edit guest accounts in AD<\/strong> in addition to the conventional user accounts:\u00a0 \u00a0<\/p>\n<p><img decoding=\"async\" class=\"imgshadow aligncenter wp-image-46697 size-large\" title=\"Manage AD guest accounts with IDM-Portal\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2024\/08\/Create-guest-in-AD-with-IDM-Portal-1024x574.jpg\" alt=\"Manage AD guest accounts with IDM-Portal\" width=\"1024\" height=\"574\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Create-guest-in-AD-with-IDM-Portal-1024x574.jpg 1024w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Create-guest-in-AD-with-IDM-Portal-300x168.jpg 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Create-guest-in-AD-with-IDM-Portal-768x430.jpg 768w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Create-guest-in-AD-with-IDM-Portal-1536x861.jpg 1536w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Create-guest-in-AD-with-IDM-Portal-2048x1147.jpg 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>This is done via a user-friendly interface that displays all relevant attributes. As the IDM-Portal works without its own database, creating and maintaining guest accounts is extremely quick. Access permissions are automatically tailored to roles and attributes so that guest users are only allowed to do what is necessary.<\/p>\n<p><strong>You can also edit the guest accounts in Entra ID in the IDM-Portal, <\/strong>both from a user and a group perspective. For example, guests can be easily added to Entra groups using a drag &amp; drop function:\u00a0<\/p>\n<p><img decoding=\"async\" class=\"imgshadow aligncenter wp-image-46689 size-large\" title=\"Add new guests in M365 group in IDM-Portal\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2024\/08\/Entra-ID-group-memberships-guest-IDM-Portal-1024x340.png\" alt=\"Add new guests in M365 group in IDM-Portal\" width=\"1024\" height=\"340\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Entra-ID-group-memberships-guest-IDM-Portal-1024x340.png 1024w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Entra-ID-group-memberships-guest-IDM-Portal-300x100.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Entra-ID-group-memberships-guest-IDM-Portal-768x255.png 768w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Entra-ID-group-memberships-guest-IDM-Portal-1536x510.png 1536w, https:\/\/www.firstware.com\/wp-content\/uploads\/2024\/08\/Entra-ID-group-memberships-guest-IDM-Portal.png 1906w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>The IDM-Portal uses the my-IAM RealIdentity and my-IAM RealGroup business services to access Entra identity data. These services retrieve the identity data from Entra ID and make it available for further processing in the IDM-Portal. All changes are immediately transferred to Entra ID.<\/p>\n<p><a href=\"https:\/\/my-iam.com\/en\/realidentity\/\" target=\"_blank\" rel=\"noopener\">my-IAM RealIdentity<\/a> and <a href=\"https:\/\/my-iam.com\/en\/realgroup\/\" target=\"_blank\" rel=\"noopener\">my-IAM RealGroup<\/a> are cloud services of the my-IAM platform. They ensure the provision and management of identities and groups from various sources, such as Entra ID, but also other external systems. RealGroup enables centralized management and assignment of group permissions, especially for guest accounts, which keeps access to company resources secure and controlled.\u00a0<\/p>\n<p><strong>The big advantage of using the IDM-Portal:<\/strong><\/p>\n<ul>\n<li>This provides administrators<strong> with an interface for managing both directories<\/strong>.<\/li>\n<li>It makes administration much easier, as <strong>control over the guest accounts is centralized<\/strong>.<\/li>\n<li>The creation and maintenance of guest accounts is <strong>extremely fast<\/strong>.<\/li>\n<li>It <strong>reduces inconsistencies and security risks<\/strong> through automated processes.<\/li>\n<li>Administration <strong>can also be delegated to specialists<\/strong>.<\/li>\n<\/ul>\n<h2><span class=\"ez-toc-section\" id=\"Summary\"><\/span>Summary<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Guest accounts are becoming increasingly relevant for many companies, as there is a proliferation of different systems and external identities. How best to manage these external users is an important topic, especially because important security aspects are involved.<\/p>\n<p>Seamless integration of the cloud and Active Directory into the IDM-Portal allows administrators to <strong>manage guest accounts in one central location.<\/strong> It increases security and improves administrative efficiency.\u00a0<\/p>\n<h2><span class=\"ez-toc-section\" id=\"More-about-FirstWare-IDM-Portal\"><\/span>More about FirstWare IDM-Portal<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><img decoding=\"async\" class=\"alignleft wp-image-36704\" title=\"IDM-Portal Hybrid IAM L\u00f6sung\" src=\"https:\/\/firstware.com\/wp-content\/uploads\/2021\/08\/IDM-Portal-Hybrid-IAM-Loesung-1.png\" alt=\"IDM-Portal Hybrid IAM L\u00f6sung\" width=\"238\" height=\"199\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2021\/08\/IDM-Portal-Hybrid-IAM-Loesung-1.png 453w, https:\/\/www.firstware.com\/wp-content\/uploads\/2021\/08\/IDM-Portal-Hybrid-IAM-Loesung-1-300x250.png 300w\" sizes=\"(max-width: 238px) 100vw, 238px\" \/><a href=\"https:\/\/firstware.com\/en\/\">FirstWare IDM-Portal<\/a> from FirstAttribute is an integrated Identity and Access Management (IAM) solution that enables the automated management of users and their authorizations, whether on-premises or in the cloud.<\/p>\n<p>This portal integrates all facets of identity and access management and enables centralized access to identity and directory services.<\/p>\n<p><a href=\"https:\/\/firstware.com\/en\/contact\/\" target=\"_blank\" rel=\"noopener\"><button class=\"ButtonBeratung aligncenter\">Contact us know<\/button><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Managing access control and permissions for guest accounts or external accounts in hybrid environments is complex. This article highlights the [&hellip;]<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[9,1839],"tags":[1972],"class_list":["post-46652","post","type-post","status-publish","format-standard","hentry","category-general","category-identity-management-en","tag-guest-accounts"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Central management of guest accounts in hybrid environments<\/title>\n<meta name=\"description\" content=\"Managing guest accounts in hybrid environments is complex. The IDM-Portal manages guests in Entra ID and Active Directory in parallel.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Central management of guest accounts in hybrid environments\" \/>\n<meta property=\"og:description\" content=\"Managing guest accounts in hybrid environments is complex. The IDM-Portal manages guests in Entra ID and Active Directory in parallel.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/\" \/>\n<meta property=\"og:site_name\" content=\"FirstWare IDM-Portal\" \/>\n<meta property=\"og:image\" content=\"https:\/\/firstware.com\/wp-content\/uploads\/2024\/08\/Guest-access-in-MS-Teams-1024x807.png\" \/>\n<meta name=\"author\" content=\"Sophia Tunui\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sophia Tunui\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/central-management-of-guest-accounts-in-hybrid-environments\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/central-management-of-guest-accounts-in-hybrid-environments\\\/\"},\"author\":{\"name\":\"Sophia Tunui\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/person\\\/e7504910be78b9b066298168ab6e839e\"},\"headline\":\"Central management of guest accounts in hybrid environments &#8211; AD and Entra ID\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/central-management-of-guest-accounts-in-hybrid-environments\\\/\"},\"wordCount\":1494,\"publisher\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/central-management-of-guest-accounts-in-hybrid-environments\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/firstware.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/Guest-access-in-MS-Teams-1024x807.png\",\"keywords\":[\"guest accounts\"],\"articleSection\":[\"General\",\"Identity Management\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/central-management-of-guest-accounts-in-hybrid-environments\\\/\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/central-management-of-guest-accounts-in-hybrid-environments\\\/\",\"name\":\"Central management of guest accounts in hybrid environments\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/central-management-of-guest-accounts-in-hybrid-environments\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/central-management-of-guest-accounts-in-hybrid-environments\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/firstware.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/Guest-access-in-MS-Teams-1024x807.png\",\"description\":\"Managing guest accounts in hybrid environments is complex. The IDM-Portal manages guests in Entra ID and Active Directory in parallel.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/central-management-of-guest-accounts-in-hybrid-environments\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/central-management-of-guest-accounts-in-hybrid-environments\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/central-management-of-guest-accounts-in-hybrid-environments\\\/#primaryimage\",\"url\":\"https:\\\/\\\/firstware.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/Guest-access-in-MS-Teams-1024x807.png\",\"contentUrl\":\"https:\\\/\\\/firstware.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/Guest-access-in-MS-Teams-1024x807.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/central-management-of-guest-accounts-in-hybrid-environments\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Central management of guest accounts in hybrid environments &#8211; AD and Entra ID\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/\",\"name\":\"FirstWare IDM-Portal\",\"description\":\"Identity and Autorization Management in M365 and Active Directory\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#organization\",\"name\":\"FirstWare IDM-Portal\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/IDM-Portal.ico\",\"contentUrl\":\"https:\\\/\\\/www.firstware.com\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/IDM-Portal.ico\",\"width\":1,\"height\":1,\"caption\":\"FirstWare IDM-Portal\"},\"image\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/person\\\/e7504910be78b9b066298168ab6e839e\",\"name\":\"Sophia Tunui\",\"sameAs\":[\"http:\\\/\\\/firstattribute.com\"],\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/author\\\/sophia-tunui\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Central management of guest accounts in hybrid environments","description":"Managing guest accounts in hybrid environments is complex. The IDM-Portal manages guests in Entra ID and Active Directory in parallel.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/","og_locale":"en_US","og_type":"article","og_title":"Central management of guest accounts in hybrid environments","og_description":"Managing guest accounts in hybrid environments is complex. The IDM-Portal manages guests in Entra ID and Active Directory in parallel.","og_url":"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/","og_site_name":"FirstWare IDM-Portal","og_image":[{"url":"https:\/\/firstware.com\/wp-content\/uploads\/2024\/08\/Guest-access-in-MS-Teams-1024x807.png","type":"","width":"","height":""}],"author":"Sophia Tunui","twitter_misc":{"Written by":"Sophia Tunui","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/#article","isPartOf":{"@id":"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/"},"author":{"name":"Sophia Tunui","@id":"https:\/\/www.firstware.com\/en\/#\/schema\/person\/e7504910be78b9b066298168ab6e839e"},"headline":"Central management of guest accounts in hybrid environments &#8211; AD and Entra ID","mainEntityOfPage":{"@id":"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/"},"wordCount":1494,"publisher":{"@id":"https:\/\/www.firstware.com\/en\/#organization"},"image":{"@id":"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/#primaryimage"},"thumbnailUrl":"https:\/\/firstware.com\/wp-content\/uploads\/2024\/08\/Guest-access-in-MS-Teams-1024x807.png","keywords":["guest accounts"],"articleSection":["General","Identity Management"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/","url":"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/","name":"Central management of guest accounts in hybrid environments","isPartOf":{"@id":"https:\/\/www.firstware.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/#primaryimage"},"image":{"@id":"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/#primaryimage"},"thumbnailUrl":"https:\/\/firstware.com\/wp-content\/uploads\/2024\/08\/Guest-access-in-MS-Teams-1024x807.png","description":"Managing guest accounts in hybrid environments is complex. The IDM-Portal manages guests in Entra ID and Active Directory in parallel.","breadcrumb":{"@id":"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/#primaryimage","url":"https:\/\/firstware.com\/wp-content\/uploads\/2024\/08\/Guest-access-in-MS-Teams-1024x807.png","contentUrl":"https:\/\/firstware.com\/wp-content\/uploads\/2024\/08\/Guest-access-in-MS-Teams-1024x807.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.firstware.com\/en\/blog\/central-management-of-guest-accounts-in-hybrid-environments\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/www.firstware.com\/en\/"},{"@type":"ListItem","position":2,"name":"Central management of guest accounts in hybrid environments &#8211; AD and Entra ID"}]},{"@type":"WebSite","@id":"https:\/\/www.firstware.com\/en\/#website","url":"https:\/\/www.firstware.com\/en\/","name":"FirstWare IDM-Portal","description":"Identity and Autorization Management in M365 and Active Directory","publisher":{"@id":"https:\/\/www.firstware.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.firstware.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.firstware.com\/en\/#organization","name":"FirstWare IDM-Portal","url":"https:\/\/www.firstware.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.firstware.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.firstware.com\/wp-content\/uploads\/2019\/06\/IDM-Portal.ico","contentUrl":"https:\/\/www.firstware.com\/wp-content\/uploads\/2019\/06\/IDM-Portal.ico","width":1,"height":1,"caption":"FirstWare IDM-Portal"},"image":{"@id":"https:\/\/www.firstware.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.firstware.com\/en\/#\/schema\/person\/e7504910be78b9b066298168ab6e839e","name":"Sophia Tunui","sameAs":["http:\/\/firstattribute.com"],"url":"https:\/\/www.firstware.com\/en\/blog\/author\/sophia-tunui\/"}]}},"_links":{"self":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/posts\/46652","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/comments?post=46652"}],"version-history":[{"count":0,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/posts\/46652\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/media?parent=46652"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/categories?post=46652"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/tags?post=46652"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}