Merge pull request #203176 from msmimart/mm-xtas-ga

[EXID] GA: External Identities cross-tenant access settings and B2B direct connect

Author: 19BMG00

articles/active-directory/external-identities/b2b-direct-connect-overview.md

@@ -6,15 +6,15 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: B2B
 ms.topic: conceptual
-ms.date: 04/08/2022
+ms.date: 06/30/2022
 
 ms.author: mimart
 author: msmimart
 manager: celestedg
 ms.collection: M365-identity-device-management
 ---
 
-# B2B direct connect overview (Preview)
+# B2B direct connect overview
 
 Azure Active Directory (Azure AD) B2B direct connect is a feature of External Identities that lets you set up a mutual trust relationship with another Azure AD organization for seamless collaboration. This feature currently works with Microsoft Teams shared channels. With B2B direct connect, users from both organizations can work together using their home credentials and a shared channel in Teams, without having to be added to each other’s organizations as guests. Use B2B direct connect to share resources with external Azure AD organizations. Or use it to share resources across multiple Azure AD tenants within your own organization.
 

articles/active-directory/external-identities/cross-cloud-settings.md

@@ -5,7 +5,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: B2B
 ms.topic: how-to
-ms.date: 05/17/2022
+ms.date: 06/30/2022
 
 ms.author: mimart
 author: msmimart
@@ -55,7 +55,7 @@ In your Microsoft cloud settings, enable the Microsoft Azure cloud you want to c
 >Microsoft Azure China - https://aka.ms/cloudsettingschina
 
 1. Sign in to the [Azure portal](https://portal.azure.com) using a Global administrator or Security administrator account. Then open the **Azure Active Directory** service.
-1. Select **External Identities**, and then select **Cross-tenant access settings (Preview)**.
+1. Select **External Identities**, and then select **Cross-tenant access settings**.
 1. Select **Microsoft cloud settings (Preview)**.
 1. Select the checkboxes next to the external Microsoft Azure clouds you want to enable.
 
@@ -69,7 +69,7 @@ In your Microsoft cloud settings, enable the Microsoft Azure cloud you want to c
 Follow these steps to add the tenant you want to collaborate with to your Organizational settings.
 
 1. Sign in to the [Azure portal](https://portal.azure.com) using a Global administrator or Security administrator account. Then open the **Azure Active Directory** service.
-1. Select **External Identities**, and then select **Cross-tenant access settings (Preview)**.
+1. Select **External Identities**, and then select **Cross-tenant access settings**.
 1. Select **Organizational settings**.
 1. Select **Add organization**.
 1. On the **Add organization** pane, type the tenant ID for the organization (cross-cloud lookup by domain name isn't currently available).

articles/active-directory/external-identities/cross-tenant-access-overview.md

@@ -5,7 +5,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: B2B
 ms.topic: how-to
-ms.date: 05/17/2022
+ms.date: 06/30/2022
 
 ms.author: mimart
 author: msmimart
@@ -14,10 +14,7 @@ ms.custom: "it-pro"
 ms.collection: M365-identity-device-management
 ---
 
-# Overview: Cross-tenant access with Azure AD External Identities (Preview)
-
-> [!NOTE]
-> Cross-tenant access settings are preview features of Azure Active Directory. For more information about previews, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
+# Overview: Cross-tenant access with Azure AD External Identities
 
 Azure AD organizations can use External Identities cross-tenant access settings to manage how they collaborate with other Azure AD organizations and other Microsoft Azure clouds through B2B collaboration and [B2B direct connect](cross-tenant-access-settings-b2b-direct-connect.md). [Cross-tenant access settings](cross-tenant-access-settings-b2b-collaboration.md) give you granular control over how external Azure AD organizations collaborate with you (inbound access) and how your users collaborate with external Azure AD organizations (outbound access). These settings also let you trust multi-factor authentication (MFA) and device claims ([compliant claims and hybrid Azure AD joined claims](../conditional-access/howto-conditional-access-policy-compliant-device.md)) from other Azure AD organizations.
 
@@ -59,6 +56,9 @@ You can configure organization-specific settings by adding an organization and m
 
 ## Microsoft cloud settings
 
+> [!NOTE]
+> Microsoft cloud settings are preview features of Azure Active Directory. For more information about previews, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
+
 Microsoft cloud settings let you collaborate with organizations from different Microsoft Azure clouds. With Microsoft cloud settings, you can establish mutual B2B collaboration between the following clouds:
 
 - Microsoft Azure global cloud and Microsoft Azure Government

articles/active-directory/external-identities/cross-tenant-access-settings-b2b-collaboration.md

@@ -5,7 +5,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: B2B
 ms.topic: how-to
-ms.date: 05/17/2022
+ms.date: 06/30/2022
 
 ms.author: mimart
 author: msmimart
@@ -14,10 +14,7 @@ ms.custom: "it-pro"
 ms.collection: M365-identity-device-management
 ---
 
-# Configure cross-tenant access settings for B2B collaboration (Preview)
-
-> [!NOTE]
-> Cross-tenant access settings are preview features of Azure Active Directory. For more information about previews, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
+# Configure cross-tenant access settings for B2B collaboration
 
 Use External Identities cross-tenant access settings to manage how you collaborate with other Azure AD organizations through B2B collaboration. These settings determine both the level of *inbound* access users in external Azure AD organizations have to your resources, as well as the level of *outbound* access your users have to external organizations. They also let you trust multi-factor authentication (MFA) and device claims ([compliant claims and hybrid Azure AD joined claims](../conditional-access/howto-conditional-access-policy-compliant-device.md)) from other Azure AD organizations. For details and planning considerations, see [Cross-tenant access in Azure AD External Identities](cross-tenant-access-overview.md).
 
@@ -38,7 +35,7 @@ Use External Identities cross-tenant access settings to manage how you collabora
  Default cross-tenant access settings apply to all external tenants for which you haven't created organization-specific customized settings.  If you want to modify the Azure AD-provided default settings, follow these steps.
 
 1. Sign in to the [Azure portal](https://portal.azure.com) using a Global administrator or Security administrator account. Then open the **Azure Active Directory** service.
-1. Select **External Identities**, and then select **Cross-tenant access settings (Preview)**.
+1. Select **External Identities**, and then select **Cross-tenant access settings**.
 1. Select the **Default settings** tab and review the summary page.
 
    ![Screenshot showing the Cross-tenant access settings Default settings tab.](media/cross-tenant-access-settings-b2b-collaboration/cross-tenant-defaults.png)
@@ -58,7 +55,7 @@ Use External Identities cross-tenant access settings to manage how you collabora
 Follow these steps to configure customized settings for specific organizations.
 
 1. Sign in to the [Azure portal](https://portal.azure.com) using a Global administrator or Security administrator account. Then open the **Azure Active Directory** service.
-1. Select **External Identities**, and then select **Cross-tenant access settings (Preview)**.
+1. Select **External Identities**, and then select **Cross-tenant access settings**.
 1. Select **Organizational settings**.
 1. Select **Add organization**.
 1. On the **Add organization** pane, type the full domain name (or tenant ID) for the organization.
@@ -82,7 +79,7 @@ With inbound settings, you select which external users and groups will be able t
 
 1. Sign in to the [Azure portal](https://portal.azure.com) using a Global administrator or Security administrator account. Then open the **Azure Active Directory** service.
 
-1. Select **External Identities** > **Cross-tenant access settings (Preview)**.
+1. Select **External Identities** > **Cross-tenant access settings**.
 
 1. Navigate to the settings you want to modify:
    - **Default settings**: To modify default inbound settings, select the **Default settings** tab, and then under **Inbound access settings**, select **Edit inbound defaults**.
@@ -192,7 +189,7 @@ With outbound settings, you select which of your users and groups will be able t
 
 1. Sign in to the [Azure portal](https://portal.azure.com) using a Global administrator or Security administrator account. Then open the **Azure Active Directory** service.
 
-1. Select **External Identities**, and then select **Cross-tenant access settings (Preview)**.
+1. Select **External Identities**, and then select **Cross-tenant access settings**.
 
 1. Navigate to the settings you want to modify:
 
@@ -272,7 +269,7 @@ When you remove an organization from your Organizational settings, the default c
 
 1. Sign in to the [Azure portal](https://portal.azure.com) using a Global administrator or Security administrator account. Then open the **Azure Active Directory** service.
 
-1. Select **External Identities**, and then select **Cross-tenant access settings (Preview)**.
+1. Select **External Identities**, and then select **Cross-tenant access settings**.
 
 1. Select the **Organizational settings** tab.
 

articles/active-directory/external-identities/cross-tenant-access-settings-b2b-direct-connect.md

@@ -5,7 +5,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: B2B
 ms.topic: how-to
-ms.date: 03/21/2022
+ms.date: 06/30/2022
 
 ms.author: mimart
 author: msmimart
@@ -14,10 +14,7 @@ ms.custom: "it-pro"
 ms.collection: M365-identity-device-management
 ---
 
-# Configure cross-tenant access settings for B2B direct connect (Preview)
-
-> [!NOTE]
-> Cross-tenant access settings are preview features of Azure Active Directory. For more information about previews, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
+# Configure cross-tenant access settings for B2B direct connect
 
 Use cross-tenant access settings to manage how you collaborate with other Azure AD organizations through [B2B direct connect](b2b-direct-connect-overview.md). These settings let you determine the level of outbound access your users have to external organizations. They also let you control the level of inbound access that users in external Azure AD organizations will have to your internal resources.
 
@@ -44,7 +41,7 @@ Learn more about using cross-tenant access settings to [manage B2B direct connec
  Default cross-tenant access settings apply to all external tenants for which you haven't created organization-specific customized settings. If you want to modify the Azure AD-provided default settings, follow these steps.
 
 1. Sign in to the [Azure portal](https://portal.azure.com) using a Global administrator or Security administrator account. Then open the **Azure Active Directory** service.
-1. Select **External Identities**, and then select **Cross-tenant access settings (Preview)**.
+1. Select **External Identities**, and then select **Cross-tenant access settings**.
 1. Select the **Default settings** tab and review the summary page.
 
    ![Screenshot showing the Cross-tenant access settings Default settings tab](media/cross-tenant-access-settings-b2b-direct-connect/cross-tenant-defaults.png)
@@ -64,7 +61,7 @@ Learn more about using cross-tenant access settings to [manage B2B direct connec
 Follow these steps to configure customized settings for specific organizations.
 
 1. Sign in to the [Azure portal](https://portal.azure.com) using a Global administrator or Security administrator account. Then open the **Azure Active Directory** service.
-2. Select **External Identities**, and then select **Cross-tenant access settings (preview)**.
+2. Select **External Identities**, and then select **Cross-tenant access settings**.
 3. Select **Organizational settings**.
 4. Select **Add organization**.
 5. On the **Add organization** pane, type the full domain name (or tenant ID) for the organization.
@@ -88,7 +85,7 @@ With inbound settings, you select which external users and groups will be able t
 
 1. Sign in to the [Azure portal](https://portal.azure.com) using a Global administrator or Security administrator account. Then open the **Azure Active Directory** service.
 
-1. Select **External Identities**, and then select **Cross-tenant access settings (Preview)**.
+1. Select **External Identities**, and then select **Cross-tenant access settings**.
 
 1. Navigate to the settings you want to modify:
    - To modify default inbound settings, select the **Default settings** tab, and then under **Inbound access settings**, select **Edit inbound defaults**.
@@ -190,7 +187,7 @@ With outbound settings, you select which of your users and groups will be able t
 
 1. Sign in to the [Azure portal](https://portal.azure.com) using a Global administrator or Security administrator account. Then open the **Azure Active Directory** service.
 
-1. Select **External Identities** > **Cross-tenant access settings (preview)**.
+1. Select **External Identities** > **Cross-tenant access settings**.
 
 1. Navigate to the settings you want to modify:
 
@@ -266,12 +263,12 @@ When you remove an organization from your Organizational settings, the default c
 
 1. Sign in to the [Azure portal](https://portal.azure.com) using a Global administrator or Security administrator account. Then open the **Azure Active Directory** service.
 
-1. Select **External Identities**, and then select **Cross-tenant access settings (Preview)**.
+1. Select **External Identities**, and then select **Cross-tenant access settings**.
 
 1. Select the **Organizational settings** tab.
 
 1. Find the organization in the list, and then select the trash can icon on that row.
 
 ## Next steps
 
-[Configure cross-tenant access settings for B2B collaboration (Preview)](cross-tenant-access-settings-b2b-collaboration.md)
+[Configure cross-tenant access settings for B2B collaboration](cross-tenant-access-settings-b2b-collaboration.md)

articles/active-directory/external-identities/external-identities-overview.md

@@ -7,7 +7,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: B2B
 ms.topic: overview
-ms.date: 05/17/2022
+ms.date: 06/30/2022
 ms.author: mimart
 author: msmimart
 manager: celestedg
@@ -91,7 +91,7 @@ The following table gives a detailed comparison of the scenarios you can enable
 
 Azure AD B2B collaboration and B2B direct connect are features Azure AD, and they're managed in the Azure portal through the Azure Active Directory service. To control inbound and outbound collaboration, you can use a combination of *cross-tenant access settings* and *external collaboration settings*.
 
-### Cross-tenant access settings (Preview)
+### Cross-tenant access settings
 
 Cross-tenant access settings let you manage B2B collaboration and B2B direct connect with other Azure AD organizations. You can determine how other Azure AD organizations collaborate with you (inbound access), and how your users collaborate with other Azure AD organizations (outbound access). Granular controls let you determine the people, groups, and apps, both in your organization and in external Azure AD organizations, that can participate in B2B collaboration and B2B direct connect. You can also trust multi-factor authentication (MFA) and device claims (compliant claims and hybrid Azure AD joined claims) from other Azure AD organizations.
 

articles/active-directory/external-identities/faq.yml

@@ -7,7 +7,7 @@ metadata:
   ms.service: active-directory
   ms.subservice: B2B
   ms.topic: faq
-  ms.date: 05/06/2022
+  ms.date: 06/30/2022
   ms.author: mimart
   author: msmimart
   manager: celestedg
@@ -58,7 +58,13 @@ sections:
       - question: |
           What if a partner organization already has multifactor authentication set up? Can we trust their multifactor authentication?
         answer: |
-          [Cross-tenant access settings](cross-tenant-access-overview.md) (preview) let you trust multifactor authentication and device claims ([compliant claims and hybrid Azure AD joined claims](../conditional-access/howto-conditional-access-policy-compliant-device.md)) from other Azure AD organizations.
+          [Cross-tenant access settings](cross-tenant-access-overview.md) let you trust multifactor authentication and device claims ([compliant claims and hybrid Azure AD joined claims](../conditional-access/howto-conditional-access-policy-compliant-device.md)) from other Azure AD organizations.
+
+      - question: |
+          How many organizations can I add in cross-tenant access settings?
+        answer: |
+          Cross-tenant access settings are a policy in the directory that stores your settings for how you collaborate with other organizations. This policy file has a 25kb size limit and once it is maxed out, no additional organizations or changes can be made that would further increase the file size. Due to how we store the content in this policy, there is no defined limit of organizations you can add in cross-tenant access settings. If you need to apply settings to a large number of organizations, we recommend implementing those settings as your default settings. Follow the steps to [calculate the current size of your policy](troubleshoot.md#an-error-similar-to-failure-to-update-policy-due-to-object-limit-appears-while-configuring-cross-tenant-access-settings) and determine whether you are close to hitting the 25kb file size limit.
+
       - question: |
           How can I use delayed invitations?
         answer: |

articles/active-directory/external-identities/index.yml

@@ -24,15 +24,15 @@ landingContent:
             url: external-identities-overview.md
           - text: What is Azure AD B2B collaboration?
             url: what-is-b2b.md
-          - text: What is Azure AD B2B direct connect? (preview)
+          - text: What is Azure AD B2B direct connect?
             url: b2b-direct-connect-overview.md
           - text: What is Azure AD B2C (business-to-consumer) identity?
             url: ../../active-directory-b2c/overview.md
   - title: Collaborate with users outside your org (B2B collaboration)
     linkLists:
       - linkListType: concept
         links:
-          - text: Cross-tenant access settings (preview)
+          - text: Cross-tenant access settings
             url: cross-tenant-access-overview.md
           - text: B2B collaboration user properties
             url: user-properties.md