 Laylo says question MS Teams external access is there any way to allow certain users to communicate with certain external domains for example users of domain a.com and domain B.com and different users allow communication with different external users for example in domain C.com and domain D.com and block access to any other external domains by default I can only block or allow external domains globally for all users in my organization yes teams external access was that clear for everybody domain a.com domain B.com domain C.com and domain D.com I think it's more about the they only want to have one or two people to be able to do it like bring in a domain but the domain for only an individual whereas it's a it's a holistic but you can just say that individual can communicate yeah I mean there's there's a few different ways of approaching this I mean there are you know private channels and shared channels channels so depending on the mix that you have depending on whether they're federated what level access those other domain accounts have but if these are you know companies that you are regularly interacting collaborating with and have like a high level of trust between organizations then you know doing the shared channel could be an option for that I think the question though is easy just talking purely communication or communication and collaboration because when you got chat chats it's an honor and off for the whole organization so if you're going I want to be able to chat and it's only these individual peoples that can chat then you know that's that's a little different than you know you can turn on and include the domain not have necessarily the chat side of things but they can collaborate and then only certain you know SharePoint teams are externally enabled for that particular group of people to be able to communicate with the external party so you got to break it down in so many different levels when it comes to well what do you mean by external communication what do you need to include and bundled up in communication collaboration and which component yeah I've certainly had this question asked quite a bit and technically in the team's admin center it is set by domain to either allow all or allow some or block you know block all so depending on what route you're wanting to go down you have those capabilities so Layla you are correct on that that is by default what you can and can't do my thought on this though is we don't block people from communicating in outlook so I guess I take the stance of let's allow if we allow people to communicate in email and we're out blocking them let's just allow the same thing in teams I'm kind of on that school of thought let's keep the ability for people to communicate open now if we start to think about okay we're worried about things like files and maybe we have some sort of governance or requirements around the risk of sharing files I would then move into things like shared channels where now that's the new capability with cross tenant access settings you can lock it down to only share with one person in that shared channel that's from another domain so I think if we start thinking about what's the harm in allowing communication I think the risk more companies are concerned with is really around files and information governance yeah yeah well there's one other scenario you think of like the the VDR the virtual data room scenarios like it like a great example is that you're you're going through a merger and acquisition so your your company is acquiring another company and maybe you have investors maybe you have the acquiring company is their investors or or directors or whatever that you have and you need to you want to be able to collaborate and you want to be able to connect but you need to keep the lanes separate for a sharing of this intellectual property and contracts and financial information you want to have technical discussions with some users at that domain but you only want to share financial information with specific users on those the domain I mean so those are things there are third-party solutions that do that it's not quite as robust with the native out-of-the-box features but if you want to have that kind of granular control because I agree Michelle with if you're going we and we saw this mistake with SharePoint in the structuring of SharePoint where we had n level and very complex permission structures and breaking inheritance inheritance and doing certain things and you know it's just use the out-of-the-box capability allow community management and trust in the community to do the right things set the guardrails in place have rules around that but then let people go and collaborate but if it's a specific scenario like this mergers and acquisition scenario I mean there are specific solutions that can do that kind of granular permission management exactly otherwise man I just I know is that you're back in the day managing SharePoint environments where I employed a contractor who did nothing but permissions management and SharePoint that was his job and every day he filled his entire day with shifting things around this was like an 1800 person organization and just that was it that's all he did it was a full-time job what an awful job I mean we just see you know they start really locking it then they're just going to send it out in another way they'll go around you to do so much that right they'll just email it out they can't do it this way they'll find another way so you actually end up with more risk than less risk frankly so right light up I'll agree and it frankly email is a threaded conversation teams is a chat-based threaded conversation so allowing for you know asynchronous communication or even synchronous if you're in teams if you're allowing that in one location I think you need to think about allowing it in all locations and not limit what people and how people are working because when we look at the different generations that are in the workforce it's leaning towards less email and more chat so if you're thinking about putting in policy you're going to really I think block people who naturally gravitate towards chat and you want to enable them right we really want to come to a place where all generations are comfortable and you give them all access and the same rules across the different products if the issue is securing the sharing of sensitive information you know you can always go in and have a non-teams-based share point site with library and have that financial information and other sensitive content within a library and lock that down to specific users and so they can share the link and those other individuals will not have access to that content they won't find it within search so there's different ways that you could do I agree I think you know maybe Lalo you need to use something other than you know allow communication like I I don't know what you mean by that but communication should be broad and open and I'm sorry I never thought you were finished half the fun of answering your question is trying to figure out what the question actually is what do you mean every time we answer them it's always the way hang on a second I have questions