🎉 Our Office 365 Reporting Tool is now available in Azure Marketplace 🚀
This website uses cookies to improve your experience. We'll assume you're ok with this. Know more.
Microsoft Teams

How to Get Teams Channels with External Members Report in Microsoft 365

When your users collaborate on projects with people outside the organization, it is crucial to ensure external users are included only in the relevant Microsoft Teams channels. Without proper oversight, external members might retain access to sensitive conversations, which poses a security risk. This guide will help you to identify and track external members in your Microsoft Teams channels.

Solution 1
Solution 2
Solution 3
Solution 4
Important Tips
Errors and Resolution Steps
FAQs

Using Microsoft Teams Admin Center

Microsoft 365 Permission Required
Teams Admin Least Privilege
Global Admin Most Privilege
  • Log in to the Microsoft Teams admin center.
  • Navigate to Teams»Manage teams, select a team with guest users, and go to the Channels tab to check a specific channel for guest participation.
  • Click on each channel to identify the external user in that specific Teams channel.
Using Microsoft Teams Admin Center
  • Note: In Teams shared channels, external users are listed as Members but with the External tag.

Using PowerShell

Microsoft 365 Permission Required
Teams Admin Least Privilege
Global Admin Most Privilege
  • Connect to the Microsoft Graph PowerShell using the below cmdlet.
  • Windows PowerShell Windows PowerShell 
     Connect-MgGraph –Scopes "ChannelMember.Read.All"
  • Now, you can run the below cmdlet to get the Teams channels with external user's report using PowerShell.
  • Windows PowerShell Windows PowerShell 
     Get-MgTeamChannelMember -TeamId <TeamId> -ChannelId <ChannelId> | Where-Object { ($_.AdditionalProperties["tenantId"] -ne "<TenantId>") -or ($.Roles -contains "guest") } | Select-Object DisplayName, Roles, VisibleHistoryStartDateTime, Id
  • Before running the above command, you need to find the Team ID and Channel ID. Use the following command to retrieve these values for a specific team. Replace the <TeamDisplayName> with the desired team's name.
  • Windows PowerShell Windows PowerShell 
     $Team = Get-MgTeam -All | Where-Object { $_.DisplayName -eq "<TeamDisplayName>" }
 $TeamId = $Team.Id
 $Channels = Get-MgTeamChannel -TeamId $TeamId
Using PowerShell
  • Note: Replace <TenantId> with your own tenant ID before running the cmdlet to list all external members in Teams channels.

Using PowerShell Script

Microsoft 365 Permission Required
Teams Admin Least Privilege
Global Admin Most Privilege
  • The above PowerShell command would not be efficient as it only retrieves external members from one channel at a time.
  • To ease this process, we've created a PowerShell script that generates a comprehensive list of all Teams channels with external users.
  • The script automatically retrieves guest user details from all channels, eliminating the need to manually query each channel.
Using PowerShell Script
FindTeamChannelsWithExternalMembers.ps1
  • Note: The above script provides details such as team name, channel name, membership type, username, UPN, and user ID.
AdminDroid Teams Usage Reporter

Manage External Membership in Teams Channels with Ease!

AdminDroid’s Microsoft Teams reporting tool streamlines the discovery of external memberships in Teams channels. This tool provides detailed insights, which enables admins to easily identify guest users and monitor their access. This ensures better security and management of collaborations with external participants within Microsoft Teams.

Keep Tabs on Teams External Users in M365

Keep track of external members in Microsoft Teams to avoid unnecessary exposure of sensitive data and ensure collaboration doesn't become a security vulnerability for your organization.

Audit Teams DLP Rule Matches in Microsoft 365

Leverage AdminDroid’s Teams DLP rule matches report to track all instances of sensitive information shared by external users in Teams chats or channels to mitigate data exposure.

Monitor File Sharing Activity with Advanced Alerting

Get notified about file or folder shares by external users in Teams channels with AdminDroid's default alert policy templates to track file sharing activity and reduce security risks.

Manage Stale Guest Accounts in Microsoft Teams with Ease

Monitor inactive external users in Teams with scheduled reports sent to your inbox daily, weekly, or monthly. This allows you to get timely insights into stale guest accounts to manage them effectively.

Track Guest Additions to Teams Private Channels

Utilize AdminDroid's guests added in private channels report to monitor changes in external membership within Teams' private channels and ensure that confidential data remains accessible only to authorized users.

Complete Analysis of Teams Guest User Logins

Audit teams guest login report in AdminDroid to detect unmanaged or non-compliant devices used to access organizational resources and maintain security standards across the organization.

In conclusion, AdminDroid offers an efficient solution for Microsoft Teams management by tracking Teams channels with external memberships. This helps admins maintain control over external access, safeguard sensitive information, and uphold organizational policies.

Explore a full range of reporting options
Download Live Demo

Important Tips

Use shared channels in MS Teams to collaborate with internal and external users without adding them into the team or creating unnecessary Teams.

Secure guest sharing in M365 by enabling MFA, setting terms of use, conducting access reviews, and limiting guests to web-only access.

Configure Teams with high protection to prevent unauthorized access and ensure only specific guests can access & share sensitive content in Microsoft Teams.

Common Errors and Resolution Steps

The following are the possible errors and troubleshooting hints while retrieving guest users in Teams channels report.

Error Get-MgTeam : Missing scope permissions on the request.

This error occurs when running the 'Get-MgTeam' cmdlet in PowerShell without necessary scope permissions to perform the requested operation.

Fix Use the 'Team.ReadBasic.All' permission to connect Microsoft Graph PowerShell module before running the 'Get-MgTeam' cmdlet. 
# Run the below cmdlet to connect Microsoft Graph PowerShell with required permissions
Connect-MgGraph –Scopes Team.ReadBasic.All

Error Your account (xyz@contoso.com) doesn’t have permission to view or manage this page in the Microsoft 365 admin center.

This issue arises if the user does not have the required permissions to access the Microsoft 365 admin center.

Fix Ensure your account has been assigned an administrative role like the Global Admin or a User Admin.

Error You can't share this channel with people from this org.

This error occurs when users cannot share a Teams channel with external users due to Microsoft Entra cross-tenant access settings. This is often caused by inbound settings in your organization or outbound settings in the other organization.

Fix Ensure your inbound settings in Microsoft Entra ID allow access to external user domain and verify the other organization’s outbound settings permit sharing with your org.

Error We can't find any team members to add.

This error occurs when attempting to add external members to a team or channel, but the specified users cannot be found in the directory.

Fix To add external users to teams or private channels (excluding shared channels), ensure they are first added as guests to your organization before attempting to add them.
Microsoft Teams
Frequently Asked Questions

Manage External Users in Teams Channels to Ensure Secure Collaboration in Microsoft 365

What are the risks of enabling guest access in Microsoft Teams?
How to add external users to Teams Channels?
How to monitor chat activity between internal and external users in Teams?
What are the differences between Guest Access, External Access, and Shared Channels in Microsoft Teams?

1. What are the risks of enabling guest access in Microsoft Teams?

Granting guest user access in Microsoft Teams channels facilitates collaboration with external partners, but it also introduces security challenges. Understanding these risks is essential to ensure sensitive information remains protected.

Below are the key risks to consider when enabling guest access in Microsoft Teams:

Unauthorized Access or Data Exfiltration

Guest users could unintentionally or deliberately access sensitive company data, such as confidential files, private conversations, or project plans, shared within Teams channels. They might also copy, download, or share this information with unauthorized parties, which increases the risk of data breaches.

Increased Risk of Phishing and Malware

Guests might accidentally or maliciously send phishing links, spam, or malware, putting your organization’s network at risk. This can expose both internal users and external contacts to security threats.

Inconsistent Compliance with Internal Policies

External users might not be subject to the same internal security policies as employees, making it difficult to ensure consistent adherence to organizational standards for data protection and compliance.

Delayed Guest User Access Revocation

Revoking a guest user’s permissions promptly can be challenging when they no longer require access. Delays or oversights in removal may allow former guests to retain access to confidential data, which increases the risk of unauthorized exposure even after collaboration ends.

While guest access in Microsoft Teams can enhance collaboration, it’s essential for organizations to stay vigilant about the associated risks. By configuring appropriate security settings, restricting access to sensitive data, and continuously monitoring guest activity, organizations can minimize security vulnerabilities.

2. How to add external users to Teams Channels?

Adding external users to Teams channels and granting them access to essential resources enhances collaboration by making it more efficient and flexible. However, it’s important to limit their permissions to only what is necessary and to promptly revoke access when it is no longer needed.

Additionally, when any user is added to a team, they are automatically granted access to the general channel. However, for private and shared channels, external users must be added manually.

Add External User to Teams Private Channels

  • Log in to the Microsoft Teams admin center.
  • Navigate to Teams»Manage teams and select the team containing the private channel where you want to add the external user.
  • If the external user is not already a team member, first add them to the respective team before adding to the channel.
  • After adding the external user to the team, go to the Channels tab in the team settings.
  • Select the private channel, and then click Add.
  • Search for the external user and click Apply to add them to the private channel.

Add External User to Shared Channels in Microsoft Teams

  • Log in to the Microsoft Teams admin center.
  • Navigate to Teams»Manage teams and select the team that holds the shared channel where you intend to invite the external user.
  • In the team settings, go to the Channels tab and choose the shared channel.
  • Click Add, search for the external user, and click Apply to add them to the shared channel.

Track external members in Teams private channels with AdminDroid effectively!

  • The external members / guests in private channels report in AdminDroid provides details, such as team name, channel name, member name, member email, department, job title, country, and more.
  • It shows the external member count for each domain, which helps admins identify those with the most external users.
guest-users-in-teams-private-channels-report-admindroid

Additionally, you can use the external members in shared channels report to easily identify the external users from a specific shared channel in Teams.

3. How to monitor chat activity between internal and external users in Teams?

The external domain activity report in the Microsoft Teams admin center tracks communication with approved external domains. It provides detailed insights into 1:1 chats, group chats, and meeting chats. It includes a base version (basic domain-level insights) and a Teams Premium version (more granular details like message counts and specific users communication).

Steps to get external domain activity report in Microsoft Teams

  • Go to Analytics & reports»Usage reports in Microsoft Teams admin center.
  • Select the 'External domain activity' report from the Report drop-down.
  • Select the Date range (7, 30, or 60 days) and click on Run report to get the Microsoft Teams external domain activity report.
external-domain-activity-report-in-teams-admin-center

Monitoring external domain activity in Teams helps administrators oversee communication with external users while ensuring security, compliance, and fostering efficient collaboration in chats and meetings across the organization.

While the native methods shows the chat activity of external user, it lacks the detailed audits of external user.

Audit Teams guest activities with AdminDroid to enhance security and collaboration!

  • Monitor external user activities in Teams and channels, such as file sharing or accessing private meetings, to prevent data breaches and unauthorized access to sensitive information.
  • This report includes details such as the event time, operation performed, user involved, target resource, and more.
teams-external-user-activities-report-admindroid

4. What are the differences between Guest Access, External Access, and Shared Channels in Microsoft Teams?

Microsoft Teams supports secure collaboration with external users through three key options: Guest Access, External Access, and Shared Channels. Each serves distinct purposes, enabling businesses to communicate and collaborate efficiently while ensuring compliance and security.

Guest Access vs. External Access vs. Shared Channels in Microsoft Teams

Understanding the differences between External Access, Guest Access and Shared Channels helps admins choose the right method to enable external collaboration while maintaining security and compliance in Microsoft Teams.

guests-vs-external-access-in-shared-channels-teams

Manage external and guest access in Microsoft Teams to control collaboration with external participants. By configuring appropriate permissions, allowing or blocking specific domains, and customizing collaboration levels, you can enhance security while maintaining productivity.

Kickstart Your Journey With
AdminDroid

Your Microsoft 365 Companion with Enormous Reporting Capabilities

Download Now
Browse All Guides
User Help Manuals Compliance Docs
All Guides 99+
Microsoft Teams
How to Get Teams Channels with External Members Report in Microsoft 365
Microsoft Teams Guides 15 Guides
1Monitor Orphaned Teams in Microsoft 3652Find All Teams a M365 User is Member of3Find All Shared Channels in Microsoft Teams4List All Private Channels in Microsoft Teams 5Export a List of Teams External Users in M3656Check Microsoft Teams User Activities7Monitor MS Teams Channel Creations8Track Microsoft Teams Device Usage9List All Private Channel Members in Microsoft Teams10Audit Teams Messages Detected by DLP Rules in M36511Monitor Teams Shared Channel Membership Details12Monitor Microsoft 365 Teams Usage13Find External Users in Microsoft Teams Channels14Get Inactive Users in Microsoft Teams15List All Microsoft Teams with Shared Channels
x
Delivering Reports on Time
Delivering Reports on Time
Want a desired Microsoft 365 reports every Monday morning? Ensure automated report distribution and timely delivery with AdminDroid's Scheduling to your email anytime you need.
Delivering Reports on Time
Schedule tailored reports to execute automatically at the time you set and deliver straight to the emails you choose. In addition, you can customize report columns and add inteligent filtering to the activities just from the previous day to suit your Microsoft 365 report requirements.
Set It, Schedule It, See Results- Your Reports, Your Way, On Your Time!
Time Saving
Automation
Customization
Intelligent Filtering
Give Just the Right Access to the Right People
Give Just the Right Access to the Right People
Grant fine-tuned access to any Microsoft 365 user with AdminDroid’s Granular Delegation and meet your organization’s security and compliance requirements.
Give Just the Right Access to the Right People
Create custom roles loaded with just the right permissions and give access to admins or normal users within AdminDroid. The result? A streamlined Microsoft 365 management experience that aligns your organization's security protocols and saves your invaluable time and effort.
Align, Define, Simplify: AdminDroid's Granular Delegation
Smart Organizational Control
Effortless M365 Management
Simplified Access
Advanced Alerts at a Glance
Advanced Alerts at a Glance
Receive quick notifications for malicious Microsoft 365 activities. Engage with the AdminDroid’s real-time alert policies crafted to streamline your security investigations.
Advanced Alerts at a Glance
Stay informed of critical activities like suspicious emails and high-risk logins, bulk file sharing, etc. Through creating and validating ideal alert policies, AdminDroid provides a comprehensive approach to real-time monitoring and management of potential threats within your organization.
AdminDroid Keeps You Always Vigilant, Never Vulnerable!
Proactive Protection
Real-time Monitoring
Security Intelligence
Threat Detection
Merge the Required Data to One Place
Merge the Required Data to One Place
Combine multiple required columns into one comprehensive report and prioritize the information that matters most to you with AdminDroid’s Advanced Column Customization.
Merge the Required Data to One Place
This column merging capability offers a flexible way to add different columns from various reports and collate all the essential data in one place. Want to revisit the customized report? Save it as a 'View’, and your unique report is ready whenever you need it.
Merge with Ease and Save as Views!
Custom Reporting
Unique View
Desired Columns
Easy Data Interpretation
Insightful Charts and Exclusive Dashboards
Insightful Charts and Exclusive Dashboards
Get a quick and easy overview of your tenant's activity, identify potential problems, and take action to protect your data with AdminDroid’s Charts and Dashboards.
Insightful Charts and Exclusive Dashboards
With AdminDroid charts and dashboards, visualize your Microsoft 365 tenant in ways you've never thought possible. It's not just about viewing; it's about understanding, controlling, and transforming your Microsoft 365 environment.
Explore Your Microsoft 365 Tenant in a Whole New Way!
Executive overviews
Interactive insights
Decision-making
Data Visualization
Efficient Report Exporting for Microsoft 365
Efficient Report Exporting for Microsoft 365
Downloading your reports in the right file format shouldn’t be a hassle with AdminDroid’s Report Export. Experience seamless report exporting in various formats that cater to your needs.
Efficient Report Exporting for Microsoft 365
Navigate through diverse options and export Microsoft 365 reports flawlessly in your desired file format. Tailor your reports precisely as you need them and save them directly to your computer.
Take Control, Customize and Deliver- Your Office 365 Data, Exported in Your Way!
Easy Export
Seamless Downloading
Data Control
Manage Microsoft 365

Get AdminDroid Office 365 Reporter Now!

Free Download Live Demo