Share via

Office365 Commercial to GCC High B2B issues

Dee Wilsone 0 Reputation points
2024-05-29T19:52:52.82+00:00

Hello,

I will be spare the long paragraphs and go straight bullet points.

  • One Company, 2 O365 Tenants (Commercial & GCC High)
  • Commercial tenant is configured and running for a long time, GCC High is new and was recently stood up.)
  • Created B2B collaboration relationship between the two tenants and set everything up.
    • Added organization tenant ID on both ends, checked "Multi-cloud settings for commercial and Government so communication can go from each side.
    • Trust settings>checked "trust multifactor authentication from Microsoft Entra tenants on both commercial and GCC High side.
    • Set up inbound and outbound access to allow guest access into Commercial tenant from GCC high only. (I do not wish for guest access into GCC High)
    • Under "Tenant restrictions" on Commercial side I allowed access for the specific GCC High tenant ID for users/groups and apps
    • Created conditional access for MFA for guest users for All cloud APPs.
    • In Teams Admin>Guest Access, all options are allowed on both Commercial and GCC High side
    • In Teams Admin>External Access, allow all external domains is allowed in both Commercial and GCC High.
    • In Teams Admin, Cross Cloud Meetings, added both tenant IDs to allow inbound and outbound communication.

To test out the B2B collaboration between Commercial and GCC High, I've invited a guest user from the GCC High side into Commercial tenant. Invite was received and accepted on the GCC High side. Permissions were accepted during the redemption and on the next screen when the 2FA is validated via my phone, the following in the image below I have added came up.

It tries to validate the https://login.microsoftonline.us/common/oauth2/authorize?scope....... link over and over and over and eventually fails. I also removed the email address to take the screenshot.

What could have I missed in the settings???

Screenshot 2024-05-29 144309

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
4,363 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,629 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Akshay-MSFT 17,656 Reputation points Microsoft Employee
    2024-06-03T11:53:53.1833333+00:00

    @Dee Wilsone

    Thank you for posting your query on Microsoft Q&A, from above description I could understand that you are planning to enable B2B collaboration between GCC high and a commercial tenant.

    *Please do correct me if this is not the ask by responding in the comments section.*I have been through the settings you mentioned in the query above but did not find the following.

    • Kindly validate if Microsoft cloud settings is enabled, Microsoft cloud settings allow you to collaborate with organizations from different Microsoft clouds such as:

    Microsoft Azure commercial cloud and Microsoft Azure Government

    Microsoft Azure commercial cloud and Microsoft Azure operated by 21Vianet (operated by 21Vianet)

    User's image

    If you don't have any further queries and the suggested answer is as per your business need, please "Accept the answer", This will help us and others in the community as well.

    Thanks,

    Akshay Kaushik

    0 comments