CLOUD SERVICES
      Back to home
      1. Safetica
      2. MANAGEMENT: Manage your environment
      3. CLOUD SERVICES

      Users and teams synced from Microsoft 365 tenant

      Learn where the users and teams synced from your Microsoft 365 tenant appear, how they work, and how to protect them.

      To synchronize users from your Entra ID, you must first add your Microsoft 365 tenant. Learn more about it here.

       

      In this article, you will learn more about:

       

      Introduction

      Learn more about adding a Microsoft 365 tenant here.

      After your Microsoft 365 tenant is added, the syncing of users takes about 5-10 minutes.

       

      Where to find users synced from your Microsoft 365 tenant

      In the user tree

      After you add an M365 tenant, its users and security groups will become visible in the user tree under the Cloud users team. You will find there:

      • Tenant users: Users that were found in your Microsoft 365 tenant. All cloud users are listed here, even if they were present somewhere else in the user tree, so you might see duplicates.
      If a user is both in Active Directory and in Entra ID, they will remain visible in both places, and the user names will be paired.
      • External users: Users that are not part of your Microsoft 365 tenant. When such users handle files in your tenant, their actions are recorded under the External user entity. For example, file sharing, downloads, or uploads performed by external users are recorded here.
             There can be 3 types of external users:
        • Anonymous users: Unnamed users that opened an anonymous link. Safetica does not know their identity.
        • External users: Users who are not licensed in your Microsoft 365 tenant, but Safetica knows their identity (e.g., you share a file to an email address outside your tenant. The address is then verified via a link. This way, Safetica can identify the user by that email address).
        • Guest users: Users who are not licensed in your Microsoft 365 tenant, but were invited to it under their own accounts from different tenants. 

       

      In the Users section

      Tenant users will also appear in the Users section.

      Tenant security groups appear in the Users > Teams tab.

      Teams imported from Entra ID are highlighted with a blue tree icon and cannot be edited in any way (can't be removed, moved, renamed, and you can't add/remove users or child teams).

       

      How to protect and control external users

      To protect external users in general: Create a policy and apply it to the External user entity.

      Individually, you can only protect guest users: First, you must make the guest user part of your tenant by assigning them an M365 license. Then assign them a Safetica license and you can start protecting and controlling them the same as other users.

       

      Read next

      Introducing Safetica Cloud Protection

      How to add your Microsoft 365 tenant

      How to synchronize a subset of Microsoft 365 users

      Activating and deactivating Microsoft Outlook protection

      Activating and deactivating Microsoft Exchange protection

      Activating and deactivating Microsoft SharePoint protection