Policy
Restrict sign in to Teams to accounts in specific tenants
Microsoft Office 5532.1000
Policy overview
Key metadata and intent for this policy.
This policy setting allows you to control the accounts that can be used in Teams on managed devices running Windows. If you enable this policy setting, users will only be allowed to sign in with accounts from Azure Active Directory (Azure AD) tenants that you specify. You can enter a comma separated list of tenant IDs. The policy setting applies to all ways that the user signs in, including first and additional accounts on versions of Teams that support multiple accounts side by side. The policy setting is also enforced when users sign out and sign back in. If you disable or don't configure this policy setting, Teams will continue to allow users to sign in with work or school accounts, or personal Microsoft accounts. Important: This policy setting only restricts which users can sign in. It does not restrict the ability for users to be invited as a guest in other Azure AD tenants, or switch to tenants they were invited to. Note: This policy does not apply to Teams web app.
Registry values
How enabled and disabled states update the registry.
No explicit registry values are set for enabled or disabled states.
Policy elements
Inputs and configuration options exposed by this policy.
| Element | Type | Registry mapping | Constraints & behavior |
|---|---|---|---|
Tenant IDs: ID RestrictTeamsSignInToAccountsFromTenantList | text | HKCU\software\policies\microsoft\office\16.0\teams\restrictteamssignintoaccountsfromtenantlist Type REG_SZ | None |
Other policies in this category
Explore related policies at the same level.