EMM365 — SMB Edition
Tenant Administration User Guide
A step-by-step reference for reseller partners hosting and managing an EMM365 SMB tenant. Covers every tab under the Administration section of the application.
How to use this guide
Access Administration by clicking the Administration tab in the top navigation bar. All sections listed in this guide correspond to items in the left-hand sidebar that appears within the Administration area. Click any section heading below to expand it.
Selecting a Sponsor Domain — Whenever a Tenant Administrator accesses sponsor-specific functions (Sponsor Administrators, Domain Management, User Management, Licenses, Settings, Archived Teams, Deleted Teams, and Offboarding), a Choose a Sponsor Domain dropdown appears at the top of the screen. You must select the relevant sponsor before the tab’s content and actions become available. This applies throughout the Administration area wherever you see that dropdown.
1
Tenant Administrators
Tenant Administrators have full access to the Administration area of EMM365. Use this tab to view who currently holds the Tenant Administrator role, grant it to additional users, and remove it when no longer needed.
Tenant Administrators — list view showing all Exostar Tenant Administrators
1
Navigate to Administration → Tenant Administrators.
2
The Exostar Tenant Administrators table displays each administrator’s Email Address, Display Name, and an Action column with a Remove link.
1
Click Add Exostar Tenant Administrator (+) in the top-right corner of the table.
2
In the dialog, enter the user’s Email Address and click Add Exostar Tenant Administrator (+) to confirm.
3
A success message confirms “Tenant Administrator role successfully granted.” Click OK.
Prerequisite: The user must already have an account in the Microsoft 365 tenant before they can be granted the Tenant Administrator role. If their account does not exist, the operation will fail.
The user also needs an F1 license assigned to access the Exostar app and tenant administration capabilities.
The user also needs an F1 license assigned to access the Exostar app and tenant administration capabilities.
1
Locate the user in the Tenant Administrators table and click Remove in their row.
2
A confirmation dialog asks: “Are you sure you want to remove the user from the Tenant Administration role?”
3
Click the red Remove button to confirm, or Cancel to go back.
Do not remove yourself — ensure at least one other Tenant Administrator exists before removing your own account, or you will lose access to the Administration area.
2
Tenant Configuration
Tenant Configuration contains the core system parameters for your EMM365 tenant. Most fields are pre-populated by Exostar during setup. As a reseller/tenant admin, you will primarily use this screen to verify settings and update the purchase links and locale.
Tenant Configuration — all configurable fields and read-only identifiers
The Tenant Configuration screen displays the core system parameters for your EMM365 tenant. Most fields are pre-populated by Exostar during setup and do not require changes.
| Field | Description | Notes |
|---|---|---|
| Tenant Type | Indicates the tenancy model (e.g. Multitenant for SMB). Set by Exostar at provisioning. | Read-only |
| Service Account Email | The Microsoft 365 service account associated with this tenant. | Set by Exostar — do not change |
| Service Account ID | Unique identifier for the service account in Azure AD. | Set by Exostar — do not change |
| Invitation URL | Required by the Microsoft invitation API for redirection during the invitation process. | Set by Exostar — contact Exostar to update |
| Issuer | MAG identity issuer string used for authentication. | Set by Exostar — do not change |
| IAM SP ID / Display Name | Service Provider identifiers for MAG integration. | Set by Exostar — do not change |
| M365 Application Display Name | Name of the M365 application registered in Azure. | Set by Exostar — do not change |
| Azure B2B Members Group ID | Used for license management in enterprise tenants configured as Standard (not Multitenant). Set by Exostar at provisioning. | Set by Exostar — do not change |
| Azure B2B Guests Group ID | Azure AD group for external/guest users (Partners). | Set by Exostar — do not change |
| License Purchase Link | URL displayed when a sponsor needs to purchase additional licenses. Update to your reseller purchase page. | Reseller-managed |
| Storage Purchase Link | URL displayed when additional storage needs to be purchased. Update to your reseller purchase page. | Reseller-managed |
| Trial Purchase Link | URL for converting trial subscriptions to paid. Update to your reseller purchase page. | Reseller-managed |
| Locale | Sets the language used for automated actions that are not a result of a user action in the UI, such as sending an email when provisioning a pending user. | Reseller-managed |
| Domain Authentication Source Validation | Determines whether partner domains will be automatically or manually configured when added. When set to Automated, domains are configured to authenticate using Exostar MAG — recommended for Multitenant tenants. | Reseller-managed |
| Sensitivity Protection | Not currently supported. Leave set to Disabled. | Not supported — do not change |
| Storage Quota (GB) | Relates to a feature that is not currently supported. Must remain set to 0 and should not be changed. | Not supported — leave at 0 |
| Attachment Size Limit (MB) | Sets the maximum file size that can be sent using the Send File Externally feature. Constrained by implementation — must not exceed 25 MB. | Reseller-managed — max 25 MB |
1
Locate the field you wish to update (typically Purchase Link or Locale).
2
Click the field to make it editable.
3
Enter the new value and click Save.
4
A confirmation message indicates the update was successful.
Buy More links are hidden when purchase URLs are left blank. If the Purchase Link fields are empty, the corresponding Buy More buttons will not appear in the application.
3
Tenant Domains
Tenant Domains is a registry of all email domains associated with this tenant. Domains are added automatically when a sponsor domain or partner domain is registered — there is no general need to add them manually here. The primary purpose of this tab is to configure and verify the authentication source for each domain, as authentication is configured per domain.
Tenant Domains — list of all configured domains with Authentication Source and Sponsor status
1
Navigate to Administration → Tenant Domains.
2
The table lists all domains registered to this tenant. Columns include Tenant Domain, Display Name, Date Added, Authentication Source, Is Sponsor, and Action. Rows are not clickable — use the Edit action to configure a domain.
3
The Authentication Source shows how users from that domain authenticate: Exostar, Azure, or Pending. A status of Pending means the domain has not been configured — users cannot be invited from that domain until it is set to Exostar or Azure.
4
The Is Sponsor column indicates whether the domain belongs to a sponsor on this tenant.
Domains are added to this list automatically when a sponsor domain or partner domain is registered on the tenant. Direct manual addition here is generally not required. The main purpose of this tab is to configure and verify the authentication source per domain.
1
Locate the domain you want to configure in the Tenant Domains list.
2
Click the Edit action on the right of the row. (The row itself is not clickable.)
3
Set the Authentication Source to Exostar or Azure as appropriate. Domains must not remain in Pending status — users cannot be invited from a domain while its authentication source is Pending.
4
Save your changes.
Pending status is triggered when Tenant Configuration → Domain Authentication Source Validation is set to Manual. In that mode each domain must be manually configured after it is added. When set to Automated, domains are configured as Exostar automatically — recommended for Multitenant tenants.
Do not change the Authentication Source once users from that domain have been invited. Changing it after users have been provisioned can break their ability to authenticate.
Do not change the Authentication Source once users from that domain have been invited. Changing it after users have been provisioned can break their ability to authenticate.
4
Tenant Features
Tenant Features controls product capabilities at the tenant level. Settings here apply globally to all sponsors on the tenant — they cannot be overridden at the sponsor level. Sponsor-level features (under Sponsor Features) are separate and reflect what individual sponsors have purchased or enabled.
Tenant Features — full feature toggle list with current states
Tenant Features control product capabilities at the tenant level. These settings apply to all sponsors on the tenant and cannot be overridden at the sponsor level. Sponsor-level features (configured separately under Sponsor Features) are additive — they reflect what a specific sponsor has purchased or enabled, not an override of tenant settings.
| Feature | Description | Default |
|---|---|---|
| Email Forwarding | Ensures IAM users in GCC High receive Microsoft-initiated emails. When enabled, IAM users (partners and sponsors) are invited to the tenant as members, given an F1 license and an email account. Emails are forwarded to the user’s alternate email address. Should be enabled in GCC High; do not enable in Commercial tenants. | On |
| License Limit Enforcement | When enabled, invitation of users in excess of available licenses for the sponsor is not permitted. When disabled, user invitation is not restricted by the number of licenses available. | On |
| Storage Metrics | When enabled, storage usage is calculated and displayed on the Teams Report and License tab for each sponsor. When disabled, storage usage is not calculated or displayed. | On |
| Licensed Users Report | When enabled, the Licensed Users Report is available on the Reports tab, displaying all pending and provisioned users invited by the sponsor. When disabled, the report is not available. | On |
| Server Side Operations for Reports | When enabled, report operations such as sorting, filtering and pagination are executed on the server. Should be on by default; only disable if there is a server-side processing issue. | On |
| Storage Quotas | When enabled, sets the storage quota for each team to the default storage quota for the tenant. Tenant administrators can add storage exceptions for teams that require additional storage. When disabled, storage quotas are set per Microsoft. Not currently supported — do not enable. | Off |
| Channel Management | Allows Team Managers and Sponsor Admins to view and add themselves to private channels on their team. When enabled, the Channel Management tab is visible under Manage Teams. When disabled, the tab is hidden. | On |
| Deleted Team Management | Allows Sponsor Admins and Tenant Admins to restore teams that have been deleted. When enabled, the Deleted Teams tab is visible under Administration and teams that were soft deleted can be restored. When disabled, the tab is hidden. | On |
| User Trend Report | Allows enterprise customers to view user trends (total users, change since previous day, partner vs. sponsor, etc.). When enabled, the report is available on the Reports tab for Standard and Premium configurations. When disabled, the report is hidden. | Off |
| Active Directory to Database Sync | When enabled, user profile information stored in the custom database is updated regularly to reflect user account information in Active Directory. When disabled, user profile information in the database is not updated automatically. | On |
| Sponsor Utilization Report | Provides a summary of usage statistics for each sponsor in the tenant such as license and storage usage and availability, number of sponsor and partner users, number of teams, etc. When enabled, visible to tenant admins on the Reports tab. When disabled, hidden for all users. | On |
| Remove Partner Domains | When enabled, an action column is displayed on the Domain Management tab allowing tenant admins and sponsor admins to remove partner domains when the associated user count is 0. When disabled, the option to remove partner domains is hidden. | On |
| Site Level Special Permissions | When enabled, special permissions including the ability to restrict downloads can be applied at the site level using the Permissions tab under Manage Teams. When disabled, the Permissions tab is hidden. | On |
| Delete Sponsor Domain Data | When enabled, admins can delete all data associated to a Sponsor Domain. Should be enabled in test environments only and used after offboarding is complete to delete the sponsor domain entirely. | Off |
| Archived Team Management | When enabled, teams can be archived (e.g. soft-delete) via an Archive Team tab displayed under Manage Teams. Archived Teams can be deleted or restored on the Archived Teams tab under Administration. When disabled, these tabs are hidden and teams cannot be archived. | On |
| Display UPNs | When enabled, User Principal Name (UPN) is displayed on User Management search results and the Licensed Users Report. When disabled, UPN is not displayed in these places. | On |
| SharePoint Audit Report | When enabled, the SharePoint Audit Report appears in the Reports menu for sponsor admins and tenant admins to retrieve SharePoint audit data for a selected team. When disabled, the report is not available. | On |
| OWA Management | DO NOT ENABLE IN BAES UK Tenant. When enabled, Outlook Web Access (OWA) is disabled by default for all users. Tenant admins can grant and remove mailbox access to individual users via the OWA Management tab under Administration. Users given mailbox access require an F3 license which is granted using this process. Requires a special security group with M365 F3 license assignment. Disabling does not re-enable mailboxes. Do not enable without guidance from Exostar. | Off |
| Automatic Export | When enabled, team managers and sponsor admins can choose (via checkbox on Team Details) to have messages sent to the team’s inbox automatically exported to the team when the file drop feature is enabled. When disabled, the checkbox is hidden and messages aren’t exported automatically. | On |
| Compliance Documents | When enabled, sponsor admins can download documentation on the Compliance Documents tab to aid their compliance during audit assessments. Documents available on the Compliance Documents tab are uploaded and managed by Exostar tenant admins. When disabled, the Compliance Documents tab is hidden. | Off |
| Copy Exostar Link | When enabled, the SharePoint file ECB menu includes the option “Copy Exostar Link” which generates a link to the document with parameters appended to support Exostar authentication. When disabled, this menu item is hidden. | On |
| Block Download By Default | When enabled, sponsor admins can choose whether downloads are blocked by default for new teams and private channels using the Settings tab under Administration. If Supplier Collaboration is enabled, supplier collaboration admins can choose whether downloads are blocked by default for new supplier sites using the Settings tab under Supplier Collaboration. When disabled, the setting is not visible and downloads are not blocked by default. | On |
| Permitted Users when Download is Blocked | When enabled, the Permitted Users column is displayed on Manage Teams/Permissions and allows Team Managers and Sponsor Admins to allow exceptions for specific users who require download access when download is blocked. The column is hidden when disabled. NOTE: This feature is not designed to be turned off after it has been enabled — any exceptions previously defined will remain active even if the feature is later disabled. | On |
| Offboarding | When enabled, the Offboarding tab is displayed under Administration allowing tenant admins to perform bulk actions when offboarding a customer. NOTE: This feature is not intended for use in enterprise tenants. | On |
| Administrative Actions | When enabled, the Administrative Actions tab is displayed under Administration and allows tenant admins to perform backend operations. | Off |
| Site Permissions Report | When enabled, the Site Permissions Report appears under the Reports tab, providing sponsor admins with a holistic view of all SharePoint sites in their enclave and the associated download permissions settings for each site. When disabled, the report is hidden. | On |
| Localization | When enabled, the localization dropdown is available in the application layout to allow users to select their preferred language. | On |
| EMSD Bundle Tracking | When enabled, tenant admins can indicate that a sponsor has purchased the EMSD bundle. The EMSD Bundle checkbox is displayed on the Onboard New Customer form, Add Sponsor modal, and Edit Sponsor modal. The EMSD column is displayed on the Sponsors grid and Sponsor Utilization Report. When disabled, the EMSD Bundle checkbox and column are hidden throughout the application. ⚠ Requires Exostar’s Managed Secure Desktop application to be deployed in the tenant before enabling. | Off |
1
Navigate to Administration → Tenant Features.
2
Locate the feature you want to enable or disable.
3
Click the toggle. A confirmation dialog appears asking you to confirm the change.
4
Click Enable Feature or Disable Feature to confirm.
5
A success message confirms the change. The effect is immediate across the tenant.
5
Onboard New Customer
Use this screen to provision a new sponsor (customer organization) onto the tenant. This is the primary way reseller partners add new customers to their SMB tenant. Completing this form creates the sponsor, sets up their initial license count, and invites their first administrator.
Onboard New Customer — form showing all fields
This screen provisions a new sponsor (customer organization) onto the tenant in a single step. It creates the sponsor record, sets the initial license count, and invites the first Sponsor Administrator.
| Field | Description | Required |
|---|---|---|
| Sponsor Domain | Primary domain for the new customer (e.g. acme.com). | Required |
| Sponsor Name | Display name for the customer organization. | Required |
| Licenses Purchased | Number of user licenses to allocate. | Required |
| Sponsor Administrator Email | Email of the first admin for this sponsor. Click Lookup to resolve their Exostar account. | Required |
| Exostar Account | The specific MAG account to assign the admin role to. Appears as a dropdown if multiple accounts are found. | Conditional |
| Welcome Team Name | Name of the default team created for the sponsor. This is a starter team for the sponsor admin — no other users are automatically added to this team. | Optional |
| Features Purchased | Check boxes for features this customer has purchased (e.g. Compliant File Drop, Send Externally). | Optional |
1
Navigate to Administration → Onboard New Customer.
2
Complete all required fields. For the Sponsor Administrator Email, enter the email and click Lookup.
3
If a single Exostar account is found, it is selected automatically. If Multiple Exostar accounts found appears, an Exostar Account dropdown will appear.
4
When multiple accounts are found, review the options — each shows the MAG username, display name, and organization. Use this information to select the correct account.
5
Select the appropriate features under Features Purchased.
6
Click Submit to provision the customer. The admin will receive an invitation email.
Multiple MAG accounts: When a lookup returns multiple results, the organization name, UPN, and display name shown in the dropdown are from MAG and help identify the correct account. Take care to select the right one — confirm with the customer if unsure.
Invitation options: If you want to create the sponsor without sending an invitation now, use Skip Sponsor Admin Invitation. The invitation can be sent later from the Sponsor Administrators tab.
6
Sponsors
The Sponsors tab lists all customer organizations provisioned on your tenant. From here you can view their status, add new sponsors, edit their details, and deactivate or reactivate them.
Sponsors — list of all sponsor organisations with status, subscription type, and EMSD Bundle indicator
1
Navigate to Administration → Sponsors.
2
The table lists all sponsors provisioned on the tenant, showing Sponsor Domain, Sponsor Name, Status (Active / Inactive), and available actions.
3
Use the search or scroll to locate a specific sponsor.
1
Click Add Sponsor (+).
2
Enter the Sponsor Domain and Sponsor Name.
3
Click Add Sponsor to confirm.
4
The sponsor is created in an Active state.
Use Onboard New Customer when you also need to configure licenses and invite the first admin in a single step.
Edit Sponsor dialog — Sponsor Name and Trial Subscription are editable; Sponsor Domain is read-only
1
Locate the sponsor and click Edit in their row.
2
Update Sponsor Name and/or the Trial Subscription checkbox as needed. The Sponsor Domain cannot be modified after the sponsor is created.
3
Click Update Sponsor Domain to save, or Cancel to discard. The Deactivate Sponsor button is also available here if needed.
1
Locate the sponsor in the Sponsors list and click Edit.
2
Click the red Deactivate Sponsor button at the bottom of the Edit dialog.
3
The sponsor’s Status changes to Inactive. Features are disabled, and purchased license and storage counts are set to zero. Existing data and user access are preserved.
4
The sponsor can be reactivated at any time — see Reactivate a Sponsor below.
Deactivation vs. Offboarding: Deactivation is a soft action — it does not delete data or remove user access. For a full removal of a customer organization, use the Offboarding tab, which is the recommended approach for departing customers.
Inactive sponsors are hidden from all functions that add or modify data for a sponsor. This includes: Invitation, Create Team, Manage Teams, Sponsor Features, Sponsor Administrators, Domain Management, and Licenses.
1
Locate the inactive sponsor (Status = Inactive) and click Edit.
2
Click the Reactivate Sponsor button in the Edit dialog.
3
The sponsor’s status returns to Active. You will need to restore the appropriate license count under the Licenses tab. Note that reactivating a sponsor does not restore any teams or users — these must be recreated manually.
7
Sponsor Features
Sponsor Features configures product capabilities at the individual sponsor level. These settings reflect what a specific sponsor has purchased or enabled — they are not overrides of tenant-level settings. Tenant Features apply globally; Sponsor Features are additive for a specific customer.
Sponsor Features — Compliant File Drop and Send Files Externally toggles
Sponsor Features configure product capabilities at the individual sponsor level. These reflect what a specific customer has purchased or enabled — they are not overrides of tenant-level settings. Tenant Features apply globally to all sponsors; Sponsor Features add to that baseline for a specific customer.
| Feature | Description |
|---|---|
| Compliant File Drop | Enables File Drop for this sponsor. Requires the tenant-level File Drop feature to also be enabled. |
| Send File Externally | Enables Send File Externally for this sponsor’s Sponsor Admins and Team Managers. |
1
Select the sponsor domain from the Choose a Sponsor Domain dropdown.
2
Navigate to Administration → Sponsor Features.
3
Locate the feature and toggle it on or off.
4
Confirm the action in the dialog that appears.
5
A success message confirms the change for the selected sponsor.
Tenant-level features apply to all sponsors and cannot be overridden here. If a feature does not appear or is unavailable, check that it is enabled at the tenant level under Tenant Features.
8
User Management
User Management gives the Tenant Administrator visibility into all users across all sponsors on the tenant. You can search for users, view their provisioning status and sponsor associations, and delete them.
User Management — search result showing a user associated with multiple sponsors
1
Navigate to Administration → User Management.
2
Enter the user’s email address in the Search a User by Email Address field and click Search.
3
If found, the user’s profile appears showing: Display Name, First Name, Last Name, Email Address, User Principal Name (UPN), Teams (all teams across all sponsors), and Sponsor Admin status.
4
The Customer Domain field shows all sponsor domains the user is associated with. This field is only visible to Tenant Administrators.
Multi-sponsor users: A user can belong to multiple sponsor organizations. When this is the case, the Teams list will include teams from all their sponsors, and the Customer Domain field will list all associated domains.
1
Search for the user as described above.
1
In the user profile, click Delete User.
2
Confirm the deletion in the dialog.
Deletion scope depends on your role:
• Tenant Administrator — the user is removed from all sponsors and deleted from the tenant entirely.
• Sponsor Administrator — the user is only removed from that sponsor’s teams and data. If the user belongs to other sponsors, they remain active for those sponsors.
• Tenant Administrator — the user is removed from all sponsors and deleted from the tenant entirely.
• Sponsor Administrator — the user is only removed from that sponsor’s teams and data. If the user belongs to other sponsors, they remain active for those sponsors.
Deletion is irreversible. Ensure you have the correct user before confirming. There is no pending or deactivated state — a deleted user must be re-invited to regain access.
9
Sponsor Administrators
This tab provides a tenant-level view of all Sponsor Administrators across every customer organization. Use it to see who holds admin rights for each sponsor and to add or remove that role at the tenant level when needed.
Sponsor Administrators — active admins and pending admins list
1
Select the sponsor domain from the Choose a Sponsor Domain dropdown.
2
Navigate to Administration → Sponsor Administrators.
3
The Sponsor Administrators table lists active admins with their Email Address, Display Name, and a Remove action.
4
The Pending Sponsor Administrators table below lists users who have been invited but have not yet created an Exostar account. It shows the Email Address, Last Invitation Sent date, and an Edit action.
1
Click Add Sponsor Admin (+) in the top-right corner.
2
Enter the user’s email address in the dialog and click Add Sponsor Admin (+).
3
If the email resolves to an Exostar account, the role is granted immediately.
4
If Exostar Account Required appears, you can still proceed — the user receives an email to create an account, after which the role is granted automatically.
Multiple MAG accounts — known limitation: If the email matches more than one MAG account, the system automatically uses the first one found. There is no option to choose between them.
Recommended workaround: Invite the user to a team first (the team invitation flow allows account selection), then add them as Sponsor Administrator afterward.
Recommended workaround: Invite the user to a team first (the team invitation flow allows account selection), then add them as Sponsor Administrator afterward.
1
Locate the user in the Sponsor Administrators table and click Remove.
2
A confirmation dialog appears. Click the red Remove button to confirm, or Cancel to go back.
3
A success message confirms the role has been removed.
Removing a Sponsor Administrator only removes the admin role — it does not remove the user from the sponsor or delete their account.
10
Domain Management
Domain Management controls which external partner domains are authorized to collaborate with a specific sponsor’s teams. Users from an authorized partner domain can be invited to the sponsor’s teams; removing a domain prevents future invitations from that domain.
Domain Management — Partner Management list showing authorized partner domains
1
Select the sponsor domain from the Choose a Sponsor Domain dropdown.
2
Navigate to Administration → Domain Management.
3
The Partner Management table lists all partner domains authorized to collaborate with this sponsor. Columns include: Domain, Date Added, Status, Authentication Source, and Users (active user count from that domain).
Partner domains are added here when authorizing an external organization to collaborate in this sponsor’s teams. Once added, users from that domain can be invited to the sponsor’s teams.
1
Click Add Partner Domain (+).
2
Enter the partner’s domain (e.g. partner.com) and click Add Partner Domain (+).
3
A success dialog confirms “Partner domain added successfully.”
1
Locate the partner domain in the list and click Remove.
2
If the domain still has active users (Users > 0), a warning appears: you must delete all users from that domain first before the domain can be removed. Use the Licensed Users Report to identify them.
3
Once Users = 0, click Remove again. A confirmation dialog shows the domain name.
4
Click the red Remove button to confirm. A success dialog confirms removal.
11
Licenses
The Licenses tab is where you manage user license counts and storage allocations for each sponsor. You can view current usage, update purchased license quantities, and adjust storage as customer needs change.
Licenses — showing Total Licenses Purchased, Assigned, Available, and Storage stats
1
Select the sponsor domain from the Choose a Sponsor Domain dropdown.
2
Navigate to Administration → Licenses.
3
The screen shows Licenses Purchased, Licenses Used, and Licenses Available for the selected sponsor.
4
Storage allocation and current usage are also displayed.
1
To update the license count, click Edit Licenses.
2
Enter the new number of purchased licenses and click Save.
3
To update storage, click Edit Storage.
4
Enter the new storage amount (in GB) and click Save.
5
Changes take effect immediately. The display refreshes to show the updated values.
Ensure there are sufficient corresponding Microsoft licenses available in the tenant to support the allocation before increasing the license count. The license count in EMM365 must not exceed the number of Microsoft licenses provisioned for the tenant.
12
Deleted Teams
The Deleted Teams tab is only visible when the Deleted Team Management feature is enabled under Tenant Features. It provides a safety net — teams that have been deleted can be restored from here within 30 days of deletion.
Deleted Teams — list with Restore action and 30-day expiry indicator
1
Select the sponsor domain from the Choose a Sponsor Domain dropdown.
2
Navigate to Administration → Deleted Teams.
3
The table shows deleted teams for the selected sponsor, including Team Name, Description, Created date, Created By, Deleted date, Deleted By, and a Restore action.
4
A Download Deleted Teams button is available to export the list.
Deleted teams can only be restored within 30 days of deletion. After that window the team cannot be recovered.
1
Locate the team in the Deleted Teams list and click Restore.
2
A confirmation dialog shows the team name and notes that restoring content only — user access must be re-granted via invitation.
3
Click Restore to confirm.
4
A success dialog confirms the team has been restored.
5
Re-invite any users who need access via the team’s invitation flow.
Content only: Restoring recovers the team’s files, conversations, and channels. Team membership is not restored — all former members must be re-invited.
13
Archived Teams
The Archived Teams tab is visible when the Archived Team Management feature is enabled. Archiving a team preserves its content but removes user access. Archived teams can be restored or permanently deleted from this tab.
Archived Teams — list with Restore and Delete actions
1
Select the sponsor domain from the Choose a Sponsor Domain dropdown.
2
Navigate to Administration → Archived Teams.
3
The table shows archived teams with columns for Team Name, Description, Created, Created By, Archived date, Archived By, Storage Used, and actions for Restore and Delete.
4
A Download Archived Teams button is available to export the list.
When a team is archived, user access is removed but content is preserved. Archived teams are useful for keeping records of completed projects.
1
Locate the team in the Archived Teams list and click Restore.
2
A confirmation dialog shows the team name and notes that restoring brings content only — user access must be re-granted via invitation.
3
Click Restore to confirm.
4
A success dialog confirms the team has been restored.
5
Re-invite any users who need access via the team’s invitation flow.
Content only: Restoring recovers files and channels but does not restore membership. All former members must be re-invited.
1
Locate the team and click Delete.
2
A confirmation dialog warns that deleting the team will send it to the recycle bin. It can be restored within 30 days on the Deleted Teams tab.
3
Click the red Delete button to confirm.
4
A success dialog confirms the team has been deleted. It will now appear in the Deleted Teams tab.
Deleting an archived team sends it to Deleted Teams. It can be recovered within 30 days but is permanently unrecoverable after that window.
14
Settings
The Settings tab contains per-sponsor behavioral configuration for the EMM365 enclave. Select the sponsor domain first, then configure settings for that sponsor.
Settings — Block download by default toggle (currently On)
The Settings tab configures per-sponsor behavioral settings for the EMM365 enclave. Select the sponsor domain first, then configure settings for that sponsor.
| Setting | Description |
|---|---|
| Block download by default | When enabled, downloading is blocked by default for all newly created teams and private channels for this sponsor. The setting can be adjusted per team or private channel under Manage Teams → Permissions. |
1
Select the sponsor domain from the Choose a Sponsor Domain dropdown.
2
Navigate to Administration → Settings.
3
Locate Block download by default and toggle it On.
4
A confirmation dialog appears. Click Enable Setting to confirm.
5
A success dialog confirms “Setting enabled successfully.”
This setting only affects newly created teams and channels. Existing teams retain their current download permissions.
1
Locate Block download by default and toggle it Off.
2
A confirmation dialog appears. Click Disable Setting to confirm.
3
A success dialog confirms “Setting disabled successfully.”
15
Offboarding
The Offboarding tab is used ONLY when fully removing a customer organization from the tenant — for example, when a reseller customer does not renew. It performs bulk removal across five sequential steps. Complete them in order before deactivating the sponsor.
Offboarding — full page showing Active Teams, Sponsor Administrators, Users, Partner Domains, and Sponsor Summary sections
Offboarding is irreversible. Bulk deletions of teams, users, and partner domains cannot be undone. This feature is intended for use ONLY when offboarding a customer.
1
Select the sponsor domain from the Sponsor Domain dropdown.
2
Review the Active Teams table. The total count of active and archived teams is shown above it.
3
Click Delete All Teams. Confirm in the dialog. All teams for this sponsor are soft-deleted and will appear in the Deleted Teams tab for 30 days before permanent removal.
1
Review the Sponsor Administrators table showing each admin’s Email Address, Name, UPN, and Provisioning Status.
2
Click Remove All Sponsor Admins. Confirm in the dialog. The Sponsor Administrator role is removed from all listed users.
1
Review the Users table showing each user’s Email Address, Name, UPN, Provisioning Status, and number of Teams.
2
Click Delete All Users. Confirm in the dialog. All users for this sponsor are removed from the tenant.
1
Review the Partner Domains table showing each domain’s Date Added, Status, Authentication Source, and active user count.
2
Click Delete All Partner Domains. Confirm in the dialog.
Partner domains cannot be deleted while users from those domains still exist. Complete Step 3 (Delete All Users) before attempting this step.
1
Review the Sponsor Summary section showing the current Licenses, Storage, and Additional Features for the sponsor.
2
Once all previous steps are complete, click Deactivate Sponsor. The sponsor’s status changes to Inactive and purchased license and storage counts are set to zero.
Complete all preceding steps before deactivating the sponsor. The Sponsor Summary is provided here to allow a final review of license and storage counts before deactivation.