Sep 16 2021 06:56 PM - edited Sep 16 2021 07:31 PM
Hi, not with that setting... you need to add the domain. But you could allow all domains and change the setting above so that only certain trusted users can invite people, then as an Admin invite that one gmail user as a guest.
Or, you could allow sharing with gmail.com domain, then create an 'Allowed Guest Users' group. Then use a Conditional Access policy:
- apply it to Guest and External Users (not the group), then under Exclude add the 'Allowed Guest Users' group.
- set action to Block
This should prevent any Guest user signing in if they have not been added to the group.
Or, you could create a Dynamic Group with rule:
(user.mail -contains "gmail")
Then set up conditional access to block that group, excluding the 'Allowed group' with the one user in it.
This should block all gmail users while allowing gmail users you add to the allowed group.
Requires testing but you should be able to achieve the goal.