Forum Discussion

Jason Denness's avatar
Jason Denness
Brass Contributor
Jul 12, 2017

Attaching Onedrive file default permissions

Hi

 

I have a question, been looking into it and can't find a solution.

 

When our users open a new email and attach a OneDrive file the default permission is anybody in the organisation can edit.  This seems to be a bit insane to me 🙂  Is there somewhere I can change that default?

 

Also if you then discard the email the file is shared with the organisation anyway.

 

Thanks

 

Jason

  • Mike Tilson's avatar
    Mike Tilson
    Iron Contributor

    I first noticed this in Outlook on the Web in April.  I opened an Office 365 case that was not helpful at all then opened a Premier case which was not helpful either.  I was told this was the way Modern Attachments have always behaved but I disagree.  Premier support said my feature request was forwarded to the product team and that is the last information that I have received.  In May when my Office C2R bits updated to build 1704.8067.2115 Outlook started assigning default permissions as organization can edit.  The documentation here says "message recipients are automatically given permission to edit the file"  - https://support.office.com/en-us/article/Add-an-attachment-in-Outlook-Web-App-41afffaf-bb90-440d-a1ba-9a736e066947.  I also have  a screenshot of the Office365 roadmap from May that shows "modern attachments are shared by default with recipients can edit."  I hope this information helps someone else and hope this will be configurable at the tenant level in the near future.

     

    Note - When the attachment is applied "organization can edit" permissions it is actually an anonymous link rather than setting permissions on the file (won't show up in Delve).  Once the link is clicked by a user then that user shows permissions to the file.

    • Jason Denness's avatar
      Jason Denness
      Brass Contributor
      I've noticed something else now. If you attach the file to an email and change your mind and remove it or discard the email, you then have to go and manually remove those permissions. I can see chaos on the horizon.
  • I think this is still not possible for now to change default permission in attaching OneDrive file to Outlook but you could submit and add your vote in Office 365 User Voice because Microsoft might consider to include this on their future updates.

  • Paul T's avatar
    Paul T
    Copper Contributor
    So I did some testing and any one you send the file to can edit it!

    Here's what I did:

    1) Removed all Sharing from the file in OD
    2) In the file level permissions, made it read-only
    3) sent it externally

    I was able to download the file when it was received at an external email address and once downloaded, click on Enable Edit and was able them!

    Opps, not good!

    Hopefully MS fixes this.

    cheers
    Paul
  • Rick Horio's avatar
    Rick Horio
    Copper Contributor

    Hi,

     

    Is there any update on this setting as our organization also runs in to this issue.

    We don't want the Organization Can Edit setting by default, but we want "Recepient can Edit" as default.

    • Mike Tilson's avatar
      Mike Tilson
      Iron Contributor
      • Open Office 365 SharePoint admin center
      • Click sharing
      • Set the default link type to direct. 

        This will set the default permissions to recipients can edit.
      • Rick Horio's avatar
        Rick Horio
        Copper Contributor

        Hi Mike,

         

        Thank  you for your reply. I checked this but this setting is already set like you suggested.

         

Resources