Forum Discussion

Deleted's avatar
Deleted
Apr 19, 2020
Solved

Additional document library shielded from guests?

Hi,   we're soon moving from classic sites to M365 group connected and Teams site collections. In classic we had set up the logic that internal users had a document library with unique permissions...
Document Library
groups
Permissions
Security group
  • marijnsomers's avatar
    marijnsomers
    Apr 20, 2020

    Deleted It will be a 2 step approach.. As you said, there is no way to split these out in Teams. Therefore you will need a separate location where you can add the "Everyone except external people" or just the required people.

     

    I understand you are looking for a 1 step way... but that isn't in there right now. The goal of a group is to "connect people with resources", therefore it defeats the purpose of easily doing that.  But I encourage you to take it up to UserVoice and send it in as an idea.

marijnsomers's avatar
marijnsomers
MVP
Apr 19, 2020

Deleted What I do for a number of customers is create a SharePoint security group in the SharePoint itself called "externals" or "Visitors". This security group has all the external guests in. In SharePoint, they would get read access to the site, and no access to specific document libraries.

 

So in short, the logic still applies, you just need to add that extra "visitors" group yourself.

You can create that from the "advanced permission settings".

  • Deleted's avatar
    Deleted
    Apr 20, 2020

    marijnsomers, thanks and I think I understand what you're saying. However, a visitors already exists on each modern team site with the permission level "Read", doesn't it?

     

    The problem with this is that it is not possible to manage its users through M365 groups as they only work with the owners/members logic. Whenever someone eligible from the team invites a guest in Teams it will be part of the M365 groups' members, thus of the "Members" security group of the site collection. 

     

    Can't wrap my head around how to get this to work at the moment...

    • marijnsomers's avatar
      marijnsomers
      MVP
      Apr 20, 2020

      Deleted It will be a 2 step approach.. As you said, there is no way to split these out in Teams. Therefore you will need a separate location where you can add the "Everyone except external people" or just the required people.

       

      I understand you are looking for a 1 step way... but that isn't in there right now. The goal of a group is to "connect people with resources", therefore it defeats the purpose of easily doing that.  But I encourage you to take it up to UserVoice and send it in as an idea.

Resources